School of Computing, Australian National University |
February 2024 – October 2024
In this research, I conducted an end-to-end empirical study of privacy and security risks in Android task-executable voice assistants by analyzing privacy disclosure inconsistencies across six sources: Google Play Data Safety labels, privacy policies, APK manifest files, Android system settings, permission checker tools, and observed runtime behavior. This research revealed three critical threat models: privacy misdisclosure in mega applications, privilege escalation via inter-application interactions, and abuse of Google system applications to bypass dangerous permission disclosure. By auditing 10 mainstream voice assistants, I identified systemic gaps between declared and actual permission usage, leading to actionable recommendations for securing autonomous AI agents and culminating in a published paper at APSEC 2025.
