Automatic, highly accurate app permission recommendation
To ensure security and privacy, Android employs a permission mechanism which requires developers to explicitly declare the permissions needed by their applications (apps). Users must grant those permissions before they install apps or during runtime. This mechanism protects users’ private data, but...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2019
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/4366 https://ink.library.smu.edu.sg/context/sis_research/article/5369/viewcontent/Liu2019_Article_AutomaticHighlyAccurateAppPerm.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-5369 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-53692019-06-13T10:01:02Z Automatic, highly accurate app permission recommendation LIU, Zhongxin XIA, Xin LO, David GRUNDY, John To ensure security and privacy, Android employs a permission mechanism which requires developers to explicitly declare the permissions needed by their applications (apps). Users must grant those permissions before they install apps or during runtime. This mechanism protects users’ private data, but also imposes additional requirements on developers. For permission declaration, developers need knowledge about what permissions are necessary to implement various features of their apps, which is difficult to acquire due to the incompleteness of Android documentation. To address this problem, we present a novel permission recommendation system named PerRec for Android apps. PerRec leverages mining-based techniques and data fusion methods to recommend permissions for given apps according to their used APIs and API descriptions. The recommendation scores of potential permissions are calculated by a composition of two techniques which are implemented as two components of PerRec: a collaborative filtering component which measures similarities between apps based on semantic similarities between APIs; and a content-based recommendation component which automatically constructs profiles for potential permissions from existing apps. The two components are combined in PerRec for better performance. We have evaluated PerRec on 730 apps collected from Google Play and F-Droid, a repository of free and open source Android apps. Experimental results show that our approach significantly improves the state-of-the-art approaches APRecCFcorrelation, APRec TEXT and Axplorer. 2019-03-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/4366 info:doi/10.1007/s10515-019-00254-6 https://ink.library.smu.edu.sg/context/sis_research/article/5369/viewcontent/Liu2019_Article_AutomaticHighlyAccurateAppPerm.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Android security model Collaborative filtering Content-based recommendation Permission recommendation Software Engineering Systems Architecture |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Android security model Collaborative filtering Content-based recommendation Permission recommendation Software Engineering Systems Architecture |
| spellingShingle |
Android security model Collaborative filtering Content-based recommendation Permission recommendation Software Engineering Systems Architecture LIU, Zhongxin XIA, Xin LO, David GRUNDY, John Automatic, highly accurate app permission recommendation |
| description |
To ensure security and privacy, Android employs a permission mechanism which requires developers to explicitly declare the permissions needed by their applications (apps). Users must grant those permissions before they install apps or during runtime. This mechanism protects users’ private data, but also imposes additional requirements on developers. For permission declaration, developers need knowledge about what permissions are necessary to implement various features of their apps, which is difficult to acquire due to the incompleteness of Android documentation. To address this problem, we present a novel permission recommendation system named PerRec for Android apps. PerRec leverages mining-based techniques and data fusion methods to recommend permissions for given apps according to their used APIs and API descriptions. The recommendation scores of potential permissions are calculated by a composition of two techniques which are implemented as two components of PerRec: a collaborative filtering component which measures similarities between apps based on semantic similarities between APIs; and a content-based recommendation component which automatically constructs profiles for potential permissions from existing apps. The two components are combined in PerRec for better performance. We have evaluated PerRec on 730 apps collected from Google Play and F-Droid, a repository of free and open source Android apps. Experimental results show that our approach significantly improves the state-of-the-art approaches APRecCFcorrelation, APRec TEXT and Axplorer. |
| format |
text |
| author |
LIU, Zhongxin XIA, Xin LO, David GRUNDY, John |
| author_facet |
LIU, Zhongxin XIA, Xin LO, David GRUNDY, John |
| author_sort |
LIU, Zhongxin |
| title |
Automatic, highly accurate app permission recommendation |
| title_short |
Automatic, highly accurate app permission recommendation |
| title_full |
Automatic, highly accurate app permission recommendation |
| title_fullStr |
Automatic, highly accurate app permission recommendation |
| title_full_unstemmed |
Automatic, highly accurate app permission recommendation |
| title_sort |
automatic, highly accurate app permission recommendation |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2019 |
| url |
https://ink.library.smu.edu.sg/sis_research/4366 https://ink.library.smu.edu.sg/context/sis_research/article/5369/viewcontent/Liu2019_Article_AutomaticHighlyAccurateAppPerm.pdf |
| _version_ |
1770574687739314176 |