Meet academic and industry leaders for intimate discussions about new threats, trends and technologies. Preview new cybersecurity research ahead of international conferences. Hear from exceptional Georgia Tech students about their body of work.

NDSS Conference Preview

"The Price of Free: Privacy Leakage in Personalized Mobile Apps"

Featuring Ren Ding, graduate teaching assistant, School of Computer Science

Ren Ding is a Ph.D. student in the School of Computer Science, College of Computing, at the Georgia Institute of Technology, where he is advised by Professor Wenke Lee. He is a member of the Georgia Tech Information Security Center, affiliated with the Institute for Information Security & Privacy. He received his B.S. from Bowdoin College in 2012, double majoring in computer science and psychology. His research interests include system security, malware analysis, and user privacy. Most recently, Ding's research focuses on malware detection and neutralization, as well as software security in terms of memory safety and defense against advanced ROP attacks.

Abstract: In-app advertising is an essential part of the ecosystem of free mobile applications. On the surface, this creates a win-win situation where app developers can profit from their work without charging the users. Meanwhile, ad networks employ personalization to improve the effectiveness/profitability of their ad placement. This need for serving personalized advertisements in turn motivates ad networks to collect profile data about users. As such, “free” apps are only free in monetary terms; they come with the price of potential privacy concerns. The question is, how much data are users giving away in exchange for “free apps”? In this paper, we study how much of the user’s interest and demographic information is known to major ad networks on the mobile platform. We also study whether personalized ads can be used by the hosting apps to reconstruct some of the user information collected by the ad network. By collecting more than 200 real user profiles and the ads seen by surveyed users, we found that  in-app advertising can leak potentially sensitive user information to any app that hosts personalized ads, and ad networks’ current protection mechanisms are not sufficient for safe-guarding users’ sensitive personal information.

Lunch provided. No registration necessary.

Spring 2016 Schedule
Jan. 15 — Opening discussion
Jan. 22 — Milos Prvulovic
Jan. 29 — PhD Candidate - Byoungyoung Lee
Feb. 5 — NDSS Conference Preview
Feb. 12 — NDSS Conference Preview
Feb. 19 — NDSS Conference Preview
Feb. 26 — Stephen Pair, co-founder and CEO, BitPay
Mar. 4 — Frank Wang, coordinator, The Cybersecurity Factory
Mar. 11 – David Formby, Xiaojing Liao
Mar. 18 – TBD
Mar. 25 – Spring Break
Apr. 1 – TBD
Apr. 8 – TBD
Apr. 15 – TBD
Apr. 22 – Closing session

Sponsored by MailChimp