Tianshi Li
Yuvraj Agarwal
Jason I. Hong
Skip Abstract Section
Skip Supplemental Material SectionAbstract
Although app developers are responsible for protecting users' privacy, this task can be very challenging. In this paper, we present Coconut, an Android Studio plugin that helps developers handle privacy requirements by engaging developers to think about privacy during the development process and providing real-time feedback on potential privacy issues. We start by presenting new findings based on a series of semi-structured interviews with Android developers, probing into the difficulties with privacy that developers face when building apps. Based on these findings, we implemented a proof-of-concept prototype of Coconut and evaluated it in a controlled lab study with 18 Android developers (including eight professional developers). Our study results suggest that apps developed with Coconut handled privacy concerns better, and the developers that used Coconut had a better understanding of their code's behavior and wrote a better privacy policy for their app. We also found that requiring developers to do a small amount of annotating work regarding their apps' personal data practices during the development process may result in a significant improvement in app privacy.
Supplemental Material
Available for Download
zip
li.zip (45.3 MB)
Supplemental movie, appendix, image and software files for, Coconut: An IDE Plugin for Developing Privacy-Friendly Apps
- 2017. Improve Your Code With Lint. Available at https://developer.android.com/studio/write/lint.html (2017/05/14). (2017).Google Scholar
- Yasemin Acar, Michael Backes, Sascha Fahl, Simson Garfinkel, Doowon Kim, Michelle L. Mazurek, and Christian Stransky. 2017. Comparing the Usability of Cryptographic APIs. In 2017 IEEE Symposium on Security and Privacy (SP). IEEE.Google Scholar
- Yasemin Acar, Michael Backes, Sascha Fahl, Doowon Kim, Michelle L. Mazurek, and Christian Stransky. 2016. You Get Where You're Looking for: The Impact of Information Sources on Code Security. In 2016 IEEE Symposium on Security and Privacy (SP). IEEE.Google ScholarCross Ref
- Yasemin Acar, Sascha Fahl, and Michelle L. Mazurek. 2016. You are Not Your Developer, Either: A Research Agenda for Usable Security and Privacy Research Beyond End Users. In 2016 IEEE Cybersecurity Development (SecDev). IEEE.Google Scholar
- Yuvraj Agarwal and Malcolm Hall. 2013. ProtectMyPrivacy. In Proceeding of the 11th annual international conference on Mobile systems, applications, and services - MobiSys '13. ACM Press. Google ScholarDigital Library
- Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel. 2013. FlowDroid. In Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation - PLDI '14. ACM Press.Google Scholar
- GSM Association. 2012. Mobile Privacy Principles, promoting consumer privacy in the mobile ecosystem. Available at http://www.gsma.com/publicpolicy/wp-content/uploads/2016/10/GSMA-Privacy-Principles.pdf (2017/05/14). (2012).Google Scholar
- Rebecca Balebako and Lorrie Cranor. 2014. Improving App Privacy: Nudging App Developers to Protect User Privacy. IEEE Security & Privacy 12, 4 (jul 2014), 55--58.Google ScholarCross Ref
- Rebecca Balebako, Abigail Marsh, Jialiu Lin, Jason Hong, and Lorrie Faith Cranor. 2014. The Privacy and Security Behaviors of Smartphone App Developers. In Proceedings 2014 Workshop on Usable Security. Internet Society.Google ScholarCross Ref
- Joel Brandt, Mira Dontcheva, Marcos Weskamp, and Scott R. Klemmer. 2010. Example-centric programming. In Proceedings of the 28th international conference on Human factors in computing systems - CHI '10. ACM Press. Google ScholarDigital Library
- W. Cheng, Qin Zhao, Bei Yu, and S. Hiroshige. 2006. TaintTrace: Efficient Flow Tracing with Dynamic Binary Rewriting. In 11th IEEE Symposium on Computers and Communications (ISCC'06). IEEE. Google ScholarDigital Library
