PERUIM:通过权限- ui映射理解移动应用隐私

Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing Pub Date : 2016-09-12 DOI:10.1145/2971648.2971693

Yuanchun Li, Yao Guo, Xiangqun Chen

{"title":"PERUIM:通过权限- ui映射理解移动应用隐私","authors":"Yuanchun Li, Yao Guo, Xiangqun Chen","doi":"10.1145/2971648.2971693","DOIUrl":null,"url":null,"abstract":"Current mobile operating systems such as Android employ the permission-based access control mechanism, but it is difficult for users to understand how and why the permissions are used within a particular application. This paper introduces permission-UI mapping as an easy-to-understand representation to illustrate how permissions are used by different UI components within a given application. Connecting UI components to permissions helps users to understand the purpose of permission requests and also makes it possible to illustrate permission requests in a fine-grained manner. We propose PERUIM to extract the permission-UI mapping from an application based on both dynamic and static analysis, and represent the analysis results with a graphical representation. Experiments on popular mobile applications demonstrate the accuracy and applicability of the proposed approach.","PeriodicalId":303792,"journal":{"name":"Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-09-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"32","resultStr":"{\"title\":\"PERUIM: understanding mobile application privacy with permission-UI mapping\",\"authors\":\"Yuanchun Li, Yao Guo, Xiangqun Chen\",\"doi\":\"10.1145/2971648.2971693\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Current mobile operating systems such as Android employ the permission-based access control mechanism, but it is difficult for users to understand how and why the permissions are used within a particular application. This paper introduces permission-UI mapping as an easy-to-understand representation to illustrate how permissions are used by different UI components within a given application. Connecting UI components to permissions helps users to understand the purpose of permission requests and also makes it possible to illustrate permission requests in a fine-grained manner. We propose PERUIM to extract the permission-UI mapping from an application based on both dynamic and static analysis, and represent the analysis results with a graphical representation. Experiments on popular mobile applications demonstrate the accuracy and applicability of the proposed approach.\",\"PeriodicalId\":303792,\"journal\":{\"name\":\"Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing\",\"volume\":\"19 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-09-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"32\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2971648.2971693\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2971648.2971693","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 32

摘要

当前的移动操作系统(如Android)采用基于权限的访问控制机制，但用户很难理解在特定应用程序中如何以及为什么使用权限。本文介绍了权限-UI映射作为一种易于理解的表示，以说明给定应用程序中的不同UI组件如何使用权限。将UI组件连接到权限可以帮助用户理解权限请求的目的，还可以以细粒度的方式说明权限请求。我们建议PERUIM基于动态和静态分析从应用程序中提取权限- ui映射，并将分析结果用图形化表示。在流行的移动应用上的实验证明了该方法的准确性和适用性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

PERUIM: understanding mobile application privacy with permission-UI mapping

Current mobile operating systems such as Android employ the permission-based access control mechanism, but it is difficult for users to understand how and why the permissions are used within a particular application. This paper introduces permission-UI mapping as an easy-to-understand representation to illustrate how permissions are used by different UI components within a given application. Connecting UI components to permissions helps users to understand the purpose of permission requests and also makes it possible to illustrate permission requests in a fine-grained manner. We propose PERUIM to extract the permission-UI mapping from an application based on both dynamic and static analysis, and represent the analysis results with a graphical representation. Experiments on popular mobile applications demonstrate the accuracy and applicability of the proposed approach.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing

自引率

0.00%

发文量