Meet academic and industry leaders for intimate discussions about new threats, trends and technologies. Preview new cybersecurity research ahead of international conferences. Hear from exceptional Georgia Tech students about their body of work. 

NDSS Conference Preview

"The Price of Free: Privacy Leakage in Personalized Mobile Apps"

Featuring Ren Ding, graduate teaching assistant, School of Computer ScienceRen Ding is a Ph.D. student in the School of Computer Science, College of Computing, at the Georgia Institute of Technology, where he is advised by Professor Wenke Lee. He is a member of the Georgia Tech Information Security Center, affiliated with the Institute for Information Security & Privacy. He received his B.S. from Bowdoin College in 2012, double majoring in computer science and psychology. His research interests include system security, malware analysis, and user privacy. Most recently, Ding's research focuses on malware detection and neutralization, as well as software security in terms of memory safety and defense against advanced ROP attacks.Abstract: In-app advertising is an essential part of the ecosystem of free mobile applications. On the surface, this creates a win-win situation where app developers can profit from their work without charging the users. Meanwhile, ad networks employ personalization to improve the effectiveness/profitability of their ad placement. This need for serving personalized advertisements in turn motivates ad networks to collect profile data about users. As such, “free” apps are only free in monetary terms; they come with the price of potential privacy concerns. The question is, how much data are users giving away in exchange for “free apps”? In this paper, we study how much of the user’s interest and demographic information is known to major ad networks on the mobile platform. We also study whether personalized ads can be used by the hosting apps to reconstruct some of the user information collected by the ad network. By collecting more than 200 real user profiles and the ads seen by surveyed users, we found that  in-app advertising can leak potentially sensitive user information to any app that hosts personalized ads, and ad networks’ current protection mechanisms are not sufficient for safe-guarding users’ sensitive personal information.Lunch provided. No registration necessary. Spring 2016 Schedule Jan. 15 — Opening discussion Jan. 22 — Milos Prvulovic Jan. 29 — PhD Candidate - Byoungyoung Lee Feb. 5 — NDSS Conference Preview Feb. 12 — NDSS Conference Preview Feb. 19 — NDSS Conference Preview Feb. 26 — Stephen Pair, co-founder and CEO, BitPay Mar. 4 — Frank Wang, coordinator, The Cybersecurity Factory Mar. 11 – David Formby, Xiaojing Liao Mar. 18 – TBD Mar. 25 – Spring Break Apr. 1 – TBD Apr. 8 – TBD Apr. 15 – TBD Apr. 22 – Closing sessionSponsored by MailChimp