The paper investigates how users perceive and utilize security and privacy transparency in consumer-facing generative AI, finding that users rely on proxies like popularity and require actionable, tru…

This paper analyzes online developer discussions to identify four major security concerns—data leakage, code licensing, adversarial attacks, and insecure suggestions—associated with using generative A…

The paper demonstrates that generative AI can automate and scale highly personalized, context-aware spear-phishing attacks using only public social media data, resulting in messages that are significa…

This study empirically demonstrates that privacy exposure in mobile gaming apps is primarily driven by complex, configuration-level SDK ecosystems rather than just the permissions the app explicitly r…

The study surveyed Android developers to assess their willingness to adopt changes that mitigate device fingerprinting risks, finding that developers overwhelmingly support privacy protections even wi…

This paper investigates how Generative AI enables scalable, hyper-realistic fraud in Chinese e-commerce by fabricating product defect evidence, proposing new defense mechanisms like verifiable materia…

This paper provides the first comprehensive review of threats and defenses specifically targeting on-device AI inference, revealing a significant imbalance where certain attack types, like adversarial…

This study proposes a negotiation framework, using composite indices (RBTI and CATI), to explain how youth navigate competing privacy pressures when using smart voice assistants, finding that high usa…

The paper reverse-engineers Apple's Private Cloud Compute (PCC) implementation to independently benchmark its model and evaluate its privacy claims, addressing the lack of transparency in Apple's syst…

The paper proposes a privacy-preserving visual monitoring system that performs object detection and generates natural language alerts entirely on an edge device, ensuring GDPR compliance by never tran…

The paper introduces MyPhoneBench, a new framework that demonstrates that current phone-use agents often fail to respect user privacy, even when successfully completing simple tasks, primarily due to…

This survey proposes a proactive, lifecycle-based framework, utilizing the C5 Interaction Model, to detect emerging adversarial synthetic narratives generated by GenAI, moving beyond traditional react…

This survey proposes a proactive, lifecycle-based framework, utilizing the C5 Interaction Model, to detect emerging adversarial synthetic narratives generated by Generative AI, moving beyond tradition…

The paper proposes and evaluates DePRa, a system that democratizes privacy assessment by making everyday users active evaluators of mobile app data access, showing its potential to complement expert a…

The paper presents the Serpent attack, a practical cross-device token replay vulnerability, demonstrating that Apple Intelligence's anonymous access tokens can be stolen and reused on different device…

The study finds exploratory evidence that gender moderates how youth perceive privacy risks and benefits, influencing their protective behavior when using smart voice assistants.

This study empirically analyzed 41 mobile gaming apps, finding that while device ID disclosures were relatively consistent, location and personal information disclosures showed significant mismatches…

The paper proposes Trajectory Induced Preference Optimization (TIPO) to improve mobile GUI agent personalization by explicitly modeling and optimizing for privacy-related behavioral differences in exe…

This study empirically analyzed 1,000 Android apps, finding that privacy policies are often vague and frequently fail to align with the actual sensitive data logged by the applications.

This paper develops a differential privacy framework to analyze and optimize privacy leakage from AI agent responses that utilize sensitive enterprise data, focusing on deriving optimal generation par…