Project TitleAutoCog:Description-to-Permission Fidelity Software
Track Code2014-055
Short Description

New application designed to assess whether an application description accurately conveys the permissions it requires to function on a smart phone 

#software #application #security


Mobile applications on smartphones frequently access sensitive privacy information, such as location data, contacts, photos, calls, text messages, browsing activity etc. These data are captured in detail and sent to enormous databases indefinitely. Although there might not be any malicious intent motivating these actions, users may not be receptive to being tracked without their consent. Often, users do not have enough knowledge to assess the risk a particular application poses to their personal data. Thus, Northwestern University researchers developed a tool to bridge the communication gap between application developers and users about the collection of sensitive privacy information. Their application, called AutoCog, is capable of automatically extracting information from Android application descriptions and permissions to determine how well sensitive permissions to access private data are stated in app descriptions. Permissions that are not described will be classified as questionable, which will help developers improve their descriptions, as well as inform end users of exactly the types of information that a particular application can access on their device. 

Tagssoftware, SOFTWARE: application, SOFTWARE: security
Posted DateFeb 3, 2015 12:21 PM


Yan Chen*

Vaibhav Rastogi

Zhengyang Qu


  • Tool for application developers to assess the quality of descriptions
  • Tool for end users to determine if an application is risky to use


  • State-of-the-art natural language processing technique
  • High average precision (92.6%) and recall (92%)
  • Generalizable over various permissions


IP Status

Provisional US patent application has been filed.

Contact Information

Arjan Quist, PhD

Invention Associate 

(p) 847-467-0305