{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,14]],"date-time":"2026-05-14T01:16:36Z","timestamp":1778721396541,"version":"3.51.4"},"reference-count":78,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2018,12,27]],"date-time":"2018-12-27T00:00:00Z","timestamp":1545868800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["Proc. ACM Interact. Mob. Wearable Ubiquitous Technol."],"published-print":{"date-parts":[[2018,12,27]]},"abstract":"<jats:p>Many smartphone apps collect potentially sensitive personal data and send it to cloud servers. However, most mobile users have a poor understanding of why their data is being collected. We present MobiPurpose, a novel technique that can take a network request made by an Android app and then classify the data collection purposes, as one step towards making it possible to explain to non-experts the data disclosure contexts. Our purpose inference works by leveraging two observations: 1) developer naming conventions (e.g., URL paths) of ten offer hints as to data collection purposes, and 2) external knowledge, such as app metadata and information about the domain name, are meaningful cues that can be used to infer the behavior of different traffic requests. MobiPurpose parses each traffic request body into key-value pairs, and infers the data type and data collection purpose of each key-value pair using a combination of supervised learning and text pattern bootstrapping. We evaluated MobiPurpose's effectiveness using a dataset cross-labeled by ten human experts. Our results show that MobiPurpose can predict the data collection purpose with an average precision of 84% (among 19 unique categories).<\/jats:p>","DOI":"10.1145\/3287051","type":"journal-article","created":{"date-parts":[[2018,12,27]],"date-time":"2018-12-27T19:28:03Z","timestamp":1545938883000},"page":"1-27","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":40,"title":["Why Are They Collecting My Data?"],"prefix":"10.1145","volume":"2","author":[{"given":"Haojian","family":"Jin","sequence":"first","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Minyi","family":"Liu","sequence":"additional","affiliation":[{"name":"Tsinghua University, Haidian Qu, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kevan","family":"Dodhia","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yuanchun","family":"Li","sequence":"additional","affiliation":[{"name":"Peking University, Haidian Qu, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Gaurav","family":"Srivastava","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Matthew","family":"Fredrikson","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yuvraj","family":"Agarwal","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jason I.","family":"Hong","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2018,12,27]]},"reference":[{"key":"e_1_2_2_1_1","unstructured":"42matters. 2018. Google Play Categories. https:\/\/42matters.com\/docs\/app-market-data\/android\/apps\/google-play-categories. (2018). (Accessed on 02\/11\/2018).  42matters. 2018. Google Play Categories. https:\/\/42matters.com\/docs\/app-market-data\/android\/apps\/google-play-categories. (2018). (Accessed on 02\/11\/2018)."},{"key":"e_1_2_2_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/2462456.2464460"},{"key":"e_1_2_2_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/336597.336644"},{"key":"e_1_2_2_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/3214262"},{"key":"e_1_2_2_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382222"},{"key":"e_1_2_2_6_1","unstructured":"Nick Babich. 2016. Mobile App UX Design: Making a Great First Impression. https:\/\/uxplanet.org\/mobile-app-ux-design-making-a-great-first-impression-bed2805b967d. (2016). (Accessed on 10\/23\/2018).  Nick Babich. 2016. Mobile App UX Design: Making a Great First Impression. https:\/\/uxplanet.org\/mobile-app-ux-design-making-a-great-first-impression-bed2805b967d. (2016). (Accessed on 10\/23\/2018)."},{"key":"e_1_2_2_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1864349.1864381"},{"key":"e_1_2_2_8_1","unstructured":"Packet Capture. 