Thumbnail Image
Item

Attention: there is an inconsistency between android permissions and application metadata!

Alecakir, Huseyin
Can, Burcu
Sen, Sevil
Authors
Alecakir, Huseyin
 Can, Burcu
 Sen, Sevil
Editors
Other contributors
Affiliation
Epub Date
Issue Date
2021-01-07
Submitted date
Subjects
android
 security
 description-to-permission fidelity
 natural language processing
 recurrent neural networks
 attention mechanism
Show all metadata
Files
Thumbnail Image
Alecakir_et_al_Attention_2021.pdf
Adobe PDF1.64 MB
Alternative
Abstract
Since mobile applications make our lives easier, there is a large number of mobile applications customized for our needs in the application markets. While the application markets provide us a platform for downloading applications, it is also used by malware developers in order to distribute their malicious applications. In Android, permissions are used to prevent users from installing applications that might violate the users’ privacy by raising their awareness. From the privacy and security point of view, if the functionality of applications is given in sufficient detail in their descriptions, then the requirement of requested permissions could be well-understood. This is defined as description-to-permission fidelity in the literature. In this study, we propose two novel models that address the inconsistencies between the application descriptions and the requested permissions. The proposed models are based on the current state-of-art neural architectures called attention mechanisms. Here, we aim to find the permission statement words or sentences in app descriptions by using the attention mechanism along with recurrent neural networks. The lack of such permission statements in application descriptions creates a suspicion. Hence, the proposed approach could assist in static analysis techniques in order to find suspicious apps and to prioritize apps for more resource intensive analysis techniques. The experimental results show that the proposed approach achieves high accuracy.
Citation
Alecakir, H., Can, B. & Sen, S. (2021) Attention: there is an inconsistency between android permissions and application metadata!. International Journal of Information Security 20, 797–815. https://doi.org/10.1007/s10207-020-00536-1
Publisher
Springer Science and Business Media LLC
Journal
International Journal of Information Security
Research Unit
URI
http://hdl.handle.net/2436/623882
DOI
10.1007/s10207-020-00536-1
PubMed ID
PubMed Central ID
Embedded videos
Additional Links
https://link.springer.com/article/10.1007/s10207-020-00536-1
Type
Journal article
Language
en
Description
This is an accepted manuscript of an article published by Springer in International Journal of Information Security on 07/01/2021, available online: https://doi.org/10.1007/s10207-020-00536-1 The accepted version of the publication may differ from the final published version.
Series/Report no.
ISSN
1615-5262
EISSN
1615-5270
ISBN
ISMN
Gov't Doc #
Sponsors
Rights
Research Projects
Organizational Units
Journal Issue
Embedded videos
Collections
Research Institute in Information and Language Processing