Big4PaperList

A curated list of Security Big4 papers for Privacy, Mobile Security and Access Control.

Upcoming conferences

• USENIX Security'23 (AUG 9–11, 2023)
• ACM CCS'23 ( NOV 26-30, 2023)
• NDSS'24 (Feb 26–Mar 1, 2024)
• Oakland'24 (MAY 20-23, 2024)

Privacy

Privacy Policy & Code Behavior

• Towards Automated Regulation Analysis for Effective Privacy Compliance(NDSS’24)[paper]
• Automated Expansion of Privacy Data Taxonomy for Compliant Data Breach Notification(NDSS’25)[paper]
• VPVet: Vetting Privacy Policies of Virtual Reality Apps(CCS’24)[paper]
• Are We Getting Well-informed? An In-depth Study of Runtime Privacy Notice Practice in Mobile Apps(CCS’24)[paper]
• PolicyChecker: Analyzing the GDPR Completeness of Mobile Apps' Privacy PoliciesCCS’23
• Automated Large-Scale Analysis of Cookie Notice Compliance(Security’24)[paper]
• POLICYCOMP: Counterpart Comparison of Privacy Policies Uncovers Overbroad Personal Data Collection Practices(Security'23)[paper]
• Lalaine: Measuring and Characterizing Non-Compliance of Apple Privacy Labels(Security'23)[paper]
• The OK Is Not Enough: A Large Scale Study of Consent Dialogs in Smartphone Applications(Security'23)[paper]
• CHKPLUG: Checking GDPR Compliance of WordPress Plugins via Cross-language Code Property Graph (NDSS'23)[paper]
• Detection of Inconsistencies in Privacy Practices of Browser Extensions(Oakland'23)[paper]
• Do Opt-Outs Really Opt Me Out?(CCS'22)[paper]
• Freely Given Consent?: Studying Consent Notice of Third-Party Tracking and Its Violations of GDPR in Android Apps(CCS'22)[paper]
• An Audit of Facebook's Political Ad Policy Enforcement(Security'22)[paper] [slides]
• SkillDetective: Automated Policy-Violation Detection of Voice Assistant Applications in the Wild(Security'22)[paper] [slides]
• Scraping Sticky Leftovers: App User Information Left on Servers After Account Deletion(Oakland'22)[paper]
• Consistency Analysis of Data-Usage Purposes in Mobile Apps(CCS'21)[paper]

Privacy Policy Generation

• RuleKeeper: GDPR-Aware Personal Data Compliance for Web Frameworks(Oakland'23)[paper]
• PrivGuard: Privacy Regulation Compliance Made Easier(Security'22)[paper]
• PrivacyFlash Pro: Automating Privacy Policy Generation for Mobile Apps(NDSS'21)[paper]

Privacy Leakage & Detection

• Leaking the Privacy of Groups and More: Understanding Privacy Risks of Cross-App Content Sharing in Mobile Ecosystem(NDSS’24)[paper]
• Withdrawing is believing? Detecting Inconsistencies Between Withdrawal Choices and Third-party Data Collections in Mobile Apps(Oakland’24)[paper]
• Measuring Compliance Implications of Third-party Libraries’ Privacy Label Disclosure Guidelines(CCS’24)[paper]
• CookieGraph: Understanding and Detecting First-Party Tracking CookiesCCS’23
• Can Virtual Reality Protect Users from Keystroke Inference Attacks?(Security’24)[paper]
• Exploring Covert Third-party Identifiers through External Storage in the Android New Era(Security’24)[paper]
• Security and Privacy Analysis of Samsung's Crowd-Sourced Bluetooth Location Tracking System(Security’24)[paper]
• Collect Responsibly But Deliver Arbitrarily?: A Study on Cross-User Privacy Leakage in Mobile Apps(CCS'22)[paper]
• Cart-ology: Intercepting Targeted Advertising via Ad Network Identity Entanglement(CCS'22)[paper]
• Electronic Monitoring Smartphone Apps: An Analysis of Risks from Technical, Human-Centered, and Legal Perspectives(Security'22)[paper] [slides]
• FOAP: Fine-Grained Open-World Android App Fingerprinting(Security'22)[paper] [slides]
• Awakening the Web's Sleeper Agents: Misusing Service Workers for Privacy Leakage(NDSS'21)[paper]
• All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers(NDSS'21)[paper]

