top of page

PriGen: Towards Automated Translation of Android Applications' Code to Privacy Captions

In recent years, much work has been done to automatically identify inconsistencies between Android applications and their corresponding privacy policies. These studies show that creating a privacy policy that matches with the application’s source code and maintains consistent throughout its lifecycle is not a trivial task. Inspired by the work of Jiang et al. and Lui et al., we propose a recommender system which translates permission functionalities of Android applications into a set of privacy statements which can then be inserted into privacy policies. Our approach leverages Neural Machine Translation to translate the source code into natural language privacy statements.

 

Collaborators:

  • Sai Peddinti, Senior Privacy Researcher, Google Inc., The USA

Towards a Heterogeneous IoT Privacy Architecture

Internet of Things (IoT) devices collects a massive amount of data from the users at a high rate than ever before. This increasing growth of the IoT poses a wide range of privacy and security threats to consumers. In a heterogeneous architecture with a wide range of IoT devices, identifying potential privacy risks of deploying a new IoT device is still an open research scope. It is also challenging to ensure that the privacy of individuals is protected within a heterogeneous network. In this research, we propose a privacy protection framework for the IoT called HIPA (Heterogeneous IoT Privacy Architecture), which holds two key objectives as follows: 1) Analyze the risks of a device prior to its installation, and 2) Prioritizes consumer's preferences. Our framework consists of five components. These components evaluate the consistencies and compatibility of a new device, identify the related privacy risks, update the risk level, and notify the user accordingly. Our initial analysis shows that our proposed framework can potentially help the user to analyze the risk and make the decision prior to the installation of any new IoT device.

bottom of page