Please use this identifier to cite or link to this item:
http://hdl.handle.net/10397/105678
Title: | Toward automatically generating privacy policy for Android apps | Authors: | Yu, L Zhang, T Luo, X Xue, L Chang, H |
Issue Date: | Apr-2017 | Source: | IEEE transactions on information forensics and security, Apr. 2017, v. 12, no. 4, p. 865-880 | Abstract: | A privacy policy is a statement informing users how their information will be collected, used, and disclosed. Failing to provide a correct privacy policy may result in a fine. However, writing privacy policy is tedious and error-prone, because the author may not understand the source code well as it could have been written by others (e.g., outsourcing), or the author does not know the internal working of third-party libraries used. In this paper, we propose and develop a novel system named AutoPPG to automatically construct correct and readable descriptions to facilitate the generation of privacy policy for Android applications (i.e., apps). Given an app, AutoPPG first conducts static code analysis to characterize its behaviors related to users' personal information, and then applies natural language processing techniques to generating correct and accessible sentences for describing these behaviors. The experimental results using real apps and crowdsourcing indicate that: 1) AutoPPG creates correct and easy-to-understand descriptions for privacy policies; 2) the privacy policies constructed by AutoPPG usually reveal more operations related to users' personal information than existing privacy policies; and 3) most developers, who reply us, would like to use AutoPPG to facilitate them. | Keywords: | Mobile applications Natural language processing Privacy policy Static code analysis |
Publisher: | Institute of Electrical and Electronics Engineers | Journal: | IEEE transactions on information forensics and security | ISSN: | 1556-6013 | EISSN: | 1556-6021 | DOI: | 10.1109/TIFS.2016.2639339 | Rights: | ©2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. The following publication L. Yu, T. Zhang, X. Luo, L. Xue and H. Chang, "Toward Automatically Generating Privacy Policy for Android Apps," in IEEE Transactions on Information Forensics and Security, vol. 12, no. 4, pp. 865-880, April 2017 is available at https://doi.org/10.1109/TIFS.2016.2639339. |
Appears in Collections: | Journal/Magazine Article |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
Zhang_Toward_Automatically_Generating.pdf | Pre-Published version | 2.15 MB | Adobe PDF | View/Open |
Page views
14
Citations as of Jun 30, 2024
Downloads
2
Citations as of Jun 30, 2024
SCOPUSTM
Citations
43
Citations as of Jul 4, 2024
WEB OF SCIENCETM
Citations
36
Citations as of Jul 4, 2024
Google ScholarTM
Check
Altmetric
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.