2017. Packet Capture - Android Apps on Google Play. https:\/\/play.google.com\/store\/apps\/details?id=app.greyshirts.sslcapture&hl=en. (2017). (Accessed on 11\/10\/2017).  Packet Capture. 2017. Packet Capture - Android Apps on Google Play. https:\/\/play.google.com\/store\/apps\/details?id=app.greyshirts.sslcapture&hl=en. (2017). (Accessed on 11\/10\/2017)."},{"key":"e_1_2_2_9_1","volume-title":"International Conference on Financial Cryptography and Data Security. Springer, 231--249","author":"Carter Patrick","year":"2016","unstructured":"Patrick Carter , Collin Mulliner , Martina Lindorfer , William Robertson , and Engin Kirda . 2016 . CuriousDroid: automated user interface interaction for android application analysis sandboxes . In International Conference on Financial Cryptography and Data Security. Springer, 231--249 . Patrick Carter, Collin Mulliner, Martina Lindorfer, William Robertson, and Engin Kirda. 2016. CuriousDroid: automated user interface interaction for android application analysis sandboxes. In International Conference on Financial Cryptography and Data Security. Springer, 231--249."},{"key":"e_1_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2766498.2766507"},{"key":"e_1_2_2_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/3132029"},{"key":"e_1_2_2_12_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23465"},{"key":"e_1_2_2_13_1","doi-asserted-by":"publisher","DOI":"10.1515\/popets-2015-0007"},{"key":"e_1_2_2_14_1","unstructured":"VIP Defense. 2017. VIP Defense - a privacy and anonymity keeping company. http:\/\/www.vipdefense.com\/. (2017). (Accessed on 11\/08\/2017).  VIP Defense. 2017. VIP Defense - a privacy and anonymity keeping company. http:\/\/www.vipdefense.com\/. (2017). (Accessed on 11\/08\/2017)."},{"key":"e_1_2_2_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3126594.3126651"},{"key":"e_1_2_2_16_1","volume-title":"Tutorial: Reverse Engineering a Private API. https:\/\/www.toptal.com\/back-end\/reverse-engineering-the-private-api-hacking-your-couch.","author":"Derkach Nikolay","year":"2017","unstructured":"Nikolay Derkach . 2017 . Tutorial: Reverse Engineering a Private API. https:\/\/www.toptal.com\/back-end\/reverse-engineering-the-private-api-hacking-your-couch. (2017). ( Accessed on 11\/04\/2017). Nikolay Derkach. 2017. Tutorial: Reverse Engineering a Private API. https:\/\/www.toptal.com\/back-end\/reverse-engineering-the-private-api-hacking-your-couch. (2017). (Accessed on 11\/04\/2017)."},{"key":"e_1_2_2_17_1","volume-title":"URL: https:\/\/github.com\/androguard\/androguard","author":"Desnos Anthony","year":"2011","unstructured":"Anthony Desnos and others. 2011. Androguard. URL: https:\/\/github.com\/androguard\/androguard ( 2011 ). Anthony Desnos and others. 2011. Androguard. URL: https:\/\/github.com\/androguard\/androguard (2011)."},{"key":"e_1_2_2_18_1","unstructured":"Apple Developer. 2018. Expected App Behaviors. https:\/\/developer.apple.com\/library\/content\/documentation\/iPhone\/Conceptual\/iPhoneOSProgrammingGuide\/ExpectedAppBehaviors\/ExpectedAppBehaviors.html. (2018). (Accessed on 01\/31\/2018).  Apple Developer. 2018. Expected App Behaviors. https:\/\/developer.apple.com\/library\/content\/documentation\/iPhone\/Conceptual\/iPhoneOSProgrammingGuide\/ExpectedAppBehaviors\/ExpectedAppBehaviors.html. (2018). (Accessed on 01\/31\/2018)."},{"key":"e_1_2_2_19_1","unstructured":"Android Developers. 2017. Advertising ID. http:\/\/www.androiddocs.com\/google\/play-services\/id.html. (2017). (Accessed on 12\/30\/2017).  Android Developers. 2017. Advertising ID. http:\/\/www.androiddocs.com\/google\/play-services\/id.html. (2017). (Accessed on 12\/30\/2017)."},{"key":"e_1_2_2_20_1","unstructured":"Android Developers. 2017. Requesting Permissions. https:\/\/developer.android.com\/guide\/topics\/permissions\/requesting.html. (2017). (Accessed on 11\/10\/2017).  Android Developers. 2017. Requesting Permissions. https:\/\/developer.android.com\/guide\/topics\/permissions\/requesting.html. (2017). (Accessed on 11\/10\/2017)."},{"key":"e_1_2_2_21_1","unstructured":"Android Developers. 