Skip to main content
Top

2021 | OriginalPaper | Chapter

PriGen: Towards Automated Translation of Android Applications’ Code to Privacy Captions

Authors : Vijayanta Jain, Sanonda Datta Gupta, Sepideh Ghanavati, Sai Teja Peddinti

Published in: Research Challenges in Information Science

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Mobile applications are required to give privacy notices to the users when they collect or share personal information. Creating consistent and concise privacy notices can be a challenging task for developers. Previous work has attempted to help developers create privacy notices through a questionnaire or predefined templates. In this paper, we propose a novel approach and a framework, called PriGen, that extends these prior work. PriGen uses static analysis to identify Android applications’ code segments which process personal information (i.e. permission-requiring code segments) and then leverages a Neural Machine Translation model to translate them into privacy captions. We present the initial analysis of our translation task for \(\sim \)300,000 code segments.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literature
2.
go back to reference Allix, K., Bissyandé, T.F., Klein, J., Le Traon, Y.: AndroZoo: collecting millions of android apps for the research community. In: Proceedings of the 13th International Conference on Mining Software Repositories MSR 2016, pp. 468–471. ACM (2016) Allix, K., Bissyandé, T.F., Klein, J., Le Traon, Y.: AndroZoo: collecting millions of android apps for the research community. In: Proceedings of the 13th International Conference on Mining Software Repositories MSR 2016, pp. 468–471. ACM (2016)
3.
go back to reference Alon, U., Brody, S., Levy, O., Yahav, E.: code2seq: Generating sequences from structured representations of code. In: International Conference on Learning Representations (2019) Alon, U., Brody, S., Levy, O., Yahav, E.: code2seq: Generating sequences from structured representations of code. In: International Conference on Learning Representations (2019)
4.
go back to reference Bahdanau, D., Cho, K., Bengio, Y.: Neural machine translation by jointly learning to align and translate (2014). arXiv preprint: arXiv:​1409.​0473 Bahdanau, D., Cho, K., Bengio, Y.: Neural machine translation by jointly learning to align and translate (2014). arXiv preprint: arXiv:​1409.​0473
5.
go back to reference Commission, F.T., et al.: Mobile Privacy Disclosures: Building Trust Through Transparency. Federal Trade Commission, USA (2013) Commission, F.T., et al.: Mobile Privacy Disclosures: Building Trust Through Transparency. Federal Trade Commission, USA (2013)
6.
go back to reference Gorla, A., Tavecchia, I., Gross, F., Zeller, A.: Checking app behavior against app descriptions. In: Proceedings of the 36th International Conference on Software Engineering, pp. 1025–1035 (2014) Gorla, A., Tavecchia, I., Gross, F., Zeller, A.: Checking app behavior against app descriptions. In: Proceedings of the 36th International Conference on Software Engineering, pp. 1025–1035 (2014)
7.
go back to reference Iyer, S., Konstas, I., Cheung, A., Zettlemoyer, L.: Summarizing source code using a neural attention model. In: Proceedings of the 54th Annual Meeting of the ACL, pp. 2073–2083 (2016) Iyer, S., Konstas, I., Cheung, A., Zettlemoyer, L.: Summarizing source code using a neural attention model. In: Proceedings of the 54th Annual Meeting of the ACL, pp. 2073–2083 (2016)
8.
go back to reference Jiang, S., Armaly, A., McMillan, C.: Automatically generating commit messages from diffs using neural machine translation. In: 2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE), pp. 135–146 (2017) Jiang, S., Armaly, A., McMillan, C.: Automatically generating commit messages from diffs using neural machine translation. In: 2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE), pp. 135–146 (2017)
9.
11.
go back to reference Lin, C.Y.: Rouge: a package for automatic evaluation of summaries. In: Text Summarization Branches Out, pp. 74–81 (2004) Lin, C.Y.: Rouge: a package for automatic evaluation of summaries. In: Text Summarization Branches Out, pp. 74–81 (2004)
12.
go back to reference Liu, X., Leng, Y., Yang, W., Wang, W., Zhai, C., Xie, T.: A large-scale empirical study on android runtime-permission rationale messages. In: The Symposium on Visual Languages and Human-Centric Computing, pp. 137–146. IEEE (2018) Liu, X., Leng, Y., Yang, W., Wang, W., Zhai, C., Xie, T.: A large-scale empirical study on android runtime-permission rationale messages. In: The Symposium on Visual Languages and Human-Centric Computing, pp. 137–146. IEEE (2018)
13.
go back to reference Liu, X., Leng, Y., Yang, W., Zhai, C., Xie, T.: Mining android app descriptions for permission requirements recommendation. In: The 26th International Requirements Engineering Conference, pp. 147–158. IEEE (2018) Liu, X., Leng, Y., Yang, W., Zhai, C., Xie, T.: Mining android app descriptions for permission requirements recommendation. In: The 26th International Requirements Engineering Conference, pp. 147–158. IEEE (2018)
