{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,6]],"date-time":"2026-01-06T13:54:15Z","timestamp":1767707655791,"version":"3.37.3"},"reference-count":91,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"9","license":[{"start":{"date-parts":[[2018,9,1]],"date-time":"2018-09-01T00:00:00Z","timestamp":1535760000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"}],"funder":[{"name":"Hong Kong GRF","award":["PolyU 5389\/13E","152279\/16E"],"award-info":[{"award-number":["PolyU 5389\/13E","152279\/16E"]}]},{"name":"Shenzhen City Science and Technology R&D Fund","award":["JCYJ20150630115257892"],"award-info":[{"award-number":["JCYJ20150630115257892"]}]},{"name":"Hong Kong RGC Project","award":["CityU C1008-16G"],"award-info":[{"award-number":["CityU C1008-16G"]}]},{"name":"HKPolyU Research","award":["G-YBJX"],"award-info":[{"award-number":["G-YBJX"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"crossref","award":["61602371"],"award-info":[{"award-number":["61602371"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IIEEE Trans. Software Eng."],"published-print":{"date-parts":[[2018,9,1]]},"DOI":"10.1109\/tse.2017.2730198","type":"journal-article","created":{"date-parts":[[2017,7,21]],"date-time":"2017-07-21T18:28:53Z","timestamp":1500661733000},"page":"834-854","source":"Crossref","is-referenced-by-count":48,"title":["Enhancing the Description-to-Behavior Fidelity in Android Apps with Privacy Policy"],"prefix":"10.1109","volume":"44","author":[{"given":"Le","family":"Yu","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9082-3208","authenticated-orcid":false,"given":"Xiapu","family":"Luo","sequence":"additional","affiliation":[]},{"given":"Chenxiong","family":"Qian","sequence":"additional","affiliation":[]},{"given":"Shuai","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Hareton K. N.","family":"Leung","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref73","article-title":"Securing Android: A survey, taxonomy, and challenges","volume":"47","author":"tan","year":"2015","journal-title":"ACM Comput Surveys"},{"key":"ref72","doi-asserted-by":"crossref","DOI":"10.14722\/ndss.2015.23145","article-title":"CopperDroid: Automatic reconstruction of\n Android malware behaviors","author":"tam","year":"2015","journal-title":"Proc Symp Network and Distributed System Security"},{"key":"ref71","doi-asserted-by":"publisher","DOI":"10.1145\/3017427"},{"key":"ref70","doi-asserted-by":"crossref","first-page":"28e","DOI":"10.1136\/amiajnl-2013-002605","article-title":"Availability and quality of\n mobile health app privacy policies","volume":"22","author":"sunyaev","year":"2015","journal-title":"J Amer Medical Informat Assoc"},{"key":"ref76","first-page":"241","article-title":"Understanding the inconsistencies between text descriptions and\n the use of privacy-sensitive resources of mobile apps","author":"watanabe","year":"2015","journal-title":"Proc Symp Usable Privacy Secur"},{"key":"ref77","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420956"},{"year":"2013","key":"ref74"},{"key":"ref39","first-page":"1606","article-title":"Computing semantic relatedness using Wikipedia-based explicit semantic analysis","author":"gabrilovich","year":"2007","journal-title":"Proc 20th Int Joint Conf Artif Intell"},{"key":"ref75","article-title":"SOOT&#x2014;a Java bytecode optimization framework","author":"vallee-rai","year":"1999","journal-title":"Proc Conf Centre Adv Studies Collaborative Res"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1145\/2635868.2635869"},{"article-title":"Andrubis: Android malware under the magnifying glass","year":"2014","author":"weichselbaum","key":"ref78"},{"key":"ref79","first-page":"623","article-title":"The impact of vendor customizations on Android security","author":"wu","year":"2013","journal-title":"Proc ACM SIGSAC Conf Comput Commun Secur"},{"key":"ref33","first-page":"146","article-title":"What\n Websites know about you","author":"costante","year":"2012","journal-title":"Proc Data Privacy Manage Auton Spontaneous Secur"},{"key":"ref32","article-title":"Contextual policy enforcement in Android\n applications with permission event graphs","author":"chen","year":"2013","journal-title":"Proc Symp Network and Distributed System Security"},{"key":"ref31","first-page":"1628","article-title":"Parsing to Stanford dependencies: Trade-offs\n between speed and accuracy","author":"cer","year":"2010","journal-title":"Proc 3rd Int Conf Language Resources Eval"},{"key":"ref30","doi-asserted-by":"crossref","DOI":"10.14722\/ndss.2015.23140","article-title":"EdgeMiner: Automatically detecting implicit control flow\n transitions through the Android framework","author":"cao","year":"2015","journal-title":"Proc