Apps are rife with privacy compliance issues, and here’s some evidence
A team of researchers from Carnegie Mellon University and Fordham University recently created the Mobile App Privacy System (MAPS), a tool that uses natural language processing, machine learning, and code analysis to identify potential privacy compliance issues by inspecting apps’ privacy policies and code.
- Applications of security and privacy
CyLab researchers aren’t only studying the fundamental principles of security privacy, they are applying those principles to real world applications. From the safety of autonomous vehicles to the integrity of elections, CyLab researchers are working to make the world around us — the apps we use on a daily basis, the energy supplied to our homes, our workplaces — one in which technology can be trusted.
Biometrics—characteristics about a person unique to them and no one else, such as their fingerprint, their iris, or features in their face—are becoming an increasingly popular method of authenticating a person’s identity.
At the heart of cryptography is creating trust. Strong, robust cryptography allows us to shop online, manage personal finances, and communicate with one another without worrying about criminals stealing our information.
Experts around the world have touted blockchain technology as the next big technological revolution, with the potential to create trust where trust didn’t exist before, allowing people and organizations to transact in ways they never thought was possible. CyLab researchers are working on helping make sure this hype turns into a reality.
- Formal methods
Software today comes with few, if any, security guarantees. Traditionally, software vendors become aware of vulnerabilities after an attack occurs and then issue a patch that fixes that particular attack. Formal methods may be the key to guaranteeing security from the start.
- Hardware security
Just as software can have exploitable flaws and vulnerabilities, hardware carries similar risks, but with one major setback: while software can be can be patched for millions of users with a click of a button, fixing hardware vulnerabilities requires manual labor and time.
- Internet of Things
The number of Internet of Things (IoT) connected devices worldwide is expected to surpass 50 billion by 2023. IoT growth currently outpaces the security and privacy of those devices, introducing new vulnerabilities into homes and offices across the globe. CyLab researchers are working on solutions not only to secure IoT devices of the future, but to make the devices that are already deployed safer.
- Machine learning and AI
As the world of “big data” gradually becomes a world of “bigger data,” CyLab researchers are focused on advancing research in machine learning and artificial intelligence (AI), in which computers can “learn” trends from massive collections of data.
- Measurement and analysis
Half the battle in security and privacy research is often developing the right tools to measure and analyze — whether that’s accurately measuring human behaviors online, analyzing and quantifying the risk associated with certain data sharing practices, or measuring the economy of anonymous online marketplaces, among other examples. CyLab researchers are working towards developing these measurement and analysis tools to help identify the status of products or services, and where the problems are that need to be addressed.
- Network security
As the number of connected devices continues to grow, the security of the networks that connect them all becomes even more important. In many cases, adversaries are able to gain access to any number of devices through an unsecured network.
As a growing number of connected devices are introduced to the world with a goal of improving our quality of life, they also pose a risk of collecting sensitive information about ourselves and invading our privacy.
- Software security
At the heart of countless cyberattacks is a single flaw in the code making up a piece of software. CyLab researchers are advancing the methods in which software bugs are found and fixed in a variety of ways.
- Systems security
Many researchers in CyLab are focusing on the security of systems — any systems ranging from the components that make up an autonomous vehicle to the various sectors that make up the energy grid — which requires placing security protocols on different, non-homogeneous parts that must still be able to communicate and work together efficiently and effectively.