Privacy Enhancement

• AirGapAgent: Protecting Privacy-Conscious Conversational Agents(CCS’24)[paper]
• Automated Cookie Notice Analysis and Enforcement(Security'23)[paper]
• Automating Cookie Consent and GDPR Violation Detection(Security'22)[paper] [slides]
• HARPO: Learning to Subvert Online Behavioral Advertising(NDSS'22)[paper]
• PriSEC: A Privacy Settings Enforcement Controller(Security'21)[paper] [slides]
• Detecting Filter List Evasion with Event-Loop-Turn Granularity JavaScript Signatures(Oakland'21)[paper]

Privacy in IOT

• Are You Spying on Me? Large-Scale Analysis on IoT Data Exposure through Companion Apps(Security'23)[paper]
• "It's up to the Consumer to be Smart": Understanding the Security and Privacy Attitudes of Smart Home Users on Reddit(Oakland'23)[paper]
• Protected or Porous: A Comparative Analysis of Threat Detection Capability of IoT Safeguards(Oakland'23)[paper]
• Smart Home Privacy Policies Demystified: A Study of Availability, Content, and Coverage(Security'22)[paper]
• Peekaboo: A Hub-Based Approach to Enable Transparency in Data Processing within Smart Homes(Oakland'22)[paper]
• PFirewall: Semantics-Aware Customizable Data Flow Control for Smart Home Privacy Protection(NDSS'21)[paper]
• Hey Alexa, is this Skill Safe?: Taking a Closer Look at the Alexa Skill Ecosystem(NDSS'21)[paper]

Measurement / User Study

• Transparency or Information Overload? Evaluating Users’ Comprehension and Perceptions of the iOS App Privacy Report(NDSS’25)[paper]
• Targeted and Troublesome: Tracking and Advertising on Children’s Websites(Oakland’24)[paper]
• SoK: Technical Implementation and Human Impact of Internet Privacy Regulations(Oakland’24)[paper]
• A Qualitative Analysis of Practical De-identification Guides(CCS’24)[paper (unfind)]
• Privacy in the Age of Neurotechnology: Investigating Public Attitudes towards Brain Data Collection and UseCCS’23
• Swipe Left for Identity Theft: An Analysis of User Data Privacy Risks on Location-based Dating Apps(Security’24)[paper]
• Unpacking Privacy Labels: A Measurement and Developer Perspective on Google's Data Safety Section(Security’24)[paper]
• ATTention Please! An Investigation of the App Tracking Transparency Permission(Security’24)[paper]
• Is It a Trap? A Large-scale Empirical Study And Comprehensive Assessment of Online Automated Privacy Policy Generators for Mobile Apps(Security’24)[paper]
• Dissecting Privacy Perspectives of Websites Around the World: "Aceptar Todo, Alle Akzeptieren, Accept All..."(Security’24)[paper]
• "I Don't Know If We're Doing Good. I Don't Know If We're Doing Bad": Investigating How Practitioners Scope, Motivate, and Conduct Privacy Work When Developing AI Products(Security’24)[paper]
• How WEIRD is Usable Privacy and Security Research?(Security’24)[paper]
• The Effect of Design Patterns on (Present and Future) Cookie Consent Decisions(Security’24)[paper]
• Are Consumers Willing to Pay for Security and Privacy of IoT Devices?(Security’23)[paper]
• Assessing Anonymity Techniques Employed in German Court Decisions: A De-Anonymization Experiment(Security’23)[paper]
• Security and Privacy Failures in Popular 2FA Apps(Security’23)[paper]
• “If sighted people know, I should be able to know:” Privacy Perceptions of Bystanders with Visual Impairments around Camera-based Technology(Security’23)[paper]
• A Large-scale Investigation into Geodifferences in Mobile Apps(Security'22)[paper] [slides]
• The State of the SameSite: Studying the Usage, Effectiveness, and Adequacy of SameSite Cookies(Oakland'22)[paper]
• Understanding Worldwide Private Information Collection on Android(NDSS'21)[paper]
• Journey to the Center of the Cookie Ecosystem: Unraveling Actors' Roles and Relationships(Oakland'21)[paper]

