Assessing the Effectiveness of an LLM-Based Permission Model for Android

Roberto Milanese; Roberto Milanese; Roberto Milanese; Michele Guerra; Michele Guerra; Michele Daniele; Michele Daniele; Giovanni Fabbrocino; Fausto Fasano; Fausto Fasano

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Assessing the Effectiveness of an LLM-Based Permission Model for Android

Topics: AI and Machine Learning for Security; Mobile Security and Privacy; Privacy and Security Models; Privacy Enhancing Technologies; Threat Awareness

In Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP, 36-47, 2025 , Porto, Portugal

Authors: Roberto Milanese ^{1

;

2

;

3} ; Michele Guerra ^{1

;

3} ; Michele Daniele ^{3

;

1} ; Giovanni Fabbrocino ³ and Fausto Fasano ^{1

;

3}

Affiliations: ¹ Mosaic Research Center, University of Molise, Italy ; ² Department of Control and Computer Engineering, Politecnico di Torino, Italy ; ³ Department of Biosciences and Territory, University of Molise, Italy

Keyword(s): LLM, MLLM, AI, UI, Security and Privacy, Application Security, App Permission, Android, Android Permission Model.

Abstract: With the widespread use of mobile apps, users are frequently required to make decisions about app permissions. However, most people lack the knowledge to fully understand the consequences of their choices. Apps often request access to sensitive data, sometimes in the background and without clear justification, making users the weakest link in the security chain. This inadvertently exposes them to privacy breaches and malicious activities. Despite improvements, Android’s permission system remains inadequate in helping users make informed, real-time decisions. In this paper, we investigate the feasibility of an approach to address this critical gap that leverages the power of Large Language Models (LLMs) and Multi-Modal Large Language Models (MLLMs). We propose a system that dynamically evaluates permission requests by analyzing the full context of the UI on mobile app screens. Unlike traditional permission models, which rely on static rules or user input, our approach integrates seaml essly into existing systems, interpreting the relationships between UI elements and requested permissions to make aware, real-time decisions about whether the request is necessary or potentially harmful. Our evaluation on 123,552 UI screens from 70 popular Android apps revealed promising results, reaching 81% accuracy. By reducing the cognitive load on users and offering real-time protection against security threats or supporting a more informed choice by the user, our system can enhance existing permission models, providing a step towards smarter and safer mobile ecosystems. This solution paves the way for integrating intelligent permission systems that proactively shield users from risks while ensuring data security without overwhelming them with complex decisions. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.142.43.53

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Milanese, R., Guerra, M., Daniele, M., Fabbrocino, G. and Fasano, F. (2025). Assessing the Effectiveness of an LLM-Based Permission Model for Android. In Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP; ISBN 978-989-758-735-1; ISSN 2184-4356, SciTePress, pages 36-47. DOI: 10.5220/0013128100003899

@conference{icissp25,
author={Roberto Milanese and Michele Guerra and Michele Daniele and Giovanni Fabbrocino and Fausto Fasano},
title={Assessing the Effectiveness of an LLM-Based Permission Model for Android},
booktitle={Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP},
year={2025},
pages={36-47},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013128100003899},
isbn={978-989-758-735-1},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP
TI - Assessing the Effectiveness of an LLM-Based Permission Model for Android
SN - 978-989-758-735-1
IS - 2184-4356
AU - Milanese, R.
AU - Guerra, M.
AU - Daniele, M.
AU - Fabbrocino, G.
AU - Fasano, F.
PY - 2025
SP - 36
EP - 47
DO - 10.5220/0013128100003899
PB - SciTePress