Maaz | معاذ

home  projects  cv 

[paper]

Forms of Disclosure: The Path to Automated Data Privacy Audits | Harvard JOLT 23
Mihailis Diamantis, Maaz Bin Musa,, Lucas Ausberger, Rishab Nithyanand

Auditing online privacy has become critical to ensure compliance with the upcoming data privacy laws. However, this work highlights the variability in the forms of disclosures. We propose a uniform machine readable disclosure form that can be used to automate the auditing process. This would allow authorities to match the disclosures with the actual data practices of the company on a scale without the need for manual intervention.

[paper]

ATOM: Ad-network Tomography | PETS 22
Maaz Bin Musa, Rishab Nithyanand

A users' data is often propagated to multiple third-party services through ad-networks. This work uses the ad content served to a user, to identify the ad-networks that are responsible for the data propagation. Unlike previous works in this space, it does not depend on any artifact that is ephemeral in nature. Our results indicate the feasibility of this approach and its potential to be used as a tool for privacy audits.

[paper]

To Act or React: Investigating Proactive Strategies For Online Community Moderation | ICWSM 22
Hussam Habib, Maaz Bin Musa, Fareed Zaffar, Rishab Nithyanand

Community-level moderation for Reddit and similar platforms is a complex task. Our analysis show that subreddits are constantly changing and therefore timely interventions are prohibitively expesnsive because of the scale. To address this issue, we propose a flagging tool which aids administrators by flagging subreddits that exhibit similarly problematic behavior as seen in previously banned communities .

[paper]

CanaryTrap: Detecting Data Misuse by Third-Party Apps on Online Social Networks | PETS 20
Shehroze Farooqi, Maaz Bin Musa, Fareed Zaffar, Zubair Shafique

The driving force behind all activity on the Internet is user data. This work proposes a novel matrix approach to set up traps using email addresses, to detect the misuse of user data once it has been shared with third-party apps. We find several apps share data with malicious entities which consequently use it for phishing or ransomware attacks.