Enhancing Fidelity of Description in Android Apps With Category-Based Common Permissions
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Wu, Zhiqiang | - |
dc.contributor.author | Chen, Xin | - |
dc.contributor.author | Khan, Muhammad Umair | - |
dc.contributor.author | Lee, Scott Uk-Jin | - |
dc.date.accessioned | 2022-06-24T09:40:18Z | - |
dc.date.available | 2022-06-24T09:40:18Z | - |
dc.date.created | 2022-06-24 | - |
dc.date.issued | 2021-07 | - |
dc.identifier.issn | 2169-3536 | - |
dc.identifier.uri | https://scholarworks.bwise.kr/gachon/handle/2020.sw.gachon/84781 | - |
dc.description.abstract | Application description analysis is applied for various purposes in software engineering domains. Besides the inherent challenges from the ambiguity of natural language, sparse permission semantics raise the difficulties of predicting functionalities and permission usages from app descriptions. More specifically, the functionalities common to the app's category are intentionally abbreviated by developers due to the limited number of characters, and the permissions are often over-claimed. These are the main reasons that cause false positives in predicting permissions from app descriptions. Such unmentioned permissions can only be detected as suspicious in previous studies where effective assistance for developers in refining app descriptions and preventing potential security risks is not provided. In this paper, we propose the FideDroid, a framework to identify category-based common permissions to offset those essential functionalities while assessing the fidelity of app descriptions. Our framework augments the labeled dataset of app descriptions to improve the prediction of permissions. FideDroid compares inferred permissions with used ones to reveal the suspicious and unnecessary permissions based on the prediction. It helps developers to refine app descriptions and maintain permission usages. In our experiments on large real-world apps, we analyzed and revealed that the category-based common permissions may cover more unmentioned functionalities without considering all possible permissions during app description analysis. In addition, we discovered three factors causing the inconsistency between descriptions and permission usages to be: 1) human interventions in writing description; 2) bad practices on permission usages; and 3) prolific developers. These findings will facilitate developers to refine app descriptions and optimize permission usages in the apps. | - |
dc.language | 영어 | - |
dc.language.iso | en | - |
dc.publisher | IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC | - |
dc.relation.isPartOf | IEEE ACCESS | - |
dc.title | Enhancing Fidelity of Description in Android Apps With Category-Based Common Permissions | - |
dc.type | Article | - |
dc.type.rims | ART | - |
dc.description.journalClass | 1 | - |
dc.identifier.wosid | 000681073700001 | - |
dc.identifier.doi | 10.1109/ACCESS.2021.3100118 | - |
dc.identifier.bibliographicCitation | IEEE ACCESS, v.9, pp.105493 - 105505 | - |
dc.description.isOpenAccess | Y | - |
dc.identifier.scopusid | 2-s2.0-85112660532 | - |
dc.citation.endPage | 105505 | - |
dc.citation.startPage | 105493 | - |
dc.citation.title | IEEE ACCESS | - |
dc.citation.volume | 9 | - |
dc.contributor.affiliatedAuthor | Khan, Muhammad Umair | - |
dc.type.docType | Article | - |
dc.subject.keywordAuthor | Random variables | - |
dc.subject.keywordAuthor | Libraries | - |
dc.subject.keywordAuthor | Semantics | - |
dc.subject.keywordAuthor | Thesauri | - |
dc.subject.keywordAuthor | Security | - |
dc.subject.keywordAuthor | Internet | - |
dc.subject.keywordAuthor | Smart phones | - |
dc.subject.keywordAuthor | Android | - |
dc.subject.keywordAuthor | app description | - |
dc.subject.keywordAuthor | categorical common permissions | - |
dc.subject.keywordAuthor | fidelity assessment | - |
dc.subject.keywordAuthor | permission relation graph | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Engineering | - |
dc.relation.journalResearchArea | Telecommunications | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Engineering, Electrical & Electronic | - |
dc.relation.journalWebOfScienceCategory | Telecommunications | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
1342, Seongnam-daero, Sujeong-gu, Seongnam-si, Gyeonggi-do, Republic of Korea(13120)031-750-5114
COPYRIGHT 2020 Gachon University All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.