PriGen: Towards Automated Translation of Android Applications’ Code to Privacy Captions | SpringerLink
Skip to main content
Springer Nature Link
Log in

PriGen: Towards Automated Translation of Android Applications’ Code to Privacy Captions

  • Conference paper
  • First Online:
Research Challenges in Information Science (RCIS 2021)

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 415))

Included in the following conference series:

Abstract

Mobile applications are required to give privacy notices to the users when they collect or share personal information. Creating consistent and concise privacy notices can be a challenging task for developers. Previous work has attempted to help developers create privacy notices through a questionnaire or predefined templates. In this paper, we propose a novel approach and a framework, called PriGen, that extends these prior work. PriGen uses static analysis to identify Android applications’ code segments which process personal information (i.e. permission-requiring code segments) and then leverages a Neural Machine Translation model to translate them into privacy captions. We present the initial analysis of our translation task for \(\sim \)300,000 code segments.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
JPY 3498
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
JPY 13727
Price includes VAT (Japan)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
JPY 17159
Price includes VAT (Japan)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    https://www.github.com/vijayantajain/PDroid.

  2. 2.

    https://github.com/tech-srl/code2seq.

  3. 3.

    https://github.com/tech-srl/code2seq/blob/master/preprocess.sh.

  4. 4.

    https://developer.android.com/reference/.

  5. 5.

    https://github.com/tech-srl/code2seq/blob/master/config.py.

References

  1. Androguard. https://androguard.readthedocs.io/en/latest/

  2. Allix, K., Bissyandé, T.F., Klein, J., Le Traon, Y.: AndroZoo: collecting millions of android apps for the research community. In: Proceedings of the 13th International Conference on Mining Software Repositories MSR 2016, pp. 468–471. ACM (2016)

    Google Scholar 

  3. Alon, U., Brody, S., Levy, O., Yahav, E.: code2seq: Generating sequences from structured representations of code. In: International Conference on Learning Representations (2019)

    Google Scholar 

  4. Bahdanau, D., Cho, K., Bengio, Y.: Neural machine translation by jointly learning to align and translate (2014). arXiv preprint: arXiv:1409.0473

  5. Commission, F.T., et al.: Mobile Privacy Disclosures: Building Trust Through Transparency. Federal Trade Commission, USA (2013)

    Google Scholar 

  6. Gorla, A., Tavecchia, I., Gross, F., Zeller, A.: Checking app behavior against app descriptions. In: Proceedings of the 36th International Conference on Software Engineering, pp. 1025–1035 (2014)

    Google Scholar 

  7. Iyer, S., Konstas, I., Cheung, A., Zettlemoyer, L.: Summarizing source code using a neural attention model. In: Proceedings of the 54th Annual Meeting of the ACL, pp. 2073–2083 (2016)

    Google Scholar 

  8. Jiang, S., Armaly, A., McMillan, C.: Automatically generating commit messages from diffs using neural machine translation. In: 2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE), pp. 135–146 (2017)

    Google Scholar 

  9. LeClair, A., Haque, S., Wu, L., McMillan, C.: Improved code summarization via a graph neural network (2020). arXiv preprint: arXiv:2004.02843

  10. LeClair, A., McMillan, C.: Recommendations for datasets for source code summarization (2019). arXiv preprint: arXiv:1904.02660

  11. Lin, C.Y.: Rouge: a package for automatic evaluation of summaries. In: Text Summarization Branches Out, pp. 74–81 (2004)

    Google Scholar 

  12. Liu, X., Leng, Y., Yang, W., Wang, W., Zhai, C., Xie, T.: A large-scale empirical study on android runtime-permission rationale messages. In: The Symposium on Visual Languages and Human-Centric Computing, pp. 137–146. IEEE (2018)

    Google Scholar 

  13. Liu, X., Leng, Y., Yang, W., Zhai, C., Xie, T.: Mining android app descriptions for permission requirements recommendation. In: The 26th International Requirements Engineering Conference, pp. 147–158. IEEE (2018)