Symp Network and Distributed System Security"},{"key":"ref37","first-page":"22","article-title":"Permission re-delegation: Attacks and defenses","author":"felt","year":"2011","journal-title":"Proc Usenix Security Conf"},{"key":"ref36","first-page":"627","article-title":"Android permissions demystified","author":"felt","year":"2011","journal-title":"Proc ACM SIGSAC Conf Comput Commun Secur"},{"key":"ref35","first-page":"393","article-title":"TaintDroid: An information-flow tracking\n system for realtime privacy monitoring on smartphones","author":"enck","year":"2010","journal-title":"Proc USENIX Conf Operating System Design and Implementations"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-49538-X_5"},{"key":"ref60","first-page":"605","article-title":"Unsupervised alignment of privacy policies\n using hidden Markov models","author":"ramanath","year":"2014","journal-title":"Proc 32nd Ann Meeting Assoc for Computational Linguistics"},{"key":"ref62","first-page":"209","article-title":"AppsPlayground: Automatic large-scale dynamic analysis of Android applications","author":"rastogi","year":"2013","journal-title":"Proc 3rd ACM Conf Data Appl Secur Privacy"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23039"},{"key":"ref63","first-page":"256","article-title":"Uranine: Real-time privacy leakage monitoring without system\n modification for Android","author":"rastogi","year":"2015","journal-title":"Proc Int Conf Secur Privacy Commun Syst"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1007\/s00766-013-0190-7"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1145\/2996358"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1145\/2133806.2133826"},{"year":"2017","author":"richard","key":"ref65"},{"key":"ref66","first-page":"1","article-title":"A design space for\n effective privacy notices","author":"schaub","year":"2015","journal-title":"Proc Symp Usable Privacy Secur"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/RE.2014.6912258"},{"year":"2015","author":"slavin","key":"ref67"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.2307\/40041279"},{"article-title":"Understanding privacy","year":"2008","author":"solove","key":"ref69"},{"year":"2016","key":"ref2"},{"year":"2017","key":"ref1"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/2594291.2594299"},{"key":"ref22","first-page":"1101","article-title":"On demystifying the Android application framework: Re-visiting Android\n permission specification analysis","author":"backes","year":"2016","journal-title":"Proc Usenix Secur Symp"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382222"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1145\/2259051.2259056"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1145\/2808117.2808119"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978422"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2014.2322867"},{"key":"ref50","doi-asserted-by":"crossref","DOI":"10.14722\/ndss.2015.23287","article-title":"Checking more and alerting less: Detecting privacy leakages\n via enhanced data-flow analysis and peer voting","author":"lu","year":"2015","journal-title":"Proc Symp Network and Distributed System Security"},{"key":"ref51","first-page":"4","article-title":"Automated text mining for requirements\n analysis of policy documents","author":"massey","year":"2013","journal-title":"Proc 21st IEEE Int Requirements Eng Conf"},{"key":"ref91","doi-asserted-by":"crossref","DOI":"10.14722\/ndss.2017.23034","article-title":"Automated analysis of privacy requirements\n for mobile apps","author":"zimmeck","year":"2017","journal-title":"Proc Symp Network and Distributed System Security"},{"key":"ref90","first-page":"1","article-title":"Privee: An architecture for automatically analyzing web privacy policies","author":"zimmeck","year":"2014","journal-title":"Proc Usenix Secur Symp"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660287"},{"key":"ref58","first-page":"180","article-title":"On tracking information flows through JNI\n in Android applications","author":"qian","year":"2014","journal-title":"Proc 44th Annu IEEE\/IFIP Int Conf Depend Syst Netw"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1109\/MM.2015.25"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23328"},{"key":"ref55","first-page":"527","article-title":"WHYPER: Towards automating risk assessment of mobile applications","author":"pandita","year":"2013","journal-title":"Proc Usenix Secur Symp"},{"key":"ref54","article-title":"ARKref: A rule-based coreference resolution system","author":"oconnor","year":"2013","journal-title":"arXiv 1310 1975"},{"key":"ref53","first-page":"993","article-title":"UIPicker:\n User-input privacy