Semantic Analysis Based On Android Privacy Policy

With the continuous development of the mobile internet,personal information disclosure has extended to every corner of life.Privacy policies are closely related to personal privacy information.In recent years,China has issued a number of laws and regulations related to privacy policies to standardize the integrity and readability of the privacy policy content.However,the current sensitive information extraction methods for privacy policies are coarser and the consideration of information users is not complete; regulatory authorities mainly rely on manual analysis to review the compliance of privacy policies,which is inefficient,resulting in endless violations of privacy policies.On the basis of investigating the current situation in the field of privacy policies at home and abroad,this paper designs an Android Privacy Policy Evaluation Framework,which can automatically extract sensitive information,the subject of information use,and the way of information use mentioned in the privacy policy,and quantitatively evaluate APP compliance,provides technical support for intelligent evaluation of privacy policy compliance.The main work of the thesis includes:For the difficulty of understanding the privacy policy,the detection efficiency is low,and the intelligent assessment evaluation standard is relatively single,this paper designs a method for constructing the propagation chain based on SVO to distinguish between developers and third-party vendors,and defines four different use methods to reveal the flow of sensitive information in the privacy policy in fine granularity.Firstly,by analyzing the privacy policies and the content of regulatory documents,the automatic extraction paradigm is determined.Then,the transmission chain of sensitive information is extracted using semantic analysis technology.Finally,use the static analysis tool to obtain the APP permission,and compare it with the extraction of sensitive information to determine the consistency between the privacy policy description and the actual behavior of the APP.For the existing privacy policy compliance assessment based on content analysis,the detection efficiency is low,and it is difficult to fully popularize regulatory measures.This paper designs an automated evaluation scheme based on the analytic hierarchy process to quantitatively evaluate the compliance of privacy policy rights and interests information.First,refer to the legal documents to determine the four types of rights and interests to be analyzed,then use the machine learning model to extract sentences covering equity information and output the analysis results of equity information,and finally quantitatively evaluate the compliance of privacy policies based on the hierarchical structure model.Through the analysis of 500 privacy policies through the design scheme of this paper,the results show that the flow of sensitive information can be better reflected through the SVO transmission chain.Compared with the previous research,the average precision of sensitive information extraction is increased by 3.58%; intelligently evaluating the privacy policy through the analytic hierarchy process,the potential problems of privacy policies can be discovered quickly,and found that the response time of 197(39.4%)privacy policy complaints was not clear; the notification method of 134(26.8%)privacy policy updates was not clear.