2017. UUID. https:\/\/developer.android.com\/reference\/java\/util\/UUID.html. (2017). (Accessed on 12\/30\/2017).  Android Developers. 2017. UUID. https:\/\/developer.android.com\/reference\/java\/util\/UUID.html. (2017). (Accessed on 12\/30\/2017)."},{"key":"e_1_2_2_22_1","unstructured":"Android Developers. 2018. Best Practices for Unique Identifiers. https:\/\/developer.android.com\/training\/articles\/user-data-ids.html. (2018). (Accessed on 02\/14\/2018).  Android Developers. 2018. Best Practices for Unique Identifiers. https:\/\/developer.android.com\/training\/articles\/user-data-ids.html. (2018). (Accessed on 02\/14\/2018)."},{"key":"e_1_2_2_23_1","volume-title":"NDSS 2011, 18th Annual Network and Distributed System Security Symposium","author":"Egele Manuel","year":"2011","unstructured":"Manuel Egele , Christopher Kruegel , Engin Kirda , and Giovanni Vigna . 2011 . PiOS: Detecting privacy leaks in iOS applications . In NDSS 2011, 18th Annual Network and Distributed System Security Symposium , 6-9 February 2011, San Diego, CA, USA. San Diego, UNITED STATES. http:\/\/www.eurecom.fr\/publication\/3282 Manuel Egele, Christopher Kruegel, Engin Kirda, and Giovanni Vigna. 2011. PiOS: Detecting privacy leaks in iOS applications. In NDSS 2011, 18th Annual Network and Distributed System Security Symposium, 6-9 February 2011, San Diego, CA, USA. San Diego, UNITED STATES. http:\/\/www.eurecom.fr\/publication\/3282"},{"key":"e_1_2_2_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2619091"},{"key":"e_1_2_2_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/1879141.1879176"},{"key":"e_1_2_2_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2335356.2335360"},{"key":"e_1_2_2_27_1","unstructured":"Forcepoint. 2017. Forcepoint | Human-centric Cybersecurity. https:\/\/www.forcepoint.com\/. (2017). (Accessed on 11\/08\/2017).  Forcepoint. 2017. Forcepoint | Human-centric Cybersecurity. https:\/\/www.forcepoint.com\/. (2017). (Accessed on 11\/08\/2017)."},{"key":"e_1_2_2_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2568225.2568276"},{"key":"e_1_2_2_29_1","unstructured":"Seungyeop Han Jaeyeon Jung and David Wetherall. 2012. A study of third-party tracking by mobile apps in the wild. (2012).  Seungyeop Han Jaeyeon Jung and David Wetherall. 2012. A study of third-party tracking by mobile apps in the wild. (2012)."},{"key":"e_1_2_2_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/990064.990087"},{"key":"e_1_2_2_31_1","volume-title":"Consumer data privacy in a networked world: A framework for protecting privacy and promoting innovation in the global digital economy","author":"House White","year":"2012","unstructured":"White House . 2012. Consumer data privacy in a networked world: A framework for protecting privacy and promoting innovation in the global digital economy . White House , Washington, DC ( 2012 ), 1--62. White House. 2012. Consumer data privacy in a networked world: A framework for protecting privacy and promoting innovation in the global digital economy. White House, Washington, DC (2012), 1--62."},{"key":"e_1_2_2_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/2380116.2380120"},{"key":"e_1_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/2628363.2628373"},{"key":"e_1_2_2_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455806"},{"key":"e_1_2_2_35_1","unstructured":"Kaggle. 2018. Test Leakage | Wiki. https:\/\/www.kaggle.com\/wiki\/Leakage. (2018). (Accessed on 02\/15\/2018).  Kaggle. 2018. Test Leakage | Wiki. https:\/\/www.kaggle.com\/wiki\/Leakage. (2018). (Accessed on 02\/15\/2018)."},{"key":"e_1_2_2_36_1","volume-title":"Privacygrade: Grading the privacy of smartphone apps","author":"Lab CMU CHIMPS","year":"2017","unstructured":"CMU CHIMPS Lab . 2017 . Privacygrade: Grading the privacy of smartphone apps . http:\/\/privacygrade.org\/. (2017). CMU CHIMPS Lab. 2017. Privacygrade: Grading the privacy of smartphone apps. http:\/\/privacygrade.org\/. (2017)."