Mobile Security

Mobile Framework Security

• Wear’s my Data? Understanding the Cross-Device Runtime Permission Model in Wearables(Oakland’24)[paper]
• Log: It’s Big, It’s Heavy, It’s Filled with Personal Data! Measuring the Logging of Sensitive Information in the Android Ecosystem(Security'23)[paper]
• Post-GDPR Threat Hunting on Android Phones: Dissecting OS-level Safeguards of User-unresettable Identifiers (NDSS'23)[paper]
• Uncovering Intent based Leak of Sensitive Data in Android Framework(CCS'22)[paper]
• Watch Out for Race Condition Attacks When Using Android External Storage(CCS'22)[paper]
• PHYjacking: Physical Input Hijacking for Zero-Permission Authorization Attacks on Android(NDSS'22)[paper]
• Exploit the Last Straw That Breaks Android Systems(Oakland'22)[paper]
• Dissecting Residual APIs in Custom Android ROMs(CCS'21)[paper]
• Ghost in the Binder: Binder Transaction Redirection Attacks in Android System Services(CCS'21)[paper]
• A11y and Privacy don't have to be mutually exclusive: Constraining Accessibility Service Misuse on Android(Security'21)[paper] [slides]
• An Investigation of the Android Kernel Patch Ecosystem(Security'21)[paper] [slides]
• Why Eve and Mallory Still Love Android: Revisiting TLS (In)Security in Android Applications(Security'21)[paper] [slides]
• Bringing Balance to the Force: Dynamic Analysis of the Android Application Framework(NDSS'21)[paper]
• Trust, But Verify: A Longitudinal Analysis Of Android OEM Compliance and Customization(Oakland'21)[paper]

Mobile Authentication Security

• An Empirical Study on Fingerprint API Misuse with Lifecycle Analysis in Real-world Android Apps(NDSS’25)[paper]
• InfinityGauntlet: Expose Smartphone Fingerprint Authentication to Brute-force Attack(Security'23)[paper]
• AuthentiSense: A Scalable Behavioral Biometrics Authentication Scheme using Few-Shot Learning for Mobile Platforms(NDSS'23)[paper]
• On the Insecurity of SMS One-Time Password Messages against Local Attackers in Modern Mobile Devices(NDSS'21)[paper]

Mobile Application Security

• MALintent: Coverage Guided Intent Fuzzing Framework for Android(NDSS’25)[paper]
• Careful About What App Promotion Ads Recommend! Detecting and Explaining Malware Promotion via App Promotion GraphNDSS’25
• Black-box Adversarial Example Attack towards FCG Based Android Malware Detection under Incomplete Feature Information(Security'23)[paper]
• One Size Does not Fit All: Quantifying the Risk of Malicious App Encounters for Different Android User Profiles(Security'23)[paper]
• Detecting and Measuring Misconfigured Manifests in Android Apps(CCS'22)[paper]
• A Large-scale Temporal Measurement of Android Malicious Apps: Persistence, Migration, and Lessons Learned(Security'22)[paper]
• FSAFlow: Lightweight and Fast Dynamic Path Tracking and Control for Privacy Protection on Android Using Hybrid Analysis with State-Reduction Strategy(Oakland'22)[paper]
• Structural Attack against Graph Based Android Malware Detection(CCS'21)[paper]
• Understanding Malicious Cross-library Data Harvesting on Android(Security'21)[paper] [slides]
• Preventing and Detecting State Inference Attacks on Android(NDSS'21)[paper]
• Differential Training: A Generic Framework to Reduce Label Noises for Android Malware Detection(NDSS'21)[paper]
• The Abuser Inside Apps: Finding the Culprit Committing Mobile Ad Fraud(NDSS'21)[paper]
• Happer: Unpacking Android Apps via a Hardware-Assisted Approach(Oakland'21)[paper]
• How Did That Get In My Phone? Unwanted App Distribution on Android Devices(Oakland'21)[paper]
• Trouble Over-The-Air: An Analysis of FOTA Apps in the Android Ecosystem(Oakland'21)[paper]

