AUTOREB: Automatically Understanding the Review-to-Behavior Fidelity in Android Applications
作者: Deguang Kong , Lei Cen , Hongxia Jin
关键词: End user 、 Computer science 、 Fidelity 、 Mobile apps 、 Android (operating system) 、 Crowdsourcing 、 Mobile device 、 World Wide Web
摘要: Along with the increasing popularity of mobile devices, there exist severe security and privacy concerns for apps. On Google Play, user reviews provide a unique understanding security/privacy issues apps from users' perspective, in fact they are valuable feedbacks users by considering expectations. To best assist end users, this paper, we automatically learn related behaviors inferred analysis on reviews, which call review-to-behavior fidelity. We design system AUTOREB that assesses fidelity employs state-of-the-art machine learning techniques to infer relations between four categories security-related behaviors. Moreover, it uses crowdsourcing approach aggregate review-level app-level. our knowledge, is first work explores review information utilizes semantics predict risky at both crawled real-world dataset 2,614,186 12,783 13,129,783 play, use comprehensively evaluate AUTOREB. The experiment result shows method can app user-review level accuracy as high 94.05%, also app-level aggregating predictions review-level. Our research offers an insight into helps bridge gap perception.
acm.org 
sci-hub.se 参考文章(51)
Tao Xie, Rahul Pandita, William Enck, Xusheng Xiao, Wei Yang, WHYPER: towards automating risk assessment of mobile applications usenix security symposium. pp. 527- 542 ,(2013)
Damien Octeau, William Enck, Patrick McDaniel, Swarat Chaudhuri, A study of android application security usenix security symposium. pp. 21- 21 ,(2011)
Clint Gibler, Jonathan Crussell, Jeremy Erickson, Hao Chen, AndroidLeaks: automatically detecting potential privacy leaks in android applications on a large scale trust and trustworthy computing. pp. 291- 307 ,(2012) , 10.1007/978-3-642-30921-2_17
Guofei Gu, Zhemin Yang, Yuhong Nan, Shunfan Zhou, Min Yang, XiaoFeng Wang, UIPicker: user-input privacy identification in mobile applications usenix security symposium. pp. 993- 1008 ,(2015)
Dingbang Xu, Peng Ning, William Enck, Xinwen Zhang, Ahmed M. Azab, Douglas Reeves, Wu Zhou, Ruowen Wang, EASEAndroid: automatic policy analysis and refinement for security enhanced android via large-scale semi-supervised learning usenix security symposium. pp. 351- 366 ,(2015)
Wenke Lee, Salvatore J. Stolfo, Data mining approaches for intrusion detection usenix security symposium. pp. 6- 6 ,(1998) , 10.21236/ADA401496
Lok Kwong Yan, Heng Yin, DroidScope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis usenix security symposium. pp. 29- 29 ,(2012)
William Enck, Patrick McDaniel, Jaeyeon Jung, Byung-Gon Chun, Peter Gilbert, Anmol N. Sheth, Landon P. Cox, TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones operating systems design and implementation. pp. 393- 407 ,(2010) , 10.5555/1924943.1924971
Jinxi Xu, W. Bruce Croft, Quary Expansion Using Local and Global Document Analysis international acm sigir conference on research and development in information retrieval. ,vol. 51, pp. 4- 11 ,(1996) , 10.1145/3130348.3130364
Matthias Neugschwandtner, Paolo Milani Comparetti, Gregoire Jacob, Christopher Kruegel, FORECAST: skimming off the malware cream annual computer security applications conference. pp. 11- 20 ,(2011) , 10.1145/2076732.2076735