identification in mobile applications","author":"nan","year":"2015","journal-title":"Proc Usenix Secur Symp"},{"key":"ref52","first-page":"1","article-title":"A requirements-based comparison of privacy taxonomies","author":"massey","year":"2008","journal-title":"Proc Requirements Eng Law"},{"year":"2015","key":"ref10"},{"year":"2016","key":"ref11"},{"key":"ref40","first-page":"1","article-title":"Learning\n semantic constraints for the automatic discovery of part-whole relations","author":"girju","year":"2003","journal-title":"Proc Conf North Amer Chapter Assoc Comput Linguistics Human Language Technol"},{"year":"2017","key":"ref12"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2016.11.011"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1007\/s00766-003-0183-z"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2004.1281243"},{"key":"ref82","first-page":"569","article-title":"DroidScope: Seamlessly reconstructing OS and Dalvik semantic views for dynamic Android malware\n analysis","author":"yan","year":"2012","journal-title":"Proc Usenix Secur Symp"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1007\/s00766-003-0183-z"},{"key":"ref81","doi-asserted-by":"publisher","DOI":"10.1145\/2963145"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/ICRE.2002.1048502"},{"key":"ref84","first-page":"415","article-title":"Revisiting the description-to-behavior fidelity in\n Android applications","author":"yu","year":"2016","journal-title":"Proc IEEE 23rd Int Conf Softw Anal Evol Reengineering"},{"year":"2015","key":"ref18"},{"key":"ref83","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2015.50"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23247"},{"key":"ref80","doi-asserted-by":"crossref","DOI":"10.1145\/2393596.2393608","article-title":"Automated extraction of\n security policies from natural language software documents","author":"xiao","year":"2012","journal-title":"Proc of the ACM SIGSOFT Int'l Symp on the Foundations of Softw Eng"},{"key":"ref89","article-title":"Hey, you, get off of my market: Detecting\n malicious apps in official and alternative Android markets","author":"zhou","year":"2012","journal-title":"Proc Symp Network and Distributed System Security"},{"year":"2016","key":"ref4"},{"year":"2017","key":"ref3"},{"year":"2016","key":"ref6"},{"year":"2012","key":"ref5"},{"key":"ref85","doi-asserted-by":"publisher","DOI":"10.1145\/2808117.2808125"},{"year":"2014","key":"ref8"},{"key":"ref86","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660359"},{"year":"2017","key":"ref7"},{"year":"2015","key":"ref49"},{"key":"ref87","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-24177-7_15"},{"key":"ref88","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516689"},{"year":"2015","key":"ref9"},{"key":"ref46","first-page":"280","article-title":"IccTA: detecting inter-component privacy leaks in Android apps","author":"li","year":"2015","journal-title":"Proceedings of the International Conference on Software Engineering ICSE'94"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813689"},{"key":"ref48","first-page":"884","article-title":"A step towards usable privacy policy: Automatic\n alignment of privacy statements","author":"liu","year":"2014","journal-title":"Proc 25th Int Conf Comput Linguistics"},{"key":"ref47","doi-asserted-by":"crossref","first-page":"318","DOI":"10.1145\/2931037.2931044","article-title":"DroidRA: Taming reflection to support\n whole-program analysis of Android apps","author":"li","year":"2016","journal-title":"Proc Int Symp Software Testing Anal"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1145\/2307636.2307663"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1145\/2568225.2568276"},{"year":"2015","key":"ref44"},{"key":"ref43","first-page":"977","article-title":"SUPOR: Precise and scalable sensitive user\n input detection for Android apps","author":"huang","year":"2015","journal-title":"Proc Usenix Security Symp"}],"container-title":["IEEE Transactions on Software Engineering"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/32\/8466741\/07987793.pdf?arnumber=7987793","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,26]],"date-time":"2022-01-26T10:41:02Z","timestamp":1643193662000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/7987793\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,9,1]]},"references-count":91,"journal-issue":{"issue":"9"},"URL":"https:\/\/doi.org\/10.1109\/tse.2017.2730198","relation":{},"ISSN":["0098-5589","1939-3520","2326-3881"],"issn-type":[{"type":"print","value":"0098-5589"},{"type":"electronic","value":"1939-3520"},{"type":"electronic","value":"2326-3881"}],"subject":[],"published":{"date-parts":[[2018,9,1]]}}}