Home Research Publications Talks Personal FAQ Bio
Research Overview
 
My research group is called CHIMPS (Computer Human Interaction: Mobility Privacy Security). My main research interests are in:
  • ubiquitous computing, especially context-aware and mobile social computing
  • usable privacy and security for ubicomp and cloud computing environments

Our research group has been generously funded through a number of sources, including the National Science Foundation, DARPA, the Army Research Office, Microsoft, Nokia Research, Intel, Google, Portugal Telecom, Pitney Bowes, CMU Cylab, NQ Mobile, Samsung, Yahoo!, the Institute for the Study of Entrepreneurship, Innovation, and Technology, and the Alfred P. Sloan Foundation.

I also help run the Pervasive Computing subreddit (please join!). I sometimes write for BLOG@CACM and Wombat Security Technologies' blog. I'm also a co-founder of Wombat Security Technologies.


What's New?
Aug 20, 2014
Our paper entitled Media Sharing Across Public Display Networks was accepted to UCAmI & IWAAL 2014.

Aug 5, 2014
Our paper entitled Increasing Security Sensitivity With Social Proof: A Large-Scale Experimental Confirmation was accepted to CCS 2014.

Aug 1, 2014
Marco Gruteser and I will be technical program co-chairs for Mobisys 2015.

Jun 16, 2014
I gave the keynote talk at the Mobile Cloud Computing and Services Workshop, at Mobisys 2014. The talk was entitled Privacy, Ethics, and Big (Smartphone) Data.

Jun 13, 2014
Our group has two papers accepted to SOUPS 2014:

Jun 12, 2014
My company, Wombat Security Technologies, was profiled in the Pittsburgh Post Gazette. See the article here.

Jun 04, 2014
I was interviewed for a NY Times article entitled How Not to Pay the Price for Free Wi-Fi.

Mar 10, 2014
I gave a one hour crash course in UX and UI design. See the slides here.

Feb 26, 2014
Our group's work on predictive analytics was listed by the World Economic Forum as one of the top ten emerging technologies of 2014. See the article here.

Feb 25, 2014
I was interviewed on CBS Morning Show regarding mobile apps, privacy, and the new Blackphone smartphone. See the interview here.

Dec 9, 2013
Two of our group's papers were accepted to CHI 2014:

Oct 25, 2013
Gave a talk at PopTech 2013 on ubicomp sensing and privacy. See the slides and video here.

Aug 26, 2013
Wrote up a blog entry on Blog@CACM on Privacy and Google Glass.

Aug 9, 2013
Gave a talk at ISSA CISO Executive Forum on Leveraging Human Factors for Effective Security Training. See the slides here.

Dec 26, 2012
Our work on smartphone app privacy was featured on the CBS Morning Show.
Nov 30, 2012
Here is an extended analysis of the most unexpected behaviors we found in smartphone apps. This work is based on our Ubicomp 2012 paper on Expectation and Purpose: Understanding Users’ Mental Models of Mobile App Privacy through Crowdsourcing.

The image below shows the level of surprise for different kinds of permissions. In our study, we operationalized privacy by looking at the difference between what people think an app does, and what it actually does. For example, the figure below shows that 80% of people in our study were surprised that Angry Birds uses location data.

Oct 28, 2012
Our group's work on app scanning is mentioned in a NYTimes article about unusual behaviors of smartphone apps.

Apr 9, 2012
Our livehoods.org site is now public. Our vision is to re-imagine how cities work in the age of social media. Specifically, we've analyzed and clustered 18m foursquare checkins to understand how people use a city. We currently have maps for New York City and Pittsburgh. Livehoods has been featured in The Atlantic Cities, Wired Insider, MIT Technology Review, Fast Company Co.Design, New York Post, Wall Street Journal, and Haaretz.

Current Research
 
Research Overview
In the near future, our smartphones will know almost everything about us. These advances will offer us significant benefits in terms of healthcare, urban planning, information retrieval and more. However, at the same time, these advances pose significant new privacy challenges. How can we use this rich smartphone information in meaningful ways? At the same time, how can we improve the entire ecosystem around our personal data? You can see a short 5-minute video at PopTech summarizing my research on smartphones and privacy.

Augmented Social Graph
Smartphones and social networking services are both experiencing meteoric rates of adoption from people across most demographics. Combining smartphone data with social networking data creates an exciting new opportunity to observe and investigate social behavior at a level of detail and at a massive scale never before possible. Our goal is to build a better computational model of social relationships, capturing tie strength, groups, and roles.

See our CSCW 2013 paper on Mining Smartphone Data to Classify Life-Facets of Social Relationships.


UniAuth: Streamlining Authentication for Ubiquitous Computing
Passwords were a good idea when we only had a few of them, but are having serious problems scaling up, especially as more ubicomp services and cloud computing services are deployed. Our goal with this project is to understand how to simplify authentication using a number of sensors and behavioral models, while also maintaining adequate levels of security.

See our SOUPS 2013 paper on CASA and our Ubicomp 2013 paper on autobiographical authentication.


PrivacyGrade: Analyzing Smartphone App Privacy
Mobile smartphone apps can make use of a smartphone's numerous capabilities — including GPS, WiFi, camera, call logs, and contact lists — to create rich and compelling applications. However, these same capabilities are also being used in highly unexpected and privacy-intrusive ways. Our goal is to (a) develop a series of scalable techniques that combine crowdsourcing with static and dynamic analysis, to understand what mobile apps are really doing, and (b) design and evaluate better ways of communicating these behaviors to end-users.

See our Ubicomp 2012 paper examining the feasibility of using crowdsourcing to evaluate privacy policies, and our SOUPS 2014 paper looking to scale up our privacy models. We also interviewed and surveyed app developers to discover how they manage privacy. Part of our work was also mentioned in a NYTimes article about unusual behaviors of smartphone apps. You can also see an extended analysis of smartphone apps here.



The CHIMPS Research Team
Our research group is CHIMPS (Computer Human Interaction: Mobility Privacy Security). We have an amazingly talented group of PhD students and post-docs:
  • Afsaneh Doryab, working on smartphones, social relationships, and mental health
  • Jason Wiese, co-advised with John Zimmerman, working on understanding social relationships using smartphone and social network data
  • Eiji Hayashi, working on streamlining authentication in ubicomp and cloud computing environments
  • Sauvik Das, working on social dimensions of cybersecurity
  • Song Luan, working on large-scale analysis of smartphone apps
  • Dan Tasse, working on analytics and urban computing
Some alums of the CHIMPS group:

Some of My Writings and Other Stuff I Helped Create
Blogs and social news sites I contribute to Web Design Patterns Design Patterns for Ubiquitous Computing Rapid Prototyping and Evaluation Tools Instructor Guides and Overviews Anti-Phishing Phil Advice for PhD students and Grad School Applicants My Cybersecurity Advice (for general audiences) Some Opinions The Design of Sites
I co-authored a book on web site design, which uses the notion of web design patterns as a way for facilitating the design of customer-centered web sites. Check out the web site for our book The Design of Sites. Our book has been translated into Polish, Chinese, Korean (and possibly other languages as well).
Teaching
Currently Teaching (Spring 2014 and Summer 2014) Some Past Courses Taught
Service
Current Service Some Past Service