The paper proposes a privacy-by-design pipeline for Android malware detection that achieves strong performance by avoiding the collection of sensitive user data entirely.

The study surveyed Android developers to assess their willingness to adopt changes that mitigate device fingerprinting risks, finding that developers overwhelmingly support privacy protections even wi…

The paper addresses the lack of independent measurement tools for modern mobile communication by designing and implementing open-source platforms to study cellular radio networks, operator services, a…

Ember is a serverless, peer-to-peer messaging system that provides end-to-end encrypted communication over a decentralized IPv6 mesh network while enforcing strict data minimization.

This study empirically analyzed 1,000 Android apps, finding that privacy policies are often vague and frequently fail to align with the actual sensitive data logged by the applications.

The paper introduces MyPhoneBench, a new framework that demonstrates that current phone-use agents often fail to respect user privacy, even when successfully completing simple tasks, primarily due to…

The paper analyzes Android's permission system and finds that two legacy mechanisms—permission groups and normal-level custom permissions—allow apps to silently gain excessive permissions and expose s…

This paper provides a large-scale characterization of Telegram bots, revealing that while they serve useful functions like crowdsourcing, they are also extensively used for malicious activities such a…

The paper reverse-engineers Apple's Private Cloud Compute (PCC) implementation to independently benchmark its model and evaluate its privacy claims, addressing the lack of transparency in Apple's syst…

PrivacyAssist is a multi-agent LLM framework that detects inconsistencies between user-granted app permissions and the app's actual data collection practices, finding that most apps are not fully tran…

WOOTdroid is a novel, non-invasive system for comprehensive on-device tracing on stock Android that simultaneously addresses syscall data loss and the semantic gap in Binder IPC events.

This study empirically demonstrates that privacy exposure in mobile gaming apps is primarily driven by complex, configuration-level SDK ecosystems rather than just the permissions the app explicitly r…

This study empirically analyzed 41 mobile gaming apps, finding that while device ID disclosures were relatively consistent, location and personal information disclosures showed significant mismatches…

This study analyzes a large dataset of mobile messaging scams from Reddit, finding that rapidly growing reply-based scams are poorly detected by current off-the-shelf tools, necessitating the developm…

The paper introduces a static analysis pipeline using graph kernels to automatically attribute unknown Android proxy malware to specific commercial proxy networks with high accuracy.

ShieldShare is a novel, non-root Android application that enables secure, VPN-backed hotspot sharing with accurate per-user traffic accounting, addressing limitations in current mobile VPN implementat…

The authors reverse-engineered and fuzz-tested the undocumented Apple Remote Invocation (ARI) interface, revealing a significant, untested Remote Code Execution (RCE) attack surface on iOS.

This paper evaluates the Crypto Agility Maturity Model (CAMM) and finds that it suffers from ambiguities, lack of operationalization, and structural flaws, proposing concrete improvements for reliable…

This paper provides the first comprehensive study of cryptographic API misuse detection in Go, evaluating four state-of-the-art tools and discovering 7,473 instances of cryptographic API misuses acros…

This paper provides a comparative analysis and benchmarking of Secure Multi-Party Computation (SMPC) and Fully Homomorphic Encryption (FHE) for machine learning, finding that the optimal choice depend…