},{"key":"e_1_2_2_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/2787394.2787396"},{"key":"e_1_2_2_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/3287056"},{"key":"e_1_2_2_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3025453.3025483"},{"key":"e_1_2_2_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3210240.3210339"},{"key":"e_1_2_2_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE-C.2017.8"},{"key":"e_1_2_2_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/2639108.2639131"},{"key":"e_1_2_2_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/2370216.2370290"},{"key":"e_1_2_2_44_1","volume-title":"Hong","author":"Lin Jialiu","year":"2014","unstructured":"Jialiu Lin , Bin Liu , Norman Sadeh , and Jason I . Hong . 2014 . Modeling Users' Mobile App Privacy Preferences: Restoring Usability in a Sea of Permission Settings . (2014), 199--212. Jialiu Lin, Bin Liu, Norman Sadeh, and Jason I. Hong. 2014. Modeling Users' Mobile App Privacy Preferences: Restoring Usability in a Sea of Permission Settings. (2014), 199--212."},{"key":"e_1_2_2_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/2817946.2817947"},{"key":"e_1_2_2_46_1","unstructured":"Sina Madani. 2013. Development and Evaluation of an Ontology-Based Quality Metrics Extraction System. (2013).  Sina Madani. 2013. Development and Evaluation of an Ontology-Based Quality Metrics Extraction System. (2013)."},{"key":"e_1_2_2_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/3029806.3029819"},{"key":"e_1_2_2_48_1","doi-asserted-by":"publisher","DOI":"10.1080\/01972243.2016.1153012"},{"key":"e_1_2_2_49_1","unstructured":"Mike Masnick. 2018. Court Says Scraping Websites And Creating Fake Profiles Can Be Protected By The First Amendment | Techdirt. https:\/\/www.techdirt.com\/articles\/20180401\/22565539541\/court-says-scraping-websites-creating-fake-profiles-can-be-protected-first-amendment.shtml. (2018). (Accessed on 10\/24\/2018).  Mike Masnick. 2018. Court Says Scraping Websites And Creating Fake Profiles Can Be Protected By The First Amendment | Techdirt. https:\/\/www.techdirt.com\/articles\/20180401\/22565539541\/court-says-scraping-websites-creating-fake-profiles-can-be-protected-first-amendment.shtml. (2018). (Accessed on 10\/24\/2018)."},{"key":"e_1_2_2_50_1","first-page":"1124","article-title":"Query snowball: a co-occurrence-based approach to multi-document summarization for question answering","volume":"7","author":"Morita Hajime","year":"2012","unstructured":"Hajime Morita , Tetsuya Sakai , and Manabu Okumura . 2012 . Query snowball: a co-occurrence-based approach to multi-document summarization for question answering . Information and Media Technologies 7 , 3 (2012), 1124 -- 1129 . Hajime Morita, Tetsuya Sakai, and Manabu Okumura. 2012. Query snowball: a co-occurrence-based approach to multi-document summarization for question answering. Information and Media Technologies 7, 3 (2012), 1124--1129.","journal-title":"Information and Media Technologies"},{"key":"e_1_2_2_51_1","unstructured":"Rob Neuhaus. 2018. rrenaud\/Gibberish-Detector: A small program to detect gibberish using a Markov Chain. https:\/\/github.com\/rrenaud\/Gibberish-Detector. (2018). (Accessed on 01\/15\/2018).  Rob Neuhaus. 2018. rrenaud\/Gibberish-Detector: A small program to detect gibberish using a Markov Chain. https:\/\/github.com\/rrenaud\/Gibberish-Detector. (2018). (Accessed on 01\/15\/2018)."},{"key":"e_1_2_2_52_1","volume-title":"Dangerous Terms: A User's Guide to EULAs | Electronic Frontier Foundation. https:\/\/www.eff.org\/wp\/dangerous-terms-users-guide-eulas.","author":"Newitz Annalee","year":"2005","unstructured":"Annalee Newitz . 2005 . Dangerous Terms: A User's Guide to EULAs | Electronic Frontier Foundation. https:\/\/www.eff.org\/wp\/dangerous-terms-users-guide-eulas. (2005). ( Accessed on 10\/24\/2018). Annalee Newitz. 2005. Dangerous Terms: A User's Guide to EULAs | Electronic Frontier Foundation. https:\/\/www.eff.org\/wp\/dangerous-terms-users-guide-eulas. (2005). (Accessed on 10\/24\/2018)."},{"key":"e_1_2_2_53_1","first-page":"119","article-title":"Privacy as contextual integrity","volume":"79","author":"Nissenbaum Helen","year":"2004","unstructured":"Helen Nissenbaum . 2004 . Privacy as contextual integrity . Wash. L. Rev. 79 (2004), 119 . Helen Nissenbaum. 