    Google Scholar 

  14. Loyola, P., Marrese-Taylor, E., Matsuo, Y.: A neural architecture for generating natural language descriptions from source code changes (2017). arXiv preprint: arXiv:1704.04856

  15. Okoyomon, E., et al.: On the ridiculousness of notice and consent: contradictions in app privacy policies (2019)

    Google Scholar 

  16. Papineni, K., Roukos, S., Ward, T., Zhu, W.J.: BLEU: a method for automatic evaluation of machine translation. In: Proceedings of the 40th Annual Meeting on Association for Computational Linguistics, pp. 311–318. ACL (2002)

    Google Scholar 

  17. Peddinti, S.T., Bilogrevic, I., Taft, N., Pelikan, M., Erlingsson, Ú., Anthonysamy, P., Hogben, G.: Reducing permission requests in mobile apps. In: Proceedings of the Internet Measurement Conference, pp. 259–266 (2019)

    Google Scholar 

  18. Reyes, I., et al.: “won’t somebody think of the children?’’ Examining COPPA compliance at scale. Proc. PETS 2018(3), 63–83 (2018)

    Google Scholar 

  19. Rosen, S., Qian, Z., Mao, Z.M.: Appprofiler: a flexible method of exposing privacy-related behavior in android applications to end users. In: Proceedings of the Third ACM Conference on Data and Application Security and Privacy, pp. 221–232 (2013)

    Google Scholar 

  20. Rowan, M., Dehlinger, J.: Encouraging privacy by design concepts with privacy policy auto-generation in eclipse (page). In: Proceedings of the 2014 Workshop on Eclipse Technology eXchange, pp. 9–14 (2014)

    Google Scholar 

  21. Slavin, R., et al.: PVDetector: a detector of privacy-policy violations for android apps. In: IEEE/ACM International Conference of MOBILESoft, pp. 299–300 (2016)

    Google Scholar 

  22. Sun, R., Xue, M.: Quality assessment of online automated privacy policy generators: an empirical study. In: Proceedings of the Evaluation and Assessment in Software Engineering, pp. 270–275 (2020)

    Google Scholar 

  23. Yu, L., Zhang, T., Luo, X., Xue, L., Chang, H.: Toward automatically generating privacy policy for android apps. IEEE Trans. Inf. Forensics Secur. 12(4), 865–880 (2016)

    Article  Google Scholar 

  24. Zimmeck, S., Goldstein, R., Baraka, D.: Privacyflash pro: automating privacy policy generation for mobile apps. In: 28th Network and Distributed System Security Symposium (NDSS 2021). NDSS 2021, Internet Society, Online, February 2021

    Google Scholar 

  25. Zimmeck, S., et al.: Maps: scaling privacy compliance analysis to a million apps. Proc. PETs 2019(3), 66–86 (2019)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computing and Information Science, University of Maine, Orono, ME, USA

    Vijayanta Jain, Sanonda Datta Gupta & Sepideh Ghanavati

  2. Google Inc., Mountain View, USA

    Sai Teja Peddinti

Authors
  1. Vijayanta Jain
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sanonda Datta Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sepideh Ghanavati
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sai Teja Peddinti
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vijayanta Jain .

Editor information

Editors and Affiliations

  1. Conservatoire National des Arts et Métiers, Paris, France

    Samira Cherfi

  2. Fondazione Bruno Kessler, Trento, Italy

    Anna Perini

  3. University Paris 1 Panthéon-Sorbonne, Paris, France

    Selmin Nurcan

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Jain, V., Gupta, S.D., Ghanavati, S., Peddinti, S.T. (2021). PriGen: Towards Automated Translation of Android Applications’ Code to Privacy Captions. In: Cherfi, S., Perini, A., Nurcan, S. (eds) Research Challenges in Information Science. RCIS 2021. Lecture Notes in Business Information Processing, vol 415. Springer, Cham. https://doi.org/10.1007/978-3-030-75018-3_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-75018-3_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-75017-6

  • Online ISBN: 978-3-030-75018-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation