Automated Android application permission recommendation

The number of Android applications has increased rapidly as Android is becoming the dominant platform in the smartphone market. Security and privacy are key factors for an Android application to be successful. Android provides a permission mechanism to ensure security and privacy. This permission me...

Full description

Saved in:
Bibliographic Details
Main Authors: BAO, Lingfeng, LO, David, XIA, Xin, LI, Shanping
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2017
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/3679
https://ink.library.smu.edu.sg/context/sis_research/article/4681/viewcontent/101007_s11432_016_9072_3.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-4681
record_format dspace
spelling sg-smu-ink.sis_research-46812020-01-21T03:37:51Z Automated Android application permission recommendation BAO, Lingfeng LO, David XIA, Xin LI, Shanping The number of Android applications has increased rapidly as Android is becoming the dominant platform in the smartphone market. Security and privacy are key factors for an Android application to be successful. Android provides a permission mechanism to ensure security and privacy. This permission mechanism requires that developers declare the sensitive resources required by their applications. On installation or during runtime, users are required to agree with the permission request. However, in practice, there are numerous popular permission misuses, despite Android introducing official documents stating how to use these permissions properly. Some data mining techniques (e.g., association rule mining) have been proposed to help better recommend permissions required by an API. In this paper, based on popular techniques used to build recommendation systems, we propose two novel approaches to improve the effectiveness of the prior work. The first approach utilizes a collaborative filtering technique, which is inspired by the intuition that apps that have similar features — inferred from their APIs — usually share similar permissions. The second approach recommends permissions based on a text mining technique that uses a naive Bayes multinomial classification algorithm to build a prediction model by analyzing descriptions of apps. To evaluate these two approaches, we use 936 Android apps from F-Droid, which is a repository of free and open source Android applications. We find that our proposed approaches yield a significant improvement in terms of precision, recall, F1-score, and MAP of the top-kresults over the baseline approach. 2017-09-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/3679 info:doi/10.1007/s11432-016-9072-3 https://ink.library.smu.edu.sg/context/sis_research/article/4681/viewcontent/101007_s11432_016_9072_3.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Android permission recommendation association rule collaborative filtering text mining OS and Networks Programming Languages and Compilers Software Engineering
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Android
permission recommendation
association rule
collaborative filtering
text mining
OS and Networks
Programming Languages and Compilers
Software Engineering
spellingShingle Android
permission recommendation
association rule
collaborative filtering
text mining
OS and Networks
Programming Languages and Compilers
Software Engineering
BAO, Lingfeng
LO, David
XIA, Xin
LI, Shanping
Automated Android application permission recommendation
description The number of Android applications has increased rapidly as Android is becoming the dominant platform in the smartphone market. Security and privacy are key factors for an Android application to be successful. Android provides a permission mechanism to ensure security and privacy. This permission mechanism requires that developers declare the sensitive resources required by their applications. On installation or during runtime, users are required to agree with the permission request. However, in practice, there are numerous popular permission misuses, despite Android introducing official documents stating how to use these permissions properly. Some data mining techniques (e.g., association rule mining) have been proposed to help better recommend permissions required by an API. In this paper, based on popular techniques used to build recommendation systems, we propose two novel approaches to improve the effectiveness of the prior work. The first approach utilizes a collaborative filtering technique, which is inspired by the intuition that apps that have similar features — inferred from their APIs — usually share similar permissions. The second approach recommends permissions based on a text mining technique that uses a naive Bayes multinomial classification algorithm to build a prediction model by analyzing descriptions of apps. To evaluate these two approaches, we use 936 Android apps from F-Droid, which is a repository of free and open source Android applications. We find that our proposed approaches yield a significant improvement in terms of precision, recall, F1-score, and MAP of the top-kresults over the baseline approach.
format text
author BAO, Lingfeng
LO, David
XIA, Xin
LI, Shanping
author_facet BAO, Lingfeng
LO, David
XIA, Xin
LI, Shanping
author_sort BAO, Lingfeng
title Automated Android application permission recommendation
title_short Automated Android application permission recommendation
title_full Automated Android application permission recommendation
title_fullStr Automated Android application permission recommendation
title_full_unstemmed Automated Android application permission recommendation
title_sort automated android application permission recommendation
publisher Institutional Knowledge at Singapore Management University
publishDate 2017
url https://ink.library.smu.edu.sg/sis_research/3679
https://ink.library.smu.edu.sg/context/sis_research/article/4681/viewcontent/101007_s11432_016_9072_3.pdf
_version_ 1770573614960082944