Android Security using NLP Techniques: A Review

• URL: http://arxiv.org/abs/2107.03072v1
• Date: Wed, 7 Jul 2021 08:33:00 GMT
• Title: Android Security using NLP Techniques: A Review
• Authors: Sevil Sen and Burcu Can
• Abstract summary: Android is among the most targeted platform by attackers. Traditional solutions based on static and dynamic analysis have been evolving. This study aims to explore possible research directions for future studies by presenting state-of-the-art in this domain.
• Score: 1.218340575383456
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Android is among the most targeted platform by attackers. While attackers are improving their techniques, traditional solutions based on static and dynamic analysis have been also evolving. In addition to the application code, Android applications have some metadata that could be useful for security analysis of applications. Unlike traditional application distribution mechanisms, Android applications are distributed centrally in mobile markets. Therefore, beside application packages, such markets contain app information provided by app developers and app users. The availability of such useful textual data together with the advancement in Natural Language Processing (NLP) that is used to process and understand textual data has encouraged researchers to investigate the use of NLP techniques in Android security. Especially, security solutions based on NLP have accelerated in the last 5 years and proven to be useful. This study reviews these proposals and aim to explore possible research directions for future studies by presenting state-of-the-art in this domain. We mainly focus on NLP-based solutions under four categories: description-to-behaviour fidelity, description generation, privacy and malware detection.

Related papers

• Mobile App Security Trends and Topics: An Examination of Questions From Stack Overflow [10.342268145364242]
  We mine Stack Overflow for questions on mobile app security, which we analyze using quantitative and qualitative techniques. The findings reveal that Stack Overflow is a major resource for developers seeking help with mobile app security, especially for Android apps. Insights from this research can inform the development of tools, techniques, and resources by the research and vendor community.
  arXiv  Detail & Related papers  (2024-09-12T10:45:45Z)
• Toward an Android Static Analysis Approach for Data Protection [7.785051236155595]
  This paper motivates the need to explain data protection in Android apps. The data analysis will recognize personal data sources in the source code. App developers can then address key questions about data manipulation and data manipulation derived data.
  arXiv  Detail & Related papers  (2024-02-12T18:52:39Z)
• A Large-Scale Study on the Prevalence and Usage of TEE-based Features on Android [0.0]
  This study focuses on the key areas of cryptography, digital rights management, biometric authentication, and secure dialogs. Through the analysis of 170,550 popular Android apps, our analysis illuminates the implementation of TEE-related features and their contextual usage.
  arXiv  Detail & Related papers  (2023-11-17T13:29:16Z)
• GAIA Search: Hugging Face and Pyserini Interoperability for NLP Training Data Exploration [97.68234051078997]
  We discuss how Pyserini can be integrated with the Hugging Face ecosystem of open-source AI libraries and artifacts. We include a Jupyter Notebook-based walk through the core interoperability features, available on GitHub. We present GAIA Search - a search engine built following previously laid out principles, giving access to four popular large-scale text collections.
  arXiv  Detail & Related papers  (2023-06-02T12:09:59Z)
• An Empirical Study of AI Techniques in Mobile Applications [10.43634556488264]
  We conducted the most extensive empirical study on AI applications, exploring on-device ML apps, on-device DL apps, and AI service-supported (cloud-based) apps. Our study has strong implications for AI app developers, users, and AI R&D.
  arXiv  Detail & Related papers  (2022-12-03T15:31:34Z)
• Why Should Adversarial Perturbations be Imperceptible? Rethink the Research Paradigm in Adversarial NLP [83.66405397421907]
  We rethink the research paradigm of textual adversarial samples in security scenarios. We first collect, process, and release a security datasets collection Advbench. Next, we propose a simple method based on rules that can easily fulfill the actual adversarial goals to simulate real-world attack methods.
  arXiv  Detail & Related papers  (2022-10-19T15:53:36Z)
• Meta Learning for Natural Language Processing: A Survey [88.58260839196019]
  Deep learning has been the mainstream technique in natural language processing (NLP) area. Deep learning requires many labeled data and is less generalizable across domains. Meta-learning is an arising field in machine learning studying approaches to learn better algorithms.
  arXiv  Detail & Related papers  (2022-05-03T13:58:38Z)
• FedNLP: A Research Platform for Federated Learning in Natural Language Processing [55.01246123092445]
  We present the FedNLP, a research platform for federated learning in NLP. FedNLP supports various popular task formulations in NLP such as text classification, sequence tagging, question answering, seq2seq generation, and language modeling. Preliminary experiments with FedNLP reveal that there exists a large performance gap between learning on decentralized and centralized datasets.
  arXiv  Detail & Related papers  (2021-04-18T11:04:49Z)
• Emerging App Issue Identification via Online Joint Sentiment-Topic Tracing [66.57888248681303]
  We propose a novel emerging issue detection approach named MERIT. Based on the AOBST model, we infer the topics negatively reflected in user reviews for one app version. Experiments on popular apps from Google Play and Apple's App Store demonstrate the effectiveness of MERIT.
  arXiv  Detail & Related papers  (2020-08-23T06:34:05Z)
• Mind the GAP: Security & Privacy Risks of Contact Tracing Apps [75.7995398006171]
  Google and Apple have jointly provided an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy. We demonstrate that in real-world scenarios the GAP design is vulnerable to (i) profiling and possibly de-anonymizing persons, and (ii) relay-based wormhole attacks that basically can generate fake contacts.
  arXiv  Detail & Related papers  (2020-06-10T16:05:05Z)
• SeMA: Extending and Analyzing Storyboards to Develop Secure Android Apps [0.0]
  SeMA is a mobile app development methodology that builds on existing mobile app design artifacts such as storyboards. An evaluation of the effectiveness of SeMA shows the methodology can detect and help prevent 49 vulnerabilities known to occur in Android apps.
  arXiv  Detail & Related papers  (2020-01-27T20:10:52Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.