3PDroid is a Python tool for verifying if an Android app complies with the Google Play privacy guidelines described here. 3PDroid is based on a combination of static analysis, dynamic analysis, and machine learning techniques to assess if an Android app complies with the Google Play privacy guidelines or not.
More details about 3PDroid can be found in the paper "On the (Un)Reliability of Privacy Policies in Android Apps"
Please use the following bibtex entry to cite our work:
@InProceedings{3pdroid,
author = {Luca Verderame and Davide Caputo and Andrea Romdhana and Alessio Merlo},
title = {On the (Un)Reliability of Privacy Policies in Android Apps},
booktitle = {Proc. of the IEEE International Joint Conference on Neural Networks (IJCNN 2020)},
month = {July},
year = {2020},
address = {Glasgow, UK}
}- Tested only on Ubuntu 18.04 and Ubuntu 20.04
- Use python 3.7.5
- Install virtualenv
$ pip3 install virtualenv - Download Oracle VirtualBox
- Download emulator
- Androidx86 (recommended) or Genymotion:
- Setup emulator (if needed)
- Obtain root permissions (if needed)
- emulator with nat e forward ports 5555 and 5554
- emulator with bridged adapter
- install droidbot app (download)
- Enable accessibility services
- Add adb path in PATH environment variable
- Download nltk resources
import nltk nltk.download("stopwords") nltk.download("punkt")
OPTIONAL, if you want to use appium and the random modality (default is Droidbot)
- Download appium
$ npm install -g appium $ npm install -g appium-doctor
- Verify appium installation
$ appium-doctor --android
- Create Virtualenv
$ virtualenv -p python3 venv- Enable Virtualenv
$ source venv/bin/activate- Install Requirements
$ pip install -r requirements- Start Emulator Manager
$ python3 emulator_manager.py- Move apps to analyze within apps dir
- Start experiments
$ python3 3Pdroid.py -t 10 -m 20 --type Droidbot --emulator-name AndroidEmulator -d \home\user\path\3PDroid\apps- Check if the apps with privacy policy contain explicit acceptance or not
$ python3 explicit_acceptance_policy_page.py - Update results with some new data and stats
$ python3 update_stats_experiments.py - CREvaluator (see "On the (Un)Reliability of Privacy Policies in Android Apps" for more information)
$ python3 CREvaluator.py
This tool is available under a dual license: a commercial one required for closed source projects or commercial projects, and an AGPL license for open-source projects.
Depending on your needs, you must choose one of them and follow its policies. A detail of the policies and agreements for each license type is available in the LICENSE.COMMERCIAL and LICENSE files.