2004. Privacy as contextual integrity. Wash. L. Rev. 79 (2004), 119.","journal-title":"Wash. L. Rev."},{"key":"e_1_2_2_54_1","volume-title":"Privacy in context: Technology, policy, and the integrity of social life","author":"Nissenbaum Helen","unstructured":"Helen Nissenbaum . 2009. Privacy in context: Technology, policy, and the integrity of social life . Stanford University Press . Helen Nissenbaum. 2009. Privacy in context: Technology, policy, and the integrity of social life. Stanford University Press."},{"key":"e_1_2_2_55_1","unstructured":"Peter Norvig. 2009. Natural language corpus data. (2009).  Peter Norvig. 2009. Natural language corpus data. (2009)."},{"key":"e_1_2_2_56_1","unstructured":"Jeff Pan. 2017. Reverse Engineering the AirBNB API. https:\/\/medium.com\/switchcm\/reverse-engineering-the-airbnb-api-c0f5cb609b. (2017). (Accessed on 11\/04\/2017).  Jeff Pan. 2017. Reverse Engineering the AirBNB API. https:\/\/medium.com\/switchcm\/reverse-engineering-the-airbnb-api-c0f5cb609b. (2017). (Accessed on 11\/04\/2017)."},{"key":"e_1_2_2_57_1","unstructured":"Rahul Pandita Xusheng Xiao Wei Yang William Enck and Tao Xie. WHYPER: Towards Automating Risk Assessment of Mobile Applications.  Rahul Pandita Xusheng Xiao Wei Yang William Enck and Tao Xie. WHYPER: Towards Automating Risk Assessment of Mobile Applications."},{"key":"e_1_2_2_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660287"},{"key":"e_1_2_2_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/2435349.2435379"},{"key":"e_1_2_2_60_1","doi-asserted-by":"crossref","unstructured":"Abbas Razaghpanah Rishab Nithyanand Narseo Vallina-Rodriguez Srikanth Sundaresan Mark Allman Christian Kreibich and Phillipa Gill. 2018. Apps Trackers Privacy and Regulators: A Global Study of the Mobile Tracking Ecosystem. (2018).  Abbas Razaghpanah Rishab Nithyanand Narseo Vallina-Rodriguez Srikanth Sundaresan Mark Allman Christian Kreibich and Phillipa Gill. 2018. Apps Trackers Privacy and Regulators: A Global Study of the Mobile Tracking Ecosystem. (2018).","DOI":"10.14722\/ndss.2018.23353"},{"key":"e_1_2_2_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/2906388.2906392"},{"key":"e_1_2_2_62_1","unstructured":"Irwin Reyes Primal Wiesekera Abbas Razaghpanah Joel Reardon Narseo Vallina-Rodriguez Serge Egelman and Christian Kreibich. 2017. \"Is Our Children's Apps Learning?\" Automatically Detecting COPPA Violations. (2017).  Irwin Reyes Primal Wiesekera Abbas Razaghpanah Joel Reardon Narseo Vallina-Rodriguez Serge Egelman and Christian Kreibich. 2017. \"Is Our Children's Apps Learning?\" Automatically Detecting COPPA Violations. (2017)."},{"key":"e_1_2_2_63_1","volume-title":"Infographic: How to Solve the Online Registration Challenge | Janrain. https:\/\/www.janrain.com\/blog\/infographic-how-solve-online-registration-challenge.","author":"Rolka Luke","year":"2012","unstructured":"Luke Rolka . 2012 . Infographic: How to Solve the Online Registration Challenge | Janrain. https:\/\/www.janrain.com\/blog\/infographic-how-solve-online-registration-challenge. (2012). ( Accessed on 10\/23\/2018). Luke Rolka. 2012. Infographic: How to Solve the Online Registration Challenge | Janrain. https:\/\/www.janrain.com\/blog\/infographic-how-solve-online-registration-challenge. (2012). (Accessed on 10\/23\/2018)."},{"key":"e_1_2_2_64_1","unstructured":"Objective Development Software. 2017. Little Snitch 4: Makes the invisible visible! https:\/\/www.obdev.at\/products\/littlesnitch\/index.html. (2017). (Accessed on 07\/28\/2017).  Objective Development Software. 2017. Little Snitch 4: Makes the invisible visible! https:\/\/www.obdev.at\/products\/littlesnitch\/index.html. (2017). (Accessed on 07\/28\/2017)."},{"key":"e_1_2_2_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/2808117.2808120"},{"key":"e_1_2_2_66_1","volume-title":"Matt Fredrikson, Jason Hong, and Yuvraj Agarwal.","author":"Srivastava Gaurav","year":"2017","unstructured":"Gaurav Srivastava , Saksham Chitkara , Kevin Ku , Swarup Kumar Sahoo , Matt Fredrikson, Jason Hong, and Yuvraj Agarwal. 