Conference paper Open Access

Student Research Abstract: "Hard to Understand, Easy to Ignore": An Automated Approach to Predict Mobile App Permission Requests

Hatamian, Majid

MARC21 XML Export

<?xml version='1.0' encoding='UTF-8'?>
<record xmlns="">
  <datafield tag="540" ind1=" " ind2=" ">
    <subfield code="u"></subfield>
    <subfield code="a">Creative Commons Attribution 4.0 International</subfield>
  <datafield tag="260" ind1=" " ind2=" ">
    <subfield code="c">2019-04-01</subfield>
  <controlfield tag="005">20200120173824.0</controlfield>
  <controlfield tag="001">3248920</controlfield>
  <datafield tag="909" ind1="C" ind2="O">
    <subfield code="p">openaire</subfield>
    <subfield code="o"></subfield>
  <datafield tag="711" ind1=" " ind2=" ">
    <subfield code="g">ACM SAC 2019</subfield>
    <subfield code="a">34th ACM/SIGAPP Symposium on Applied Computing</subfield>
    <subfield code="c">Limassol, Cyprus</subfield>
  <datafield tag="520" ind1=" " ind2=" ">
    <subfield code="a">&lt;p&gt;In this paper, we propose a novel automated approach to predict the potential privacy sensitive permission requests by mobile apps. Based on machine learning (ML) and natural language processing (NLP) techniques, personal data access and collection practices mentioned in app privacy policy text are analyzed to predict the required permission requests. Further, the predicted list of permission requests is compared with the real permission requests to check whether there is any mismatch. We further propose user interface designs to map mobile app permission requests to understandable language definitions for the end user. The combination of these concepts provides users with special knowledge about data protection practice and behavior of apps based on the analysis of privacy policy text and permission declaration which are otherwise difficult to analyze. Initial results demonstrate the capability of our approach in prediction of app permission requests. Also, by exploiting our already proposed app behavior analyzer tool, we investigated the correlation between what mobile apps do in reality and what they promise in their privacy policy text resulting in a positive correlation.&lt;/p&gt;</subfield>
  <datafield tag="856" ind1="4" ind2=" ">
    <subfield code="s">881440</subfield>
    <subfield code="z">md5:312b8df7d80de9eb18200e4fe7b3c957</subfield>
    <subfield code="u"></subfield>
  <datafield tag="542" ind1=" " ind2=" ">
    <subfield code="l">open</subfield>
  <datafield tag="980" ind1=" " ind2=" ">
    <subfield code="a">publication</subfield>
    <subfield code="b">conferencepaper</subfield>
  <datafield tag="100" ind1=" " ind2=" ">
    <subfield code="u">Goethe University Frankfurt</subfield>
    <subfield code="a">Hatamian, Majid</subfield>
  <datafield tag="041" ind1=" " ind2=" ">
    <subfield code="a">eng</subfield>
  <datafield tag="024" ind1=" " ind2=" ">
    <subfield code="a">10.1145/3297280.3297660</subfield>
    <subfield code="2">doi</subfield>
  <datafield tag="245" ind1=" " ind2=" ">
    <subfield code="a">Student Research Abstract: "Hard to Understand, Easy to Ignore": An Automated Approach to Predict Mobile App Permission Requests</subfield>
  <datafield tag="536" ind1=" " ind2=" ">
    <subfield code="c">675730</subfield>
    <subfield code="a">Privacy and Usabiliy</subfield>
  <datafield tag="650" ind1="1" ind2="7">
    <subfield code="a">cc-by</subfield>
    <subfield code="2"></subfield>
Views 103
Downloads 114
Data volume 100.5 MB
Unique views 76
Unique downloads 111


Cite as