LLMs on support of privacy and security of mobile apps: state of the art and research directions

TL;DR

This paper reviews how Large Language Models are used to enhance security and privacy in mobile apps, highlighting recent advances, potential, and future research directions.

Contribution

It surveys current LLM-based methods for mobile security, demonstrating their potential to replace traditional analysis techniques and discussing open challenges.

Findings

LLMs can effectively identify security risks in mobile apps.

LLMs show promise in detecting privacy violations like data leakage.

Research indicates potential for LLMs to improve mobile security analysis.

Abstract

Modern life has witnessed the explosion of mobile devices. However, besides the valuable features that bring convenience to end users, security and privacy risks still threaten users of mobile apps. The increasing sophistication of these threats in recent years has underscored the need for more advanced and efficient detection approaches. In this chapter, we explore the application of Large Language Models (LLMs) to identify security risks and privacy violations and mitigate them for the mobile application ecosystem. By introducing state-of-the-art research that applied LLMs to mitigate the top 10 common security risks of smartphone platforms, we highlight the feasibility and potential of LLMs to replace traditional analysis methods, such as dynamic and hybrid analysis of mobile apps. As a representative example of LLM-based solutions, we present an approach to detect sensitive data leakage when users share images online, a common behavior of smartphone users nowadays. Finally, we discuss open research challenges.