Top

Published in:

2021 | OriginalPaper | Chapter

PriGen: Towards Automated Translation of Android Applications’ Code to Privacy Captions

Authors : Vijayanta Jain, Sanonda Datta Gupta, Sepideh Ghanavati, Sai Teja Peddinti

Published in: Research Challenges in Information Science

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Mobile applications are required to give privacy notices to the users when they collect or share personal information. Creating consistent and concise privacy notices can be a challenging task for developers. Previous work has attempted to help developers create privacy notices through a questionnaire or predefined templates. In this paper, we propose a novel approach and a framework, called PriGen, that extends these prior work. PriGen uses static analysis to identify Android applications’ code segments which process personal information (i.e. permission-requiring code segments) and then leverages a Neural Machine Translation model to translate them into privacy captions. We present the initial analysis of our translation task for \(\sim \)300,000 code segments.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter PHIN: A Privacy Protected Heterogeneous IoT Network

next chapter CompLicy: Evaluating the GDPR Alignment of Privacy Policies - A Study on Web Platforms

https://www.github.com/vijayantajain/PDroid.

https://github.com/tech-srl/code2seq.

https://github.com/tech-srl/code2seq/blob/master/preprocess.sh.

https://developer.android.com/reference/.

https://github.com/tech-srl/code2seq/blob/master/config.py.

Androguard. https://androguard.readthedocs.io/en/latest/

Allix, K., Bissyandé, T.F., Klein, J., Le Traon, Y.: AndroZoo: collecting millions of android apps for the research community. In: Proceedings of the 13th International Conference on Mining Software Repositories MSR 2016, pp. 468–471. ACM (2016)

Alon, U., Brody, S., Levy, O., Yahav, E.: code2seq: Generating sequences from structured representations of code. In: International Conference on Learning Representations (2019)

Bahdanau, D., Cho, K., Bengio, Y.: Neural machine translation by jointly learning to align and translate (2014). arXiv preprint: arXiv:1409.0473

Commission, F.T., et al.: Mobile Privacy Disclosures: Building Trust Through Transparency. Federal Trade Commission, USA (2013)

Gorla, A., Tavecchia, I., Gross, F., Zeller, A.: Checking app behavior against app descriptions. In: Proceedings of the 36th International Conference on Software Engineering, pp. 1025–1035 (2014)

Iyer, S., Konstas, I., Cheung, A., Zettlemoyer, L.: Summarizing source code using a neural attention model. In: Proceedings of the 54th Annual Meeting of the ACL, pp. 2073–2083 (2016)

Jiang, S., Armaly, A., McMillan, C.: Automatically generating commit messages from diffs using neural machine translation. In: 2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE), pp. 135–146 (2017)

LeClair, A., Haque, S., Wu, L., McMillan, C.: Improved code summarization via a graph neural network (2020). arXiv preprint: arXiv:2004.02843

10.

LeClair, A., McMillan, C.: Recommendations for datasets for source code summarization (2019). arXiv preprint: arXiv:1904.02660

11.

Lin, C.Y.: Rouge: a package for automatic evaluation of summaries. In: Text Summarization Branches Out, pp. 74–81 (2004)

12.

Liu, X., Leng, Y., Yang, W., Wang, W., Zhai, C., Xie, T.: A large-scale empirical study on android runtime-permission rationale messages. In: The Symposium on Visual Languages and Human-Centric Computing, pp. 137–146. IEEE (2018)

13.

Liu, X., Leng, Y., Yang, W., Zhai, C., Xie, T.: Mining android app descriptions for permission requirements recommendation. In: The 26th International Requirements Engineering Conference, pp. 147–158. IEEE (2018)

14.

Loyola, P., Marrese-Taylor, E., Matsuo, Y.: A neural architecture for generating natural language descriptions from source code changes (2017). arXiv preprint: arXiv:1704.04856

15.

Okoyomon, E., et al.: On the ridiculousness of notice and consent: contradictions in app privacy policies (2019)

16.

Papineni, K., Roukos, S., Ward, T., Zhu, W.J.: BLEU: a method for automatic evaluation of machine translation. In: Proceedings of the 40th Annual Meeting on Association for Computational Linguistics, pp. 311–318. ACL (2002)

17.

Peddinti, S.T., Bilogrevic, I., Taft, N., Pelikan, M., Erlingsson, Ú., Anthonysamy, P., Hogben, G.: Reducing permission requests in mobile apps. In: Proceedings of the Internet Measurement Conference, pp. 259–266 (2019)

18.

Reyes, I., et al.: “won’t somebody think of the children?’’ Examining COPPA compliance at scale. Proc. PETS 2018(3), 63–83 (2018)

19.

Rosen, S., Qian, Z., Mao, Z.M.: Appprofiler: a flexible method of exposing privacy-related behavior in android applications to end users. In: Proceedings of the Third ACM Conference on Data and Application Security and Privacy, pp. 221–232 (2013)

20.

Rowan, M., Dehlinger, J.: Encouraging privacy by design concepts with privacy policy auto-generation in eclipse (page). In: Proceedings of the 2014 Workshop on Eclipse Technology eXchange, pp. 9–14 (2014)

21.

Slavin, R., et al.: PVDetector: a detector of privacy-policy violations for android apps. In: IEEE/ACM International Conference of MOBILESoft, pp. 299–300 (2016)

22.

Sun, R., Xue, M.: Quality assessment of online automated privacy policy generators: an empirical study. In: Proceedings of the Evaluation and Assessment in Software Engineering, pp. 270–275 (2020)

23.

Yu, L., Zhang, T., Luo, X., Xue, L., Chang, H.: Toward automatically generating privacy policy for android apps. IEEE Trans. Inf. Forensics Secur. 12(4), 865–880 (2016)CrossRef

24.

Zimmeck, S., Goldstein, R., Baraka, D.: Privacyflash pro: automating privacy policy generation for mobile apps. In: 28th Network and Distributed System Security Symposium (NDSS 2021). NDSS 2021, Internet Society, Online, February 2021

25.

Zimmeck, S., et al.: Maps: scaling privacy compliance analysis to a million apps. Proc. PETs 2019(3), 66–86 (2019)

Title: PriGen: Towards Automated Translation of Android Applications’ Code to Privacy Captions
Authors: Vijayanta Jain
Sanonda Datta Gupta
Sepideh Ghanavati
Sai Teja Peddinti
Publisher: Springer International Publishing
Book: Research Challenges in Information Science
Print ISBN: 978-3-030-75017-6

Electronic ISBN: 978-3-030-75018-3

Copyright Year: 2021
DOI: https://doi.org/10.1007/978-3-030-75018-3_9

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner