Analyzing Privacy Policies (NLP) -- Malware Analysis
| Title | Analyzing Privacy Policies (NLP) -- Malware Analysis |
|---|---|
| Summary | Analyzing Privacy Policies (NLP) -- Malware Analysis |
| Keywords | Web Security; Privacy Policies; Privacy |
| TimeFrame | |
| References | https://www.usenix.org/system/files/sec22-manandhar.pdf
https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7579770&tag=1 https://dl.acm.org/doi/pdf/10.1145/3442381.3450048 https://dspace.networks.imdea.org/bitstream/handle/20.500.12761/690/On_The_Ridiculousness_of_Notice_and_Consent_2019_EN.pdf?sequence=1 |
| Prerequisites | NLP; Python; |
| Author | |
| Supervisor | Pablo Picazo-Sanchez |
| Level | Master |
| Status | Open |
With the increasing reliance on browser extensions to enhance web browsing experiences, concerns regarding user data privacy and security have become paramount. This project aims to systematically analyze the privacy policies of various browser extensions to determine their potential for malicious activities.
The proliferation of browser extensions has introduced new dimensions of vulnerability to online privacy, as these add-ons often require access to sensitive user information. However, the opacity and complexity of privacy policies make it challenging for users to discern the true intentions of these extensions.
This research employs natural language processing (NLP) and machine learning techniques to examine and categorize the privacy policies of a diverse range of browser extensions. We seek to identify common patterns and key indicators that may suggest malicious intent, such as overly broad data collection, vague data usage descriptions, or the absence of encryption protocols.
Through a large-scale analysis of privacy policies and the development of an automated evaluation framework, this project aims to create a tool that empowers users to make informed decisions about the extensions they choose to install. By shedding light on the practices of browser extensions, we strive to enhance online privacy and security in the ever-evolving digital landscape.
