FCDP: Fidelity Calculation for Description-to-Permissions in Android Apps

Abstract

Mobile app descriptions have been widely used in app markets to deliver various types of information to end-users. Even though this information may implicitly expose the dangerous permissions that allow access to sensitive data, most users cannot correctly identify and interpret the corresponding textual sentences owing to insufficient knowledge regarding Android permissions and the semantics of app descriptions. It is therefore important to assist users in understanding whether an app description accurately reflects whether the app may request dangerous permissions. To this end, we propose an approach named Fidelity Calculation for Description-to-Permissions (FCDP). It is aimed at assisting app-market auditors in assessing whether an app description indicates all information related to dangerous permissions using a quantified fidelity for providing a high-quality description to mobile users. Furthermore, we experimentally investigate the effect of different factors on FCDP, and we demonstrate that FCDP outperforms the state-of-the-art method by over 3.65% in predicting description-to-permissions. By using 64,265 Android descriptions crawled from Google Play, our in-depth analysis further indicates that most app descriptions do not entirely disclose the semantics of dangerous permissions for mobile users in the wild. It is therefore quite urgent to assist app-market auditors in regulating description writing in this regard. © 2013 IEEE.