|Search Duke CS||
Existing mobile platforms provide only coarse-grained access controls for the camera (i.e., an app can access all of a camera's view or none of it), whereas, a finer-grained access control is needed to protect against visual leaks. Designing fine-grained access control for cameras in the mobile operating system is not a trivial task and opportunities need to be identified to handle different apps designed for different use cases.
In this dissertation, we first highlight the visual privacy risks to the users of camera apps and the bystanders. Then, we show that the recent proposed solutions are either inadequate for mitigating these risks or not suitable for real-time apps. The key insight of this dissertation is that if we can infer the least amount of visual information a camera app needs to function then we can design practical fine-grained access control for the camera app. To demonstrate the efficacy of our ideas, we design and implement two frameworks, CamForensics and PrivateEye.
CamForensics is designed to detect if an app performs image manipulation which is not expected by the user of the app. Specifically, CamForensics monitors if a known image processing is applied to the incoming camera data. CamForensics performs dynamic binary instrumentation to track the sequence of functions from an image processing library applied on a camera data. Later it matches the obtained function call sequences with prerecorded signatures of all the known image processing. This information can be reported to the user and she can make an informed decision about the usage of the app.
PrivateEye is a privacy-marker system that helps users mark visually non-sensitive two-dimensional regions in a camera's view and deliver only content within the marked regions to the apps. PrivateEye is designed as an efficient computer vision pipeline which is integrated with the trusted camera service to handle the camera data. We extend PrivateEye and design ePrivateEye where we offload the computation-intensive task to a local server and achieve high scalability and real-time performance.
This dissertation shows that it is possible to design efficient and scalable visual privacy mechanisms to provide better control over the information captured by the apps.