Lib2Desc: automatic generation of security-centric Android app descriptions using third-party libraries
| dc.authorid | Sen, Sevil/0000-0001-5814-9973 | |
| dc.authorid | Cevik, Beyza/0000-0002-3266-2389 | |
| dc.authorwosid | Sen, Sevil/AGP-4619-2022 | |
| dc.contributor.author | Çevik, Beyza | |
| dc.contributor.author | Altıparmak, Nur | |
| dc.contributor.author | Aksu, Murat | |
| dc.contributor.author | Şen, Sevil | |
| dc.date.accessioned | 2023-03-22T19:47:31Z | |
| dc.date.available | 2023-03-22T19:47:31Z | |
| dc.date.issued | 2022 | |
| dc.department | Belirlenecek | en_US |
| dc.description.abstract | Android app developers are expected to specify the use of dangerous permissions in their app descriptions. The absence of such data indicates suspicious behavior. However, this is not always caused by the malicious intent of developers; it may be due to the lack of documentation of the third-party libraries they use. To fill this gap in the literature, this study aims to enrich application descriptions with security-centric information of third-party libraries. To automatically generate application definitions, the study explores classifying libraries and extracting code summaries of library methods that use dangerous permissions and/or leak data. Both the textual information of third-party libraries and their source code are used to create these definitions. To the best of our knowledge, this is the first approach in the literature that creates app descriptions based on third-party libraries. | en_US |
| dc.description.sponsorship | TUBITAK; Scientific and Technological Research Council of Turkey [TUBITAK-118E141] | en_US |
| dc.description.sponsorship | We would like to thank TUBITAK for its support. This study is supported by the Scientific and Technological Research Council of Turkey (TUBITAK-118E141). | en_US |
| dc.identifier.doi | 10.1007/s10207-022-00601-x | |
| dc.identifier.endpage | 1125 | en_US |
| dc.identifier.issn | 1615-5262 | |
| dc.identifier.issn | 1615-5270 | |
| dc.identifier.issue | 5 | en_US |
| dc.identifier.scopus | 2-s2.0-85135358336 | en_US |
| dc.identifier.scopusquality | Q1 | en_US |
| dc.identifier.startpage | 1107 | en_US |
| dc.identifier.uri | https://doi.org/10.1007/s10207-022-00601-x | |
| dc.identifier.uri | https://hdl.handle.net/20.500.14034/748 | |
| dc.identifier.volume | 21 | en_US |
| dc.identifier.wos | WOS:000836129900001 | en_US |
| dc.identifier.wosquality | Q2 | en_US |
| dc.indekslendigikaynak | Web of Science | en_US |
| dc.indekslendigikaynak | Scopus | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | Springer | en_US |
| dc.relation.journal | International Journal Of Information Security | en_US |
| dc.relation.publicationcategory | Makale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanı | en_US |
| dc.rights | info:eu-repo/semantics/closedAccess | en_US |
| dc.subject | Android security | en_US |
| dc.subject | Description-to-permission fidelity | en_US |
| dc.subject | Third-party libraries | en_US |
| dc.subject | NLP | en_US |
| dc.subject | NLG | en_US |
| dc.subject | Selection | en_US |
| dc.title | Lib2Desc: automatic generation of security-centric Android app descriptions using third-party libraries | en_US |
| dc.type | Article | en_US |
Dosyalar
Orijinal paket
1 - 1 / 1
Yükleniyor...
- İsim:
- murat aksu.pdf
- Boyut:
- 1.12 MB
- Biçim:
- Adobe Portable Document Format
- Açıklama:
- Tam metin / Full text