- Erika Chin, Adrienne Porter Felt, Kate Greenwood, and David Wagner. 2011. Analyzing inter-application communication in Android. In Proceedings of the 9th international conference on Mobile systems, applications, and services - MobiSys '11. ACM Press. Google ScholarDigital Library
- Saksham Chitkara, Nishad Gothoskar, Suhas Harish, Jason I. Hong, and Yuvraj Agarwal. 2017. Does this App Really Need My Location? Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 1, 3 (sep 2017), 1--22. Google ScholarDigital Library
- Federal Trade Commission et al. 2013. Mobile privacy disclosures: Building trust through transparency. USA: Federal Trade Commission (2013).Google Scholar
- Android Official Documentation. 2017. Best Practices for Permissions and Identifiers. Available at https://developer.android.com/training/best-permissions-ids.html (2017/05/14). (2017).Google Scholar
- Android Official Documentation. 2017. Best Practices for Unique Identifiers. Available at https://developer.android.com/training/articles/user-data-ids.html (2017/05/14). (2017).Google Scholar
- William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth. 2014. TaintDroid. ACM Transactions on Computer Systems 32, 2 (jun 2014), 1--29. Google ScholarDigital Library
- Felix Fischer, Konstantin Bottinger, Huang Xiao, Christian Stransky, Yasemin Acar, Michael Backes, and Sascha Fahl. 2017. Stack Overflow Considered Harmful? The Impact of Copy&Paste on Android Application Security. In 2017 IEEE Symposium on Security and Privacy (SP). IEEE.Google ScholarCross Ref
- Alyssa Glass, Deborah L. McGuinness, and Michael Wolverton. 2008. Toward establishing trust in adaptive agents. In Proceedings of the 13th international conference on Intelligent user interfaces - IUI '08. ACM Press. Google ScholarDigital Library
- Michael I. Gordon, Deokhwan Kim, Jeff Perkins, Limei Gilham, Nguyen Nguyen, and Martin Rinard. 2015. Information-Flow Analysis of Android Applications in DroidSafe. In Proceedings 2015 Network and Distributed System Security Symposium. Internet Society.Google ScholarCross Ref
- Irit Hadar, Tomer Hasson, Oshrat Ayalon, Eran Toch, Michael Birnhack, Sofia Sherman, and Arod Balissa. 2017. Privacy by designers: software developers' privacy mindset. Empirical Software Engineering 23, 1 (apr 2017), 259--289. Google ScholarDigital Library
- Kamala D. Harris. 2013. Privacy on the go, recommendations for the mobile ecosystem. Available at https://oag.ca.gov/sites/all/files/agweb/pdfs/privacy/privacy_on_the_go.pdf (2017/05/14). (2013).Google Scholar
- David Hovemeyer and William Pugh. 2004. Finding bugs is easy. ACM SIGPLAN Notices 39, 12 (dec 2004), 92. Google ScholarDigital Library
- Luigi Lo Iacono and Peter Leo Gorski. 2017. I Do and I Understand. Not Yet True for Security APIs. So Sad. In Proceedings 2nd European Workshop on Usable Security. Internet Society.Google ScholarCross Ref
- Shubham Jain and Janne Lindqvist. 2014. Should I Protect You? Understanding Developers' Behavior to Privacy-Preserving APIs. In Proceedings 2014 Workshop on Usable Security. Internet Society.Google ScholarCross Ref
- Haojian Jin, Minyi Liu, Kevan Dodhia, Yuanchun Li, Gaurav Srivastava, Matthew Fredrikson, Yuvraj Agarwal, and Jason I. Hong. 2018. "Why are they collecting my data?": Inferring the Purposes of Network Traffic in Mobile Apps. Proc. ACM Interact. Mob. Wearable Ubiquitous Technol. (2018). Google ScholarDigital Library
- Brittany Johnson, Yoonki Song, Emerson Murphy-Hill, and Robert Bowdidge. 2013. Why don't software developers use static analysis tools to find bugs?. In 2013 35th International Conference on Software Engineering (ICSE). IEEE. Google ScholarDigital Library
- G. Karjoth and M. Schunter. {n. d.}. A privacy policy model for enterprises. In Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15. IEEE Comput. Soc. Google ScholarDigital Library
- Andrew J. Ko and Brad A. Myers. 2004. Designing the whyline. In Proceedings of the 2004 conference on Human factors in computing systems - CHI '04. ACM Press. Google ScholarDigital Library
