Overview
Explore an advanced permission mechanism for Android called SmarPer in this IEEE conference talk. Learn how contextual information and machine learning methods can be used to predict runtime permission decisions, addressing limitations in current mobile platform permission systems. Discover the implementation of SmarPer and its data collection campaign involving 8,521 runtime permission decisions from 41 participants. Examine the effectiveness of a Bayesian linear regression model in achieving an 80% correct classification rate, representing a significant improvement over static permission policies. Investigate the concept of data obfuscation as an alternative to binary allow/deny decisions, offering users a balance between privacy and utility. Gain insights into the potential for automating permission management in smartphones based on real-world permission decision patterns.
Syllabus
Intro
Current Permission Systems - Limitations Starti policies
Smart Permissions (SmarPer): General Design
Data Collection Campaign
Data Collection Results - Users
Permissions Decisions Change Over Time
ML Analysis
Error Measure
Type of Errors Considered
ML Performance Evaluation
Automating Permission Decisions
Summary
Taught by
IEEE Symposium on Security and Privacy