Chair of Mobile Business & Multilateral Security

Project Seminar: Privacy in smartphone ecosystems 

 

Basic Information
Type of Lecture: Seminar
Course: Master
Hours/Week: 10
Credit Points: 12
Language: English
Term: Summer 2017
Lecturers:
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

 

 

Content of the Course

Description:       

Smartphone apps provide utility to their users by providing personalized and context-sensitive services. To achieve this, smartphone platforms provide those apps with access to a multiplicity of sensitive resources on the device e.g., device information, geolocation data, and user behavior information obtained from sensors. This capability however, poses important risks in regard to user privacy, especially considering that apps do not provide an appropriate level of transparency related to sensitive information processing.

The objective of this research project is to perform an extensive analysis of the state of the art in which different methodologies will be analyzed. Novel approaches will be investigated, and evaluated, specifically those emphasizing on understanding aspects such as context of app usage and purpose and functionality of apps when assessing their privacy properties.

Each project will be implemented by a group of students and will be focused on a specific perspective of the problem. Students focusing on the technical aspects are expected to have basic skills in
programming.

The subtopics included in the project seminar are described below:
Topic 1: “Assessing privacy of smartphone apps through user comments”
This project will analyze state of the art approaches focused on assessing the security and privacy of smartphones apps using user (reviews)comments, and will develop a tool to support users in  reporting privacy related issues of apps. The developed tool should then be validated through a user study.
Topic 2: “Understanding user’s privacy risk perception” (nontechnical)
This project will investigate the behavior of users regarding their perception of privacy risks and their willingness to report anomalous privacy related behavior of apps. This project is focused on the execution of a two phase user study. The user study has already been designed, therefore, the team is expected to collect and analyze the collected data.
Topic 3: “Assessing and comparing privacy risk of smartphone apps through the analysis of metadata”
This project will investigate the most common set of permission needed by apps within a number of categories and compare them according to theirprivacy risk/friendliness declared behavior.
Topic 4: “Privacy risk indicators for smartphone apps” (nontechnical)
The important aspect of this project is to clarify the psychological influences on the privacy indicators in smartphone apps (from both the application developers' and users' point of views).
Topic 5: “Understanding user’s privacy risk perception” (nontechnical)
This project will investigate the behavior of users regarding their perception of privacy risks and their willingness to report anomalous privacy related behavior of apps. 

 

Organizational information
This project seminar consists of three administrative parts:
• The first one is the exam which covers one third of the final grade and takes place on July 5th 2017 (see Exam section of the project web page of the chair).
• The second part is producing a report of the project seminar work (one third of the final grade).
• The third part is the presentation of results, which will take place on July 13th & 14th 2017 9:00-18:00 RuW 2.202 (one third of the final grade).
Participation in all parts is required for the successful completion of the project seminar. The work is evaluated on individual basis (not in groups).
The course registration is mandatory and will take place electronically via m-chair.de (registration section of the project seminar) within the period 1st to 10th of April. The maximum number of students allowed for this project seminar is 12 and the seminar participants will be chosen by the first-come first-served principle. If the maximum number of students is exceeded, the registration system will offer a waiting list for further potential participants. Once the registration deadline has expired, all course applicants will be notified via email about their final registration status.
The course registration does not replace the examination registration, which is needed to finally get graded in this course.
Examination registration and withdrawal takes place within the period 13th to 26th of April 2017. Students will have to sign the examination registration list during the organizational Meeting (kick-off meeting).
Language: The working language of project will be English.
 

Agenda:

The first introductory presentation (kick-off) will take place on April 19th 2017 10:00-12:00 RuW room 2.202
The final presentation will take place on July 13th & 14th 2017 9:00- 18:00 RuW 2.202
 

Registration: 

Maximum participants:

12
 
Exam:

Information:

Type of Examination
• written exam of 90 minutes duration (1/3)
• presentation of the project results (1/3)
• final report: summary of the project results 50-70 pages (1/3)


Each partial requirement needs to be passed with a grade of 4.0 or better.


EXAM Information:
Date
: July 5th 2017
Time: 10:00 - 12:00