Show simple item record

dc.contributor.authorKarim, Md Yasser
dc.contributor.authorKagdi, Huzefa Hatimbhai
dc.contributor.authorDi Penta, Massimiliano
dc.identifier.citationM. Y. Karim, H. Kagdi and M. D. Penta, "Mining Android Apps to Recommend Permissions," 2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering (SANER), Suita, 2016, pp. 427-437en_US
dc.descriptionClick on the DOI link to access the article (may not be free).en_US
dc.description.abstractPermission mechanisms play a crucial role for ensuring privacy and security of Android mobile applications (apps). An Android app that requires access to the device resources must be granted specific permissions for its correct operation. Oftentimes, the requested permissions depend on the APIs being used, e.g., a location-based service API may need a specific permission to access the device's GPS or an API supporting data persistence may need another permission to write to the device's external storage. App developers need to be aware of this API from/to permission traceability, which is not necessarily explicitly documented, for the proper functioning of the desired app feature. This paper presents an approach, named ApMiner, which relies on association rule discovery to identify co-occurrence patterns of Android APIs and permissions. Based on the usage of APIs and permissions in other apps published in a marketplace, the approach is able to learn and help a developer of a new app to recommend the permissions to be added given the APIs being used. ApMiner has been empirically evaluated on 600 apps from F-Droid, a marketplace for free and open source apps. We compared ApMiner with the state-of-the-art approaches Androguard and PScout, which rely on traditional static and dynamic analyses to recommend permissions. Results show that ApMiner has substantial precision gains (about 1.5 to 2 times) over the compared approaches, while keeping a similar and slightly better level of recall. Overall, our findings suggest that a mining based approach could offer much improved effectiveness in automatically recommending permissions in developing (new) Android apps.en_US
dc.relation.ispartofseries2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering (SANER);
dc.subjectApp Developeren_US
dc.subjectAssociation Ruleen_US
dc.titleMining android apps to recommend permissionsen_US
dc.typeConference paperen_US
dc.rights.holder© Copyright 2016 IEEE - All rights reserved.en_US

Files in this item


There are no files associated with this item.

This item appears in the following Collection(s)

Show simple item record