2017 . PrivacyProxy: Leveraging Crowdsourcing and In Situ Traffic Analysis to Detect and Mitigate Information Leakage . arXiv preprint arXiv:1708.06384 (2017). Gaurav Srivastava, Saksham Chitkara, Kevin Ku, Swarup Kumar Sahoo, Matt Fredrikson, Jason Hong, and Yuvraj Agarwal. 2017. PrivacyProxy: Leveraging Crowdsourcing and In Situ Traffic Analysis to Detect and Mitigate Information Leakage. arXiv preprint arXiv:1708.06384 (2017)."},{"key":"e_1_2_2_67_1","unstructured":"Android Studio. 2018. UI\/Application Exerciser Monkey. https:\/\/developer.android.com\/studio\/test\/monkey.html. (2018). (Accessed on 02\/02\/2018).  Android Studio. 2018. UI\/Application Exerciser Monkey. https:\/\/developer.android.com\/studio\/test\/monkey.html. (2018). (Accessed on 02\/02\/2018)."},{"key":"e_1_2_2_68_1","doi-asserted-by":"publisher","DOI":"10.1145\/2556288.2557400"},{"key":"e_1_2_2_69_1","volume-title":"EULA Template and Generator - Free and for","year":"2018","unstructured":"template.com. 2018. EULA Template and Generator - Free and for 2018 . https:\/\/eulatemplate.com\/. (2018). ( Accessed on 10\/24\/2018). template.com. 2018. EULA Template and Generator - Free and for 2018. https:\/\/eulatemplate.com\/. (2018). (Accessed on 10\/24\/2018)."},{"key":"e_1_2_2_70_1","doi-asserted-by":"publisher","DOI":"10.1145\/3025453.3025556"},{"key":"e_1_2_2_71_1","doi-asserted-by":"publisher","DOI":"10.1145\/2750858.2805833"},{"key":"e_1_2_2_72_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSE.2014.132"},{"key":"e_1_2_2_73_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660357"},{"key":"e_1_2_2_74_1","unstructured":"Ryan Welton. 2018. Fuzion24\/JustTrustMe: An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning. https:\/\/github.com\/Fuzion24\/JustTrustMe. (2018). (Accessed on 02\/11\/2018).  Ryan Welton. 2018. Fuzion24\/JustTrustMe: An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning. https:\/\/github.com\/Fuzion24\/JustTrustMe. (2018). (Accessed on 02\/11\/2018)."},{"key":"e_1_2_2_75_1","unstructured":"Wikipedia. 2018. Card sorting - Wikipedia. https:\/\/en.wikipedia.org\/wiki\/Card_sorting. (2018). (Accessed on 08\/15\/2018).  Wikipedia. 2018. Card sorting - Wikipedia. https:\/\/en.wikipedia.org\/wiki\/Card_sorting. (2018). (Accessed on 08\/15\/2018)."},{"key":"e_1_2_2_76_1","unstructured":"Wireshark. 2017. Wireshark \u00b7 Go Deep. https:\/\/www.wireshark.org\/. (2017). (Accessed on 08\/28\/2017).  Wireshark. 2017. Wireshark \u00b7 Go Deep. https:\/\/www.wireshark.org\/. (2017). (Accessed on 08\/28\/2017)."},{"key":"e_1_2_2_77_1","volume-title":"Who knows what about me? A survey of behind the scenes personal data sharing to third parties by mobile apps. Technology Science 30","author":"Zang Jinyan","year":"2015","unstructured":"Jinyan Zang , Krysta Dummit , James Graves , Paul Lisker , and Latanya Sweeney . 2015. Who knows what about me? A survey of behind the scenes personal data sharing to third parties by mobile apps. Technology Science 30 ( 2015 ). Jinyan Zang, Krysta Dummit, James Graves, Paul Lisker, and Latanya Sweeney. 2015. Who knows what about me? A survey of behind the scenes personal data sharing to third parties by mobile apps. Technology Science 30 (2015)."},{"key":"e_1_2_2_78_1","doi-asserted-by":"publisher","DOI":"10.1109\/SPW.2012.15"}],"container-title":["Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3287051","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3287051","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T01:02:08Z","timestamp":1750208528000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3287051"}},"subtitle":["Inferring the Purposes of Network Traffic in Mobile Apps"],"short-title":[],"issued":{"date-parts":[[2018,12,27]]},"references-count":78,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2018,12,27]]}},"alternative-id":["10.1145\/3287051"],"URL":"https:\/\/doi.org\/10.1145\/3287051","relation":{},"ISSN":["2474-9567"],"issn-type":[{"value":"2474-9567","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,12,27]]},"assertion":[{"value":"2018-02-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2018-10-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2018-12-27","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}