- Li Li, Alexandre Bartel, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, and Patrick Mcdaniel. 2014. I know what leaked in your pocket: uncovering privacy leaks on Android Apps with Static Taint Analysis. arXiv preprint arXiv:1404.7431 (2014).Google Scholar
- Yuanchun Li, Fanglin Chen, Toby Jia-Jun Li, Yao Guo, Gang Huang, Matthew Fredrikson, Yuvraj Agarwal, and Jason I. Hong. 2017. PrivacyStreams. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 1, 3 (sep 2017), 1--26. Google ScholarDigital Library
- Kai-Uwe Loser and Martin Degeling. 2014. Security and Privacy as Hygiene Factors of Developer Behavior in Small and Agile Teams. In IFIP Advances in Information and Communication Technology. Springer Berlin Heidelberg, 255--265.Google Scholar
- Long Lu, Zhichun Li, Zhenyu Wu, Wenke Lee, and Guofei Jiang. 2012. CHEX. In Proceedings of the 2012 ACM conference on Computer and communications security - CCS '12. ACM Press.Google Scholar
- Stephen McCamant and Michael D Ernst. 2006. Quantitative information-flow tracking for C and related languages. (2006).Google Scholar
- James Newsome and Dawn Song. 2005. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. (2005).Google Scholar
- Duc Cuong Nguyen, Dominik Wermke, Yasemin Acar, Michael Backes, Charles Weir, and Sascha Fahl. 2017. A Stitch in Time. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security - CCS '17. ACM Press.Google ScholarDigital Library
- Damien Octeau, Patrick McDaniel, Somesh Jha, Alexandre Bartel, Eric Bodden, Jacques Klein, and Yves Le Traon. 2013. Effective inter-component communication mapping in android with epicc: An essential step towards holistic security analysis. In Proceedings of the 22nd USENIX security symposium. 543--558. Google ScholarDigital Library
- Future of Privacy Forum and the Center for Democracy & Technology. 2012. Best Practices for Mobile Application Developers. Available at https://www.cdt.org/files/pdfs/Best-Practices-Mobile-App-Developers.pdf (2017/05/14). (2012).Google Scholar
- Office of the Australian Information Commissioner. 2014. Mobile privacy: a better practice guide for mobile app developers. Available at https://www.oaic.gov.au/agencies-and-organisations/guides/guide-for-mobile-app-developers (2017/05/14). (2014).Google Scholar
- Office of the Privacy Commissioner of Canada. 2012. Seizing Opportunity: Good Privacy Practices for Developing Mobile Apps. Available at https://www.priv.gc.ca/en/privacy-topics/technology-and-privacy/mobile-devices-and-apps/gd_app_201210/ (2017/05/14). (2012).Google Scholar
- Information Commissioner's Office. 2013. Privacy in mobile apps, guidance for app developers. Available at https://ico.org.uk/media/for-organisations/documents/1596/privacy-in-mobile-apps-dp-guidance.pdf (2017/05/14). (2013).Google Scholar
- Article 29 Data Protection Working Party. 2013. Opinion 02/2013 on apps on smart devices. Available at http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2013/wp202_en.pdf (2017/05/14). (2013).Google Scholar
- Feng Qin, Cheng Wang, Zhenmin Li, Ho seop Kim, Yuanyuan Zhou, and Youfeng Wu. 2006. LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks. In 2006 39th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO'06). IEEE. Google ScholarDigital Library
- Caitlin Sadowski, Jeffrey van Gogh, Ciera Jaspan, Emma Soderberg, and Collin Winter. 2015. Tricorder: Building a Program Analysis Ecosystem. In 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering. IEEE. Google ScholarDigital Library
- Shayak Sen, Saikat Guha, Anupam Datta, Sriram K. Rajamani, Janice Tsai, and Jeannette M. Wing. 2014. Bootstrapping Privacy Compliance in Big Data Systems. In 2014 IEEE Symposium on Security and Privacy. IEEE. Google ScholarDigital Library
- Swapneel Sheth, Gail Kaiser, and Walid Maalej. 2014. Us and them: a study of privacy requirements across north america, asia, and europe. In Proceedings of the 36th International Conference on Software Engineering - ICSE 2014. ACM Press. Google ScholarDigital Library
