Discovering Security Risks of Android Apps Using Metadata

The proliferation of mobile devices also increases security threats to these devices and mobile applications. These devices do require and enable the development of different security mechanisms for the reason that they are different from traditional computer systems. One of these different mechanisms is the distribution of Android applications. Unlike traditional application distribution mechanisms, Android applications are distributed centrally, so an application's definition, score, user comments, and the like can be obtained in Android markets. In recent years, the analysis of the Android applications using this metadata has begun to gain importance. In this project, we aim to reveal the security risks related to the application by taking advantage of this information.

Sponsored by Tubitak

RESEARCH TOPICS

  • Android Security
  • Natural Language Processing
  • Natural Language Generation

TEAM

Dr. Sevil Sen

Cyber Security, ML

PI

Dr. Burcu Can

NLP

Co-PI

Beyza Çevik

Android, NLP

BSc Student

Hüseyin Aleçakır

NLP

Researcher

PUBLICATIONS

Lib2Desc: Automatic Generation of Security-centric Android App Descriptions using Third-party Libraries

B. Cevik, N. Altiparmak, M. Aksu, S. Sen

International Journal of Information Security, 2022

Android Security using NLP Techniques: A Review

B. Can, Sevil Sen

arXiV:2107.03072

Attention: There is an Inconsistency between Android Permissions and Application Metadata!

H. Alecakir, B. Can, S. Sen

International Journal of Information Security, 2021

Discovering Inconsistencies between Requested Permissions and Application Metadata by using Deep Learning

H. Alecakir, M. Kabukcu, B. Can, S. Sen

ISCTurkey 2020

THESIS

Student: Muhammet Kabukcu, MSc
Thesis title: An RNN-Based Approach For Discovering Inconsistencies Between Permissions and Metadata in Android Applications

Date: September, 2019

Supervisor: Burcu Can, Sevil Sen