Publication Type
Conference Proceeding Article
Version
acceptedVersion
Publication Date
11-2016
Abstract
As Android is one of the most popular open source mobile platforms, ensuring security and privacy of Android applications is very important. Android provides a permission mechanism which requires developers to declare sensitive resources their applications need, and users need to agree with this request when they install (for Android API level 22 or lower) or run (for Android API level 23) these applications. Although Android provides very good official documents to explain how to properly use permissions, unfortunately misuses even for the most popular permissions have been reported. Recently, Karim et al. propose an association rule mining based approach to better infer permissions that an API needs. In this work, to improve the effectiveness of the prior work, we propose an approach which is based on collaborative filtering technique, one of popular techniques used to build recommendation systems. Our approach is designed based on the intuition that apps that have similar features - inferred from the APIs that they use - usually share similar permissions. We evaluate the proposed approaches on 936 Android apps from F-Droid, which is a repository of free and open source Android applications. The experimental results show that our proposed approaches achieve significant improvement in terms of the precision, recall, F1-score and MAP of the top-k results over Karim et al.'s approach.
Keywords
Android, Association Rule, Collaborative Filtering, Permission Recommendation
Discipline
Computer Sciences | Software Engineering
Research Areas
Software and Cyber-Physical Systems
Publication
SATE 2016: Proceedings of International Conference on Software Analysis, Testing and Evolution: Proceedings: Kunming, November 3-4, 2016
First Page
1
Last Page
6
ISBN
9781509045174
Identifier
10.1109/SATE.2016.13
Publisher
IEEE
City or Country
Piscataway, NJ
Citation
BAO, Lingfeng; LO, David; XIA, Xin; and LI, Shanping.
What permissions should this Android app request?. (2016). SATE 2016: Proceedings of International Conference on Software Analysis, Testing and Evolution: Proceedings: Kunming, November 3-4, 2016. 1-6.
Available at: https://ink.library.smu.edu.sg/sis_research/3560
Copyright Owner and License
Authors
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
Additional URL
https://doi.org/10.1109/SATE.2016.13