Catering to Your Concerns: Automatic Generation of Personalised Security-Centric Descriptions for Android Apps

Android users are increasingly concerned with the privacy of their data and security of their devices. To improve the security awareness of users, recent automatic techniques produce security-centric descriptions by performing program analysis. However, the generated text does not always address users’ concerns as they are generally too technical to be understood by ordinary users. Moreover, different users have varied linguistic preferences that do not match the text. Motivated by this challenge, we develop an innovative scheme to help users avoid malware and privacy-breaching apps by generating security descriptions that explain the privacy and security related aspects of an Android app in clear and understandable terms. We implement a prototype system, PERSCRIPTION, to generate personalised security-centric descriptions that automatically learn users’ security concerns and linguistic preferences to produce user-oriented descriptions. We evaluate our scheme through experiments and user studies. The results clearly demonstrate the improvement on readability and users’ security awareness of PERSCRIPTION’s descriptions compared to existing description generators.