DescribeCtx: Context-Aware Description Synthesis for Sensitive Behaviors in Mobile Apps

While mobile applications (i.e., apps) are becoming capable of handling various needs from users, their increasing access to sensitive data raises privacy concerns. To inform such sensitive behaviors to users, existing techniques propose to automatically identify explanatory sentences from app descr...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:2022 IEEE/ACM 44th International Conference on Software Engineering (ICSE) s. 685 - 697
Hlavní autori: Yang, Shao, Wang, Yuehan, Yao, Yuan, Wang, Haoyu, Ye, Yanfang Fanny, Xiao, Xusheng
Médium: Konferenčný príspevok..
Jazyk:English
Vydavateľské údaje: ACM 01.05.2022
Predmet:
Behavioral sciences
Codes
deep learning
description synthesis
Feature extraction
Mobile applications
mobile apps
Privacy
static analysis
Training
Vocabulary
ISSN:1558-1225
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:While mobile applications (i.e., apps) are becoming capable of handling various needs from users, their increasing access to sensitive data raises privacy concerns. To inform such sensitive behaviors to users, existing techniques propose to automatically identify explanatory sentences from app descriptions; however, many sensitive behaviors are not explained in the corresponding app descriptions. There also exist general techniques that translate code to sentences. However, these techniques lack the vocabulary to explain the uses of sensitive data and fail to consider the context (i.e., the app functionalities) of the sensitive behaviors. To address these limitations, we propose Describectx, a context-aware description synthesis approach that trains a neural machine translation model using a large set of popular apps, and generates app-specific descriptions for sensitive behaviors. Specifically, Describectx encodes three heterogeneous sources as input, i.e., vocabularies provided by privacy policies, behavior summary provided by the call graphs in code, and contextual information provided by GUI texts. Our evaluations on 1,262 Android apps show that, compared with existing baselines, Describectx produces more accurate descriptions (24.96 in BLEU) and achieves higher user ratings with respect to the reference sen-tences manually identified in the app descriptions.
ISSN:1558-1225
DOI:10.1145/3510003.3510058