14.
go back to reference Loyola, P., Marrese-Taylor, E., Matsuo, Y.: A neural architecture for generating natural language descriptions from source code changes (2017). arXiv preprint: arXiv:​1704.​04856 Loyola, P., Marrese-Taylor, E., Matsuo, Y.: A neural architecture for generating natural language descriptions from source code changes (2017). arXiv preprint: arXiv:​1704.​04856
15.
go back to reference Okoyomon, E., et al.: On the ridiculousness of notice and consent: contradictions in app privacy policies (2019) Okoyomon, E., et al.: On the ridiculousness of notice and consent: contradictions in app privacy policies (2019)
16.
go back to reference Papineni, K., Roukos, S., Ward, T., Zhu, W.J.: BLEU: a method for automatic evaluation of machine translation. In: Proceedings of the 40th Annual Meeting on Association for Computational Linguistics, pp. 311–318. ACL (2002) Papineni, K., Roukos, S., Ward, T., Zhu, W.J.: BLEU: a method for automatic evaluation of machine translation. In: Proceedings of the 40th Annual Meeting on Association for Computational Linguistics, pp. 311–318. ACL (2002)
17.
go back to reference Peddinti, S.T., Bilogrevic, I., Taft, N., Pelikan, M., Erlingsson, Ú., Anthonysamy, P., Hogben, G.: Reducing permission requests in mobile apps. In: Proceedings of the Internet Measurement Conference, pp. 259–266 (2019) Peddinti, S.T., Bilogrevic, I., Taft, N., Pelikan, M., Erlingsson, Ú., Anthonysamy, P., Hogben, G.: Reducing permission requests in mobile apps. In: Proceedings of the Internet Measurement Conference, pp. 259–266 (2019)
18.
go back to reference Reyes, I., et al.: “won’t somebody think of the children?’’ Examining COPPA compliance at scale. Proc. PETS 2018(3), 63–83 (2018) Reyes, I., et al.: “won’t somebody think of the children?’’ Examining COPPA compliance at scale. Proc. PETS 2018(3), 63–83 (2018)
19.
go back to reference Rosen, S., Qian, Z., Mao, Z.M.: Appprofiler: a flexible method of exposing privacy-related behavior in android applications to end users. In: Proceedings of the Third ACM Conference on Data and Application Security and Privacy, pp. 221–232 (2013) Rosen, S., Qian, Z., Mao, Z.M.: Appprofiler: a flexible method of exposing privacy-related behavior in android applications to end users. In: Proceedings of the Third ACM Conference on Data and Application Security and Privacy, pp. 221–232 (2013)
20.
go back to reference Rowan, M., Dehlinger, J.: Encouraging privacy by design concepts with privacy policy auto-generation in eclipse (page). In: Proceedings of the 2014 Workshop on Eclipse Technology eXchange, pp. 9–14 (2014) Rowan, M., Dehlinger, J.: Encouraging privacy by design concepts with privacy policy auto-generation in eclipse (page). In: Proceedings of the 2014 Workshop on Eclipse Technology eXchange, pp. 9–14 (2014)
21.
go back to reference Slavin, R., et al.: PVDetector: a detector of privacy-policy violations for android apps. In: IEEE/ACM International Conference of MOBILESoft, pp. 299–300 (2016) Slavin, R., et al.: PVDetector: a detector of privacy-policy violations for android apps. In: IEEE/ACM International Conference of MOBILESoft, pp. 299–300 (2016)
22.
go back to reference Sun, R., Xue, M.: Quality assessment of online automated privacy policy generators: an empirical study. In: Proceedings of the Evaluation and Assessment in Software Engineering, pp. 270–275 (2020) Sun, R., Xue, M.: Quality assessment of online automated privacy policy generators: an empirical study. In: Proceedings of the Evaluation and Assessment in Software Engineering, pp. 270–275 (2020)
23.
go back to reference Yu, L., Zhang, T., Luo, X., Xue, L., Chang, H.: Toward automatically generating privacy policy for android apps. IEEE Trans. Inf. Forensics Secur. 12(4), 865–880 (2016) CrossRef Yu, L., Zhang, T., Luo, X., Xue, L., Chang, H.: Toward automatically generating privacy policy for android apps. IEEE Trans. Inf. Forensics Secur. 12(4), 865–880 (2016) CrossRef
24.
go back to reference Zimmeck, S., Goldstein, R., Baraka, D.: Privacyflash pro: automating privacy policy generation for mobile apps. In: 28th Network and Distributed System Security Symposium (NDSS 2021). NDSS 2021, Internet Society, Online, February 2021 Zimmeck, S., Goldstein, R., Baraka, D.: Privacyflash pro: automating privacy policy generation for mobile apps. In: 28th Network and Distributed System Security Symposium (NDSS 2021). NDSS 2021, Internet Society, Online, February 2021
25.
go back to reference Zimmeck, S., et al.: Maps: scaling privacy compliance analysis to a million apps. Proc. PETs 2019(3), 66–86 (2019) Zimmeck, S., et al.: Maps: scaling privacy compliance analysis to a million apps. Proc. PETs 2019(3), 66–86 (2019)
Metadata
Title
PriGen: Towards Automated Translation of Android Applications’ Code to Privacy Captions
Authors
Vijayanta Jain
Sanonda Datta Gupta
Sepideh Ghanavati
Sai Teja Peddinti
Copyright Year
2021
DOI
https://doi.org/10.1007/978-3-030-75018-3_9

Premium Partner