Skip to content

Latest commit

 

History

History
105 lines (94 loc) · 3.63 KB

README.md

File metadata and controls

105 lines (94 loc) · 3.63 KB
Raw

3PDroid

Python Version License: AGPL v3

3PDroid is a Python tool for verifying if an Android app complies with the Google Play privacy guidelines described here. 3PDroid is based on a combination of static analysis, dynamic analysis, and machine learning techniques to assess if an Android app complies with the Google Play privacy guidelines or not.

❱ Publication

More details about 3PDroid can be found in the paper "On the (Un)Reliability of Privacy Policies in Android Apps"

Please use the following bibtex entry to cite our work:

@InProceedings{3pdroid,
  author = {Luca Verderame and Davide Caputo and Andrea Romdhana and Alessio Merlo},
  title = {On the (Un)Reliability of Privacy Policies in Android Apps},
  booktitle = {Proc. of the IEEE International Joint Conference on Neural Networks (IJCNN 2020)},
  month = {July},
  year = {2020},
  address = {Glasgow, UK}
}

❱ Requirements

  • Tested only on Ubuntu 18.04 and Ubuntu 20.04
  • Use python 3.7.5
  • Install virtualenv 
    $ pip3 install virtualenv
  • Download Oracle VirtualBox
  • Download emulator
  • Setup emulator (if needed)
    • Obtain root permissions (if needed)
    • emulator with nat e forward ports 5555 and 5554
    • emulator with bridged adapter
    • install droidbot app (download)
  • Enable accessibility services
  • Add adb path in PATH environment variable
  • Download nltk resources 
    import nltk
nltk.download("stopwords")
nltk.download("punkt")

OPTIONAL, if you want to use appium and the random modality (default is Droidbot)

  • Download appium 
    $ npm install -g appium
$ npm install -g appium-doctor
  • Verify appium installation 
    $ appium-doctor --android

❱ Start Analysis

  1. Create Virtualenv
$ virtualenv -p python3 venv
  1. Enable Virtualenv
$ source venv/bin/activate
  1. Install Requirements
$ pip install -r requirements
  1. Start Emulator Manager
$ python3 emulator_manager.py
  1. Move apps to analyze within apps dir
  2. Start experiments
$ python3 3Pdroid.py -t 10 -m 20 --type Droidbot --emulator-name AndroidEmulator -d \home\user\path\3PDroid\apps

❱ After Analysis

  • Check if the apps with privacy policy contain explicit acceptance or not 
    $ python3 explicit_acceptance_policy_page.py
  • Update results with some new data and stats 
    $ python3 update_stats_experiments.py
  • CREvaluator (see "On the (Un)Reliability of Privacy Policies in Android Apps" for more information) 
    $ python3 CREvaluator.py

❱ License

This tool is available under a dual license: a commercial one required for closed source projects or commercial projects, and an AGPL license for open-source projects.

Depending on your needs, you must choose one of them and follow its policies. A detail of the policies and agreements for each license type is available in the LICENSE.COMMERCIAL and LICENSE files.