{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:28:48Z","timestamp":1750220928146,"version":"3.41.0"},"reference-count":49,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2019,9,4]],"date-time":"2019-09-04T00:00:00Z","timestamp":1567555200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Cyber-Phys. Syst."],"published-print":{"date-parts":[[2019,10,31]]},"abstract":"<jats:p>Android users are increasingly concerned with the privacy of their data and security of their devices. To improve the security awareness of users, recent automatic techniques produce security-centric descriptions by performing program analysis. However, the generated text does not always address users\u2019 concerns as they are generally too technical to be understood by ordinary users. Moreover, different users have varied linguistic preferences that do not match the text. Motivated by this challenge, we develop an innovative scheme to help users avoid malware and privacy-breaching apps by generating security descriptions that explain the privacy and security related aspects of an Android app in clear and understandable terms. We implement a prototype system, PERSCRIPTION, to generate personalised security-centric descriptions that automatically learn users\u2019 security concerns and linguistic preferences to produce user-oriented descriptions. We evaluate our scheme through experiments and user studies. The results clearly demonstrate the improvement on readability and users\u2019 security awareness of PERSCRIPTION\u2019s descriptions compared to existing description generators.<\/jats:p>","DOI":"10.1145\/3317699","type":"journal-article","created":{"date-parts":[[2019,9,5]],"date-time":"2019-09-05T12:14:48Z","timestamp":1567685688000},"page":"1-21","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Catering to Your Concerns"],"prefix":"10.1145","volume":"3","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-0626-3576","authenticated-orcid":false,"given":"Tingmin","family":"Wu","sequence":"first","affiliation":[{"name":"Swinburne University of Technology and Data61, CSIRO, Australia"}]},{"given":"Lihong","family":"Tang","sequence":"additional","affiliation":[{"name":"Swinburne University of Technology and Data61, CSIRO, Australia"}]},{"given":"Rongjunchen","family":"Zhang","sequence":"additional","affiliation":[{"name":"Swinburne University of Technology, Australia"}]},{"given":"Sheng","family":"Wen","sequence":"additional","affiliation":[{"name":"Swinburne University of Technology, Australia"}]},{"given":"Cecile","family":"Paris","sequence":"additional","affiliation":[{"name":"Data61, CSIRO, Australia"}]},{"given":"Surya","family":"Nepal","sequence":"additional","affiliation":[{"name":"Data61, CSIRO, Australia"}]},{"given":"Marthie","family":"Grobler","sequence":"additional","affiliation":[{"name":"Data61, CSIRO, Australia"}]},{"given":"Yang","family":"Xiang","sequence":"additional","affiliation":[{"name":"Swinburne University of Technology, Australia"}]}],"member":"320","published-online":{"date-parts":[[2019,9,4]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICASSP.2014.6853738"},{"key":"e_1_2_1_2_1","unstructured":"Amazon. 2018. Amazon\u2019s Mechanical Turk. Retrieved from https:\/\/requester.mturk.com\/.  Amazon. 2018. Amazon\u2019s Mechanical Turk. Retrieved from https:\/\/requester.mturk.com\/."},{"key":"e_1_2_1_3_1","first-page":"23","article-title":"DREBIN: Effective and explainable detection of android malware in your pocket","volume":"14","author":"Arp Daniel","year":"2014","journal-title":"NDSS"},{"volume-title":"Proceedings of the European Conference on Information Systems (ECIS'14)","year":"2014","author":"Codish David","key":"e_1_2_1_4_1"},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2014.2386139"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2335356.2335360"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2381934.2381945"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1022602019183"},{"key":"e_1_2_1_9_1","unstructured":"Google. 2018. Android Documentation. Retrieved from https:\/\/developer.android.com\/reference\/org\/w3c\/dom\/Document.html.  Google. 2018. Android Documentation. Retrieved from https:\/\/developer.android.com\/reference\/org\/w3c\/dom\/Document.html."},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2017.2782881"},{"volume-title":"John and Sanjay Srivastava","year":"1999","author":"Oliver","key":"e_1_2_1_11_1"},{"volume-title":"Chissom","year":"1975","author":"Kincaid J. Peter","key":"e_1_2_1_12_1"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1080\/01638539809545028"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.3115\/974557.974596"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom.2013.20"},{"volume-title":"Proceedings of the 10th Symposium On Usable Privacy and Security (SOUPS'14)","author":"Lin Jialiu","key":"e_1_2_1_16_1"},{"volume-title":"Symposium on Usable Privacy and Security.","author":"Liu Bin","key":"e_1_2_1_17_1"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2684822.2685322"},{"key":"e_1_2_1_19_1","first-page":"19","article-title":"On the practice of dichotomization of quantitative variables.Psychol","volume":"7","author":"MacCallum Robert C.","year":"2002","journal-title":"Methods"},{"volume-title":"Proceedings of the 45th Annual Meeting of the Association of Computational Linguistics. 