Automated Android application permission recommendation
The number of Android applications has increased rapidly as Android is becoming the dominant platform in the smartphone market. Security and privacy are key factors for an Android application to be successful. Android provides a permission mechanism to ensure security and privacy. This permission me...
Saved in:
Main Authors: | , , , |
---|---|
Format: | text |
Language: | English |
Published: |
Institutional Knowledge at Singapore Management University
2017
|
Subjects: | |
Online Access: | https://ink.library.smu.edu.sg/sis_research/3679 https://ink.library.smu.edu.sg/context/sis_research/article/4681/viewcontent/101007_s11432_016_9072_3.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Singapore Management University |
Language: | English |
id |
sg-smu-ink.sis_research-4681 |
---|---|
record_format |
dspace |
spelling |
sg-smu-ink.sis_research-46812020-01-21T03:37:51Z Automated Android application permission recommendation BAO, Lingfeng LO, David XIA, Xin LI, Shanping The number of Android applications has increased rapidly as Android is becoming the dominant platform in the smartphone market. Security and privacy are key factors for an Android application to be successful. Android provides a permission mechanism to ensure security and privacy. This permission mechanism requires that developers declare the sensitive resources required by their applications. On installation or during runtime, users are required to agree with the permission request. However, in practice, there are numerous popular permission misuses, despite Android introducing official documents stating how to use these permissions properly. Some data mining techniques (e.g., association rule mining) have been proposed to help better recommend permissions required by an API. In this paper, based on popular techniques used to build recommendation systems, we propose two novel approaches to improve the effectiveness of the prior work. The first approach utilizes a collaborative filtering technique, which is inspired by the intuition that apps that have similar features — inferred from their APIs — usually share similar permissions. The second approach recommends permissions based on a text mining technique that uses a naive Bayes multinomial classification algorithm to build a prediction model by analyzing descriptions of apps. To evaluate these two approaches, we use 936 Android apps from F-Droid, which is a repository of free and open source Android applications. We find that our proposed approaches yield a significant improvement in terms of precision, recall, F1-score, and MAP of the top-kresults over the baseline approach. 2017-09-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/3679 info:doi/10.1007/s11432-016-9072-3 https://ink.library.smu.edu.sg/context/sis_research/article/4681/viewcontent/101007_s11432_016_9072_3.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Android permission recommendation association rule collaborative filtering text mining OS and Networks Programming Languages and Compilers Software Engineering |
institution |
Singapore Management University |
building |
SMU Libraries |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
SMU Libraries |
collection |
InK@SMU |
language |
English |
topic |
Android permission recommendation association rule collaborative filtering text mining OS and Networks Programming Languages and Compilers Software Engineering |
spellingShingle |
Android permission recommendation association rule collaborative filtering text mining OS and Networks Programming Languages and Compilers Software Engineering BAO, Lingfeng LO, David XIA, Xin LI, Shanping Automated Android application permission recommendation |
description |
The number of Android applications has increased rapidly as Android is becoming the dominant platform in the smartphone market. Security and privacy are key factors for an Android application to be successful. Android provides a permission mechanism to ensure security and privacy. This permission mechanism requires that developers declare the sensitive resources required by their applications. On installation or during runtime, users are required to agree with the permission request. However, in practice, there are numerous popular permission misuses, despite Android introducing official documents stating how to use these permissions properly. Some data mining techniques (e.g., association rule mining) have been proposed to help better recommend permissions required by an API. In this paper, based on popular techniques used to build recommendation systems, we propose two novel approaches to improve the effectiveness of the prior work. The first approach utilizes a collaborative filtering technique, which is inspired by the intuition that apps that have similar features — inferred from their APIs — usually share similar permissions. The second approach recommends permissions based on a text mining technique that uses a naive Bayes multinomial classification algorithm to build a prediction model by analyzing descriptions of apps. To evaluate these two approaches, we use 936 Android apps from F-Droid, which is a repository of free and open source Android applications. We find that our proposed approaches yield a significant improvement in terms of precision, recall, F1-score, and MAP of the top-kresults over the baseline approach. |
format |
text |
author |
BAO, Lingfeng LO, David XIA, Xin LI, Shanping |
author_facet |
BAO, Lingfeng LO, David XIA, Xin LI, Shanping |
author_sort |
BAO, Lingfeng |
title |
Automated Android application permission recommendation |
title_short |
Automated Android application permission recommendation |
title_full |
Automated Android application permission recommendation |
title_fullStr |
Automated Android application permission recommendation |
title_full_unstemmed |
Automated Android application permission recommendation |
title_sort |
automated android application permission recommendation |
publisher |
Institutional Knowledge at Singapore Management University |
publishDate |
2017 |
url |
https://ink.library.smu.edu.sg/sis_research/3679 https://ink.library.smu.edu.sg/context/sis_research/article/4681/viewcontent/101007_s11432_016_9072_3.pdf |
_version_ |
1770573614960082944 |