Please use this identifier to cite or link to this item: http://hdl.handle.net/1893/37041
Appears in Collections:Computing Science and Mathematics Journal Articles
Peer Review Status: Refereed
Title: Attention: there is an inconsistency between android permissions and application metadata!
Author(s): Alecakir, Huseyin
Can, Burcu
Sen, Sevil
Contact Email: burcu.can@stir.ac.uk
Issue Date: 31-Dec-2020
Date Deposited: 27-Nov-2024
Citation: Alecakir H, Can B & Sen S (2020) Attention: there is an inconsistency between android permissions and application metadata!. Can Buglalilar B (Research Group) <i>International Journal of Information Security</i>, 20 (6), pp. 797-815. https://doi.org/10.1007/s10207-020-00536-1
Abstract: Since mobile applications make our lives easier, there is a large number of mobile applications customized for our needs in the application markets. While the application markets provide us a platform for downloading applications, it is also used by malware developers in order to distribute their malicious applications. In Android, permissions are used to prevent users from installing applications that might violate the users’ privacy by raising their awareness. From the privacy and security point of view, if the functionality of applications is given in sufficient detail in their descriptions, then the requirement of requested permissions could be well-understood. This is defined as description-to-permission fidelity in the literature. In this study, we propose two novel models that address the inconsistencies between the application descriptions and the requested permissions. The proposed models are based on the current state-of-art neural architectures called attention mechanisms. Here, we aim to find the permission statement words or sentences in app descriptions by using the attention mechanism along with recurrent neural networks. The lack of such permission statements in application descriptions creates a suspicion. Hence, the proposed approach could assist in static analysis techniques in order to find suspicious apps and to prioritize apps for more resource intensive analysis techniques. The experimental results show that the proposed approach achieves high accuracy.
DOI Link: 10.1007/s10207-020-00536-1
Rights: Copyright © 2021, The Author(s), under exclusive licence to Springer-Verlag GmbH, DE part of Springer Nature.
Licence URL(s): https://storre.stir.ac.uk/STORREEndUserLicence.pdf

Files in This Item:
File Description SizeFormat 
Makale.pdfFulltext - Accepted Version1.07 MBAdobe PDFView/Open



This item is protected by original copyright



Items in the Repository are protected by copyright, with all rights reserved, unless otherwise indicated.

The metadata of the records in the Repository are available under the CC0 public domain dedication: No Rights Reserved https://creativecommons.org/publicdomain/zero/1.0/

If you believe that any material held in STORRE infringes copyright, please contact library@stir.ac.uk providing details and we will remove the Work from public display in STORRE and investigate your claim.