Mining android app descriptions for permission requirements recommendation

Xueqing Liu, Yue Leng, Wei Yang, Chengxiang Zhai, Tao Xie

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

During the development or maintenance of an Android app, the app developer needs to determine the app's security and privacy requirements such as permission requirements. Permission requirements include two folds. First, what permissions (i.e., access to sensitive resources, e.g., location or contact list) the app needs to request. Second, how to explain the reason of permission usages to users. In this paper, we focus on the multiple challenges that developers face when creating permission-usage explanations. We propose a novel framework, CLAP, that mines potential explanations from the descriptions of similar apps. CLAP leverages information retrieval and text summarization techniques to find frequent permission usages. We evaluate CLAP on a large dataset containing 1.4 million Android apps. The evaluation results outperform existing state-of-the-art approaches, showing great promise of CLAP as a tool for assisting developers and permission requirements discovery.

Original languageEnglish (US)
Title of host publicationProceedings - 2018 IEEE 26th International Requirements Engineering Conference, RE 2018
EditorsDaniel Amyot, Walid Maalej, Guenther Ruhe
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages147-158
Number of pages12
ISBN (Electronic)9781538674185
DOIs
StatePublished - Oct 12 2018
Event26th IEEE International Requirements Engineering Conference, RE 2018 - Banff, Canada
Duration: Aug 20 2018Aug 24 2018

Publication series

NameProceedings - 2018 IEEE 26th International Requirements Engineering Conference, RE 2018

Other

Other26th IEEE International Requirements Engineering Conference, RE 2018
Country/TerritoryCanada
CityBanff
Period8/20/188/24/18

Keywords

  • Android permission
  • Natural language processing
  • Security requirement

ASJC Scopus subject areas

  • Engineering (miscellaneous)
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Mining android app descriptions for permission requirements recommendation'. Together they form a unique fingerprint.

Cite this