Mobile Network Security

• Your Phone is My Proxy: Detecting and Understanding Mobile Proxy Networks(NDSS'21)[paper]

Mini-app Security

• Understanding the Miniapp Malware: Identification, Dissection, and Characterization(NDSS’25)[paper]
• The Skeleton Keys: A Large Scale Analysis of Credential Leakage in Mini-apps(NDSS’25)[paper]
• Uncovering and Exploiting Hidden APIs in Mobile Super Apps(CCS'23)[paper]
• One Size Does Not Fit All: Uncovering and Exploiting Cross Platform Discrepant APIs in WeChat(Security'23)[paper] [code]
• Cross Miniapp Request Forgery: Root Causes, Attacks, and Vulnerability Detection(CCS'22)[paper]
• Identity Confusion in WebView-based Mobile App-in-app Ecosystems(Security'22)[paper] [slides]

Android Emulator&Sandbox Security

• The Droid is in the Details: Environment-aware Evasion of Android Sandboxes(NDSS'22)[paper]
• Towards Transparent and Stealthy Android OS Sandboxing via Customizable Container-Based Virtualization(CCS'21)[paper]
• Android on PC: On the Security of End-user Android Emulators(CCS'21)[paper]

Side Channel Attack

• The Danger of Minimum Exposures: Understanding Cross-App Information Leaks on iOS through Multi-Side-Channel Learning (CCS’23)[paper]
• Hope of Delivery: Extracting User Locations From Mobile Instant Messengers (NDSS'23)[paper]
• StealthyIMU: Stealing Permission-protected Private Information From Smartphone Voice Assistant Using Zero-Permission Sensors(NDSS'23)[paper]
• Thwarting Smartphone SMS Attacks at the Radio Interface Layer(NDSS'23)[paper]
• This Sneaky Piggy Went to the Android Ad Market: Misusing Mobile Sensors for Stealthy Data Exfiltration(CCS'21)[paper]

Misc

• Clues in Tweets: Twitter-Guided Discovery and Analysis of SMS Spam(CCS'22)[paper]
• Analyzing Ground-Truth Data of Mobile Gambling Scams(Oakland'22)[paper]

Access Control

Vulnerability & Detection

• Credit Karma: Understanding Security Implications of Exposed Cloud Services through Automated Capability Inference(Security'23)[paper]
• Improving Logging to Reduce Permission Over-Granting Mistakes(Security'23)[paper]
• Detecting Missing-Permission-Check Vulnerabilities in Distributed Cloud Systems(CCS'22)[paper]
• Poirot: Probabilistically Recommending Protections for the Android Framework(CCS'22)[paper]
• P-Verifier: Understanding and Mitigating Security Risks in Cloud-based IoT Access Policies(CCS'22)[paper]
• FReD: Identifying File Re-Delegation in Android System Services(Security'22)[paper] [slides]
• Uncovering Cross-Context Inconsistent Access Control Enforcement in Android(NDSS'22)[paper]
• Android Custom Permissions Demystified: From Privilege Escalation to Design Shortcomings(Oakland'21)[paper]

Strategy Design

• Browser Permission Mechanisms Demystified (NDSS'23)[paper]
• Optimistic Access Control for the Smart Home(Oakland'23)[paper]
• Perils and Mitigation of Security Risks of Cooperation in Mobile-as-a-Gateway IoT(CCS'22)[paper]
• Automatic Policy Generation for Inter-Service Access Control of Microservices(Security'21)[paper] [slides]
• SEApp: Bringing Mandatory Access Control to Android Apps(Security'21)[paper] [slides]

Misc

• PolyScope: Multi-Policy Access Control Analysis to Compute Authorized Attack Operations in Android Systems(Security'21)[paper] [slides]

Acknowledgement

Thanks for all your contributions. Please make sure to read the contributing guide before you make a pull request.