{"id":1897,"date":"2015-09-15T14:27:25","date_gmt":"2015-09-15T12:27:25","guid":{"rendered":"http:\/\/sseblog.ec-spride.de\/?p=1897"},"modified":"2015-09-15T14:27:25","modified_gmt":"2015-09-15T12:27:25","slug":"hiccs-15","status":"publish","type":"post","link":"https:\/\/blogs.uni-paderborn.de\/sse\/2015\/09\/15\/hiccs-15\/","title":{"rendered":"What provokes Android users into revealing private information? &#8211; Paper accepted at HICCS"},"content":{"rendered":"<div class=\"twoclick_social_bookmarks_post_1897 social_share_privacy clearfix 1.6.4 locale-en_US sprite-en_US\"><\/div><div class=\"twoclick-js\"><script type=\"text\/javascript\">\/* <![CDATA[ *\/\njQuery(document).ready(function($){if($('.twoclick_social_bookmarks_post_1897')){$('.twoclick_social_bookmarks_post_1897').socialSharePrivacy({\"txt_help\":\"Wenn Sie diese Felder durch einen Klick aktivieren, werden Informationen an Facebook, Twitter, Flattr, Xing, t3n, LinkedIn, Pinterest oder Google eventuell ins Ausland \\u00fcbertragen und unter Umst\\u00e4nden auch dort gespeichert. N\\u00e4heres erfahren Sie durch einen Klick auf das <em>i<\\\/em>.\",\"settings_perma\":\"Dauerhaft aktivieren und Daten\\u00fcber-tragung zustimmen:\",\"info_link\":\"http:\\\/\\\/www.heise.de\\\/ct\\\/artikel\\\/2-Klicks-fuer-mehr-Datenschutz-1333879.html\",\"uri\":\"https:\\\/\\\/blogs.uni-paderborn.de\\\/sse\\\/2015\\\/09\\\/15\\\/hiccs-15\\\/\",\"post_id\":1897,\"post_title_referrer_track\":\"What+provokes+Android+users+into+revealing+private+information%3F+%26%238211%3B+Paper+accepted+at+HICCS\",\"display_infobox\":\"on\"});}});\n\/* ]]> *\/<\/script><\/div><p><a href=\"http:\/\/blogs.uni-paderborn.de\/sse\/files\/2015\/09\/permissionRequest1.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"318\" height=\"510\" class=\"  wp-image-1909 alignleft\" src=\"http:\/\/blogs.uni-paderborn.de\/sse\/files\/2015\/09\/permissionRequest1.jpg\" alt=\"permissionRequest\" srcset=\"https:\/\/blogs.uni-paderborn.de\/sse\/files\/2015\/09\/permissionRequest1.jpg 318w, https:\/\/blogs.uni-paderborn.de\/sse\/files\/2015\/09\/permissionRequest1-187x300.jpg 187w\" sizes=\"auto, (max-width: 318px) 100vw, 318px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>In a joined work together with Nicole Eling and Prof. Buxmann from TU Darmstadt, we published a very interesting market experiment\u00a0on users&#8217; reaction to fine-grained permission requests. This work thus explores the following research questions using a self-developed mobile application:<\/p>\n<p>&nbsp;<\/p>\n<ol>\n<li>How does the precision of an information request influence users\u2019 disclosure of personal information?<\/li>\n<li>Is this effect different for users with different security backgrounds?<\/li>\n<\/ol>\n<p><!--more--><br \/>\nThese research questions are investigated using data obtained through a smartphone app offered in Google Play. By doing so, we meet the call for measuring real behavior instead of stated willingness to disclose. This is important as users\u2019 intentions often differ from user behavior in the context of privacy.\u00a0In the paper we discuss the following hypothesis:<\/p>\n<ol>\n<li>A fine-grained permission request during runtime is less likely to be accepted than a generic permission request before installation.<\/li>\n<li>A data request containing concrete user information reduces the user\u2019s likelihood to accept it.<\/li>\n<li>Security aware users are less likely to accept data requests.<\/li>\n<li>Security awareness moderates the effect of the level of detail of the information requests on information disclosure.<\/li>\n<\/ol>\n<p><strong>Title:<\/strong> <em>Investigating Users\u2019 Reaction to Fine-Grained Data Requests: A Market Experiment<\/em><br \/>\n<strong>Abstract:<\/strong> The market for smartphone applications is steadily growing. Unfortunately, along with this growth, the number of malicious applications is increasing as well. To identify this malware, various automatic code-analysis tools have been developed. These tools are able to assess the risk associated with a specific app. However, informing users about these findings is often difficult. Currently, on Android, users decide about applications based on coarse- grained permission dialogs during installation. As these dialogs are quite abstract, many users do not read or understand them. Thus, to make the more detailed findings from security research accessible, new mechanisms for privacy communication need to be assessed. In our market experiment, we investigate how fine-grained data requests during runtime affect users\u2019 information disclosure. We find that many users reverse their decision when prompted with a fine-grained request. Additionally, an effect of security awareness and level of detail on disclosure was found.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>&nbsp; In a joined work together with Nicole Eling and Prof. Buxmann from TU Darmstadt, we published a very interesting market experiment\u00a0on users&#8217; reaction to fine-grained permission requests. This work thus explores the following research questions using a self-developed mobile &hellip; <a href=\"https:\/\/blogs.uni-paderborn.de\/sse\/2015\/09\/15\/hiccs-15\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":6581,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,1,51],"tags":[],"class_list":["post-1897","post","type-post","status-publish","format-standard","hentry","category-android","category-general","category-security-analysis"],"_links":{"self":[{"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/posts\/1897","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/users\/6581"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/comments?post=1897"}],"version-history":[{"count":0,"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/posts\/1897\/revisions"}],"wp:attachment":[{"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/media?parent=1897"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/categories?post=1897"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/tags?post=1897"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}