Isolating Graphical Failure-Inducing Input for Privacy Protection in Error Reporting Systems

Authors: João Matos (INESC-ID / Instituto Superior Técnico da Universidade de Lisboa), João Garcia (INESC-ID / Instituto Superior Técnico da Universidade de Lisboa), Nuno Coração (Vodafone)

Volume: 2016
Issue: 2
Pages: 4–21
DOI: https://doi.org/10.1515/popets-2016-0002

Download PDF

Abstract: This work proposes a new privacy-enhancing system that minimizes the disclosure of information in error reports. Error reporting mechanisms are of the utmost importance to correct software bugs but, unfortunately, the transmission of an error report may reveal users’ private information. Some privacy-enhancing systems for error reporting have been presented in the past years, yet they rely on path condition analysis, which we show in this paper to be ineffective when it comes to graphical-based input. Knowing that numerous applications have graphical user interfaces (GUI), it is very important to overcome such limitation. This work describes a new privacy-enhancing error reporting system, based on a new input minimization algorithm called GUImin that is geared towards GUI, to remove input that is unnecessary to reproduce the observed failure. Before deciding whether to submit the error report, the user is provided with a step-by-step graphical replay of the minimized input, to evaluate whether it still yields sensitive information. We also provide an open source implementation of the proposed system and evaluate it with well-known applications.

Keywords: Privacy, Error reporting, Fault-replication, Software maintenance, Combinatorial testing.

Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution-NonCommercial-NoDerivs license.