- Just-in Smith, Brittany Johnson, Emerson Murphy-Hill, Bill Chu, and Heather Richter Lipford. 2015. Questions developers ask while diagnosing potential security vulnerabilities with static analysis. In Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering - ESEC/FSE 2015. ACM Press. Google ScholarDigital Library
- Sooel Son, Kathryn S. McKinley, and Vitaly Shmatikov. 2011. RoleCast. ACM SIGPLAN Notices 46, 10 (oct 2011), 1069. Google ScholarDigital Library
- National Telecommunications and Information Administration. 2013. Short Form Notice Code of Conduct to Promote Transparency in Mobile App Practices. Available at https://www.ntia.doc.gov/files/ntia/publications/july_25_code_draft.pdf (2017/05/14). (2013).Google Scholar
- Tyler W. Thomas, Madiha Tabassum, Bill Chu, and Heather Lipford. 2018. Security During Application Development. In Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems - CHI '18. ACM Press. Google ScholarDigital Library
- Chamila Wijayarathna, Nalin A. G. Arachchilage, and Jill Slay. 2017. A Generic Cognitive Dimensions Questionnaire to Evaluate the Usability of Security APIs. In Human Aspects of Information Security, Privacy and Trust. Springer International Publishing, 160--173.Google Scholar
- Jim Witschey, Olga Zielinska, Allaire Welk, Emerson Murphy-Hill, Chris Mayhorn, and Thomas Zimmermann. 2015. Quantifying developers' adoption of security tools. In Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering - ESEC/FSE 2015. ACM Press. Google ScholarDigital Library
- Shundan Xiao, Jim Witschey, and Emerson Murphy-Hill. 2014. Social influences on secure development tool adoption. In Proceedings of the 17th ACM conference on Computer supported cooperative work & social computing - CSCW '14. ACM Press. Google ScholarDigital Library
- Jing Xie, Heather Lipford, and Bei-Tseng Chu. 2012. Evaluating interactive support for secure programming. In Proceedings of the 2012 ACM annual conference on Human Factors in Computing Systems - CHI '12. ACM Press. Google ScholarDigital Library
- Jing Xie, H. R. Lipford, and Bill Chu. 2011. Why do programmers make security errors?. In 2011 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC). IEEE.Google Scholar
- Jean Yang, Travis Hance, Thomas H. Austin, Armando Solar-Lezama, Cormac Flanagan, and Stephen Chong. 2016. Precise, dynamic information flow for database-backed applications. ACM SIGPLAN Notices 51, 6 (jun 2016), 631--647. Google ScholarDigital Library
- Jean Yang, Kuat Yessenov, and Armando Solar-Lezama. 2012. A language for automatically enforcing privacy policies. ACM SIGPLAN Notices 47, 1 (jan 2012), 85. Google ScholarDigital Library
- Jinyan Zang, Krysta Dummit, James Graves, Paul Lisker, and Latanya Sweeney. 2015. Who knows what about me? A survey of behind the scenes personal data sharing to third parties by mobile apps. Technology Science 30 (2015).Google Scholar
Index Terms
- Coconut: An IDE Plugin for Developing Privacy-Friendly Apps
Recommendations
Honeysuckle: Annotation-Guided Code Generation of In-App Privacy Notices
In-app privacy notices can help smartphone users make informed privacy decisions. However, they are rarely used in real-world apps, since developers often lack the knowledge, time, and resources to design and implement them well. We present Honeysuckle, ...
Understanding the relationship between quality and security: a large-scale analysis of Android applications
SEAD '18: Proceedings of the 1st International Workshop on Security Awareness from Design to DeploymentAndroid applications (apps) are not immune to the problems which also plague conventional software including security vulnerabilities, quality defects, permission misuse, and numerous other issues. Many developers even intentionally create vulnerable or ...
Coach: classification-based architectural patterns detection in Android apps
SAC '21: Proceedings of the 36th Annual ACM Symposium on Applied ComputingMobile applications (apps) have become a key feature of modern life, and as such, are expected to be high-quality software products. App developers thus have to consider and apply best practices and design recommendations such as architectural patterns. ...
Comments