text-only page produced automatically by Usablenet Assistive Skip all navigation and go to page content Skip top navigation and go to directorate navigation Skip top navigation and go to page navigation
National Science Foundation
Awards
design element
Search Awards
Recent Awards
Presidential and Honorary Awards
About Awards
Grant Policy Manual
Grant General Conditions
Cooperative Agreement Conditions
Special Conditions
Federal Demonstration Partnership
Policy Office Website



Award Abstract #1314688

TWC SBE: Medium: Collaborative: User-Centric Risk Communication and Control on Mobile Devices

NSF Org: CNS
Division Of Computer and Network Systems
divider line
Initial Amendment Date: August 14, 2013
divider line
Latest Amendment Date: August 14, 2013
divider line
Award Number: 1314688
divider line
Award Instrument: Standard Grant
divider line
Program Manager: Sylvia J. Spengler
CNS Division Of Computer and Network Systems
CSE Direct For Computer & Info Scie & Enginr
divider line
Start Date: September 1, 2013
divider line
End Date: August 31, 2017 (Estimated)
divider line
Awarded Amount to Date: $838,219.00
divider line
Investigator(s): Ninghui Li ninghui@cs.purdue.edu (Principal Investigator)
Robert Proctor (Co-Principal Investigator)
Luo Si (Co-Principal Investigator)
divider line
Sponsor: Purdue University
Young Hall
West Lafayette, IN 47907-2114 (765)494-1055
divider line
NSF Program(s): Secure &Trustworthy Cyberspace
divider line
Program Reference Code(s): 7434, 7924
divider line
Program Element Code(s): 8060

ABSTRACT

Risk communication is an important part of many cyber security mechanisms. Android's current risk communication mechanism is based on security warnings and has been demonstrated to be ineffective because users become habituated to ignore such warnings and tend to consent to all prompts. This multi-disciplinary research project aims at developing holistic solutions to usable risk communication and control for the Android platform.

This project investigates an approach that presents risk information at multiple granularities, including a high-level numerical risk summary, an intermediate-level summary of risk for different dimensions, and detailed risk information. The high-level risk summary is computed by information integration techniques, using information discovered from multiple sources, e.g., user reviews and app source code. This summary enables proactive risk communication (e.g., when the user searches for apps) so that users can take this information into the decision process.

This project also introduces a multi-mode approach that, in addition to communicating risks, also controls risks in the sense of discouraging risky applications and ensuring that users truly understand the risks. The project develops mechanisms that aggregate, communicate, and control risks incurred by apps at runtime, and ways to personalize risk integration, communicate, and control techniques to accommodate differences among users.

This project is expected to advance the state of the art in principles and techniques to risk communication and control, and has the potential to impact the Android app ecosystem by collaboration with Google researchers.


PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH

Note:  When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).

Some links on this page may take you to non-federal websites. Their policies may differ from this site.


Chris S. Gates, Jing Chen, Ninghui Li, Robert W. Proctor. "Effective Risk Communication for Android Apps," IEEE Transactions on Dependable and Secure Computing, v.11, 2014, p. 252-265.

Cen Lei, Chris S. Gates, Luo Si, Ninghui Li. "A Probabilistic Discriminative Model for Android Malware Detection with Decompiled Source Code," IEEE Transactions on Dependable and Secure Computing, v.11, 2014. 

Jing Chen, Christopher S. Gates, Ninghui Li, Robert W. Proctor. "Influence of Risk/Safety Information Framing on Android App-Installation Decisions," Journal of Cognitive Engineering and Decision Making, v.9, 2015, p. 149-168. 

Robert W. Proctor & Jing Chen. "The Role of Human Factors/Ergonomics in the Science of Security: Decision Making and Action Selection in Cyberspace.," Human Factors, 2015. 

 

Please report errors in award information by writing to: awardsearch@nsf.gov.

 

 

Print this page
Back to Top of page
  FUNDING   AWARDS   DISCOVERIES   NEWS   PUBLICATIONS   STATISTICS   ABOUT NSF   FASTLANE  
Research.gov  |  USA.gov  |  National Science Board  |  Recovery Act  |  Budget and Performance  |  Annual Financial Report
Web Policies and Important Links  |  Privacy  |  FOIA  |  NO FEAR Act  |  Inspector General  |  Webmaster Contact  |  Site Map
National Science Foundation Logo
The National Science Foundation, 4201 Wilson Boulevard, Arlington, Virginia 22230, USA
Tel: (703) 292-5111, FIRS: (800) 877-8339 | TDD: (800) 281-8749
  Text Only Version