Conference
Essential or Excessive? MINDAEXT: Measuring Data Minimization Practices among Browser Extensions
| العنوان: | Essential or Excessive? MINDAEXT: Measuring Data Minimization Practices among Browser Extensions |
|---|---|
| المؤلفون: | Ling, Y, Hao, Y, Wang, Y, Wang, K, Bai, G, Dong, JS |
| بيانات النشر: | IEEE |
| سنة النشر: | 2024 |
| المجموعة: | Griffith University: Griffith Research Online |
| جغرافية الموضوع: | Rovaniemi, Finland |
| Time: | 2024-03-12 to 2024-03-15 |
| الوصف: | Since browser extensions are prevailingly executed in the background to enable extra functionalities and enhance the user experience for web browsers, the potential over-collection of personal data beyond the necessity for given purposes is always ignored by ordinary users. Existing privacy regulations, such as the principle of Data Minimization in GDPR, have provided the criteria that only directly relevant and necessary data for specified purposes should be collected. Various tools have made efforts to examine the compliance of data minimization and its equivalent in different application domains. To our knowledge, in the area of browser extensions, there is still a gap between the general data minimization principle and precisely defined extension behaviors. We propose MINDAExT, a framework that takes one step further to automatically examine end-to-end data minimization practices in browser extensions by description text analysis and hybrid program analysis techniques. In our large-scale measurement, covering around 200K extensions collected in October 2023, we find that 38.0 % of extensions are likely to collect private user data outside their essential functionality scopes. They are distributed across all categories, exhibiting distinct patterns of the target data types. Our evaluation shows that MINDAEXT can detect the data over-collection with a precision of 74.3 %. |
| نوع الوثيقة: | conference object |
| اللغة: | English |
| ردمك: | 979-83-503-3066-3 |
| تدمد: | 2640-7574 |
| Relation: | 2024 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER); Ling, Y; Hao, Y; Wang, Y; Wang, K; Bai, G; Dong, JS, Essential or Excessive? MINDAEXT: Measuring Data Minimization Practices among Browser Extensions, 2024 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 2024, pp. 964-975; https://hdl.handle.net/10072/432042 |
| DOI: | 10.1109/SANER60148.2024.00104 |
| الاتاحة: | https://hdl.handle.net/10072/432042 https://doi.org/10.1109/SANER60148.2024.00104 |
| Rights: | open access |
| رقم الانضمام: | edsbas.887CBF49 |
| قاعدة البيانات: | BASE |
| ردمك: | 9798350330663 |
|---|---|
| تدمد: | 26407574 |
| DOI: | 10.1109/SANER60148.2024.00104 |