Detecting Inconsistencies between Android App Descriptions and Permissions

posted in #IT Security, Mobile & Cloud on the 15.02.2023

Android users are offered a vast number of apps that provide a variety of functionalities and assistance in everyday life. While the functionality of the applications can have a strong impact on the privacy of the user, permissions are introduced as a mechanism that protects users’ assets by asking for explicit consent when accessing privacy-sensitive data. Nevertheless, users often struggle to find a connection between requested permissions and the description of the app.
To reliably identify if the need for permission is justified is a challenging task that we aim to tackle in this project. We propose a novel machine-learning approach that predicts app behavior based on the information provided by developers. We create a dataset with 46 000+ app descriptions and permissions. Furthermore, we design a model using a state-of-the-art Transformer that identifies whether the need for permission is outlined in the description of the app and to what extent.

Downloads

File Description File size
pdf Project report Version 1.0
618 KB