496--503","year":"2007","author":"Mairesse Fran\u00e7ois","key":"e_1_2_1_20_1"},{"volume-title":"Proceedings of ACL-08: HLT","year":"2008","author":"Mairesse Fran\u00e7ois","key":"e_1_2_1_21_1"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11257-010-9076-2"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1162\/COLI_a_00063"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/MIS.2017.23"},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1515\/text.1.1988.8.3.243"},{"key":"e_1_2_1_26_1","unstructured":"William A. McConochie. 2007. The Big Five Inventory (BFI) Manual. Retrieved from https:\/\/www.testmasterinc.com\/Tests\/BFI\/BFI\\_Manual.pdf.  William A. McConochie. 2007. The Big Five Inventory (BFI) Manual. Retrieved from https:\/\/www.testmasterinc.com\/Tests\/BFI\/BFI\\_Manual.pdf."},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1111\/j.1467-6494.1992.tb00970.x"},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/219717.219748"},{"volume-title":"Understandable learning of privacy preferences through default personas and suggestions","year":"2011","author":"Mugan Jonathan","key":"e_1_2_1_29_1"},{"key":"e_1_2_1_30_1","volume-title":"IEEE Symposium on Security and Privacy","volume":"2","author":"Mulliner Collin","year":"2011"},{"key":"e_1_2_1_31_1","volume-title":"USENIX Security Symposium","volume":"2013","author":"Pandita Rahul","year":"2013"},{"key":"e_1_2_1_32_1","first-page":"2001","article-title":"Linguistic inquiry and word count: LIWC 2001. Mahway","volume":"71","author":"Pennebaker James W.","year":"2001","journal-title":"Lawrence Erlbaum Associates"},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1037\/0022-3514.77.6.1296"},{"volume-title":"Olivier","year":"2012","author":"Pieterse Heloise","key":"e_1_2_1_34_1"},{"key":"e_1_2_1_35_1","volume-title":"Proceedings of the 51st Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers)","volume":"1","author":"Pilehvar Mohammad Taher","year":"2013"},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660287"},{"key":"e_1_2_1_37_1","first-page":"283","article-title":"What makes a good structural model of personality? evaluating the big five and alternatives","volume":"3","author":"Saucier Gerard","year":"2015","journal-title":"Handb. Pers. Social Psychol."},{"key":"e_1_2_1_38_1","first-page":"17","article-title":"Soundcomber: A stealthy and context-aware sound trojan for smartphones","volume":"11","author":"Schlegel Roman","year":"2011","journal-title":"NDSS"},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/2636242.2636244"},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2013.05.008"},{"key":"e_1_2_1_41_1","unstructured":"SpazioDati. 2017. Dandelion API. Retrieved from https:\/\/dandelion.eu\/docs\/api\/datatxt\/sim\/v1\/.  SpazioDati. 2017. Dandelion API. Retrieved from https:\/\/dandelion.eu\/docs\/api\/datatxt\/sim\/v1\/."},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.3115\/1218955.1218966"},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.5555\/1622637.1622648"},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/2493432.2493436"},{"volume-title":"Chin","year":"2014","author":"Wright William R.","key":"e_1_2_1_45_1"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.chb.2016.04.011"},{"key":"e_1_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2016.2639339"},{"key":"e_1_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813669"},{"key":"e_1_2_1_49_1","first-page":"50","article-title":"Hey, you, get off of my market: Detecting malicious apps in official and alternative android markets","volume":"25","author":"Zhou Yajin","year":"2012","journal-title":"NDSS"}],"container-title":["ACM Transactions on Cyber-Physical Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3317699","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3317699","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:53:16Z","timestamp":1750204396000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3317699"}},"subtitle":["Automatic Generation of Personalised Security-Centric Descriptions for Android Apps"],"short-title":[],"issued":{"date-parts":[[2019,9,4]]},"references-count":49,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2019,10,31]]}},"alternative-id":["10.1145\/3317699"],"URL":"https:\/\/doi.org\/10.1145\/3317699","relation":{},"ISSN":["2378-962X","2378-9638"],"issn-type":[{"type":"print","value":"2378-962X"},{"type":"electronic","value":"2378-9638"}],"subject":[],"published":{"date-parts":[[2019,9,4]]},"assertion":[{"value":"2018-07-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2019-03-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2019-09-04","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}