Hybrid Privacy Policy-Code Consistency Check using Knowledge Graphs and LLMs

Zhenyu Mao; Xinxin Fan; Yifei Wang; Jacky Keung; Jialong Li

doi:10.1109/QRS-C65679.2025.00101

Hybrid Privacy Policy-Code Consistency Check using Knowledge Graphs and LLMs

Zhenyu Mao, Xinxin Fan, Yifei Wang, Jacky Keung^*, Jialong Li

^*Corresponding author for this work

Department of Computer Science

Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review

Abstract

The increasing concern in user privacy misuse has accelerated research into checking consistencies between smartphone apps' declared privacy policies and their actual behaviors. Recent advances in Large Language Models (LLMs) have introduced promising techniques for semantic comparison, but these methods often suffer from low accuracies and expensive computational costs. To address this problem, this paper proposes a novel hybrid approach that integrates 1) knowledge graph-based deterministic checking to ensure higher accuracy, and 2) LLMs exclusively used for preliminary semantic analysis to save computational costs. Preliminary evaluation indicates this hybrid approach not only achieves 37.63% increase in precision and 23.13% increase F1-score but also consumes 93.5% less tokens and 87.3% shorter time. ©2025 IEEE

Original language	English
Title of host publication	2025 25th International Conference on Software Quality, Reliability, and Security Companion (QRS-C)
Publisher	IEEE Computer Society Conference Publishing Services (CPS)
Pages	771-772
ISBN (Electronic)	978-1-6654-7773-4
ISBN (Print)	978-1-6654-7774-1
DOIs	https://doi.org/10.1109/QRS-C65679.2025.00101
Publication status	Published - Oct 2025
Event	The 25th International Conference on Software Quality, Reliability, and Security (QRS 2025) - Hangzhou, China Duration: 16 Jul 2025 → 20 Jul 2025 https://qrs25.techconf.org

Conference

Conference	The 25th International Conference on Software Quality, Reliability, and Security (QRS 2025)
Abbreviated title	QRS 2025
Place	China
City	Hangzhou
Period	16/07/25 → 20/07/25
Internet address	https://qrs25.techconf.org

Bibliographical note

Information for this record is supplemented by the author(s) concerned.

Research Keywords

Privacy Alignment
Privacy Testing
Large Language Models
Knowledge Graph
Static Analysis

Access Output

10.1109/QRS-C65679.2025.00101

Other Access Options

Check CityUHK Library

Permanent Link

Right click to copy link

Cite this

@inproceedings{42cef2d77bff4332b1780738dc1f3e09,

title = "Hybrid Privacy Policy-Code Consistency Check using Knowledge Graphs and LLMs",

abstract = "The increasing concern in user privacy misuse has accelerated research into checking consistencies between smartphone apps' declared privacy policies and their actual behaviors. Recent advances in Large Language Models (LLMs) have introduced promising techniques for semantic comparison, but these methods often suffer from low accuracies and expensive computational costs. To address this problem, this paper proposes a novel hybrid approach that integrates 1) knowledge graph-based deterministic checking to ensure higher accuracy, and 2) LLMs exclusively used for preliminary semantic analysis to save computational costs. Preliminary evaluation indicates this hybrid approach not only achieves 37.63% increase in precision and 23.13% increase F1-score but also consumes 93.5% less tokens and 87.3% shorter time. {\textcopyright}2025 IEEE",

keywords = "Privacy Alignment, Privacy Testing, Large Language Models, Knowledge Graph, Static Analysis",

author = "Zhenyu Mao and Xinxin Fan and Yifei Wang and Jacky Keung and Jialong Li",

note = "Information for this record is supplemented by the author(s) concerned.; The 25th International Conference on Software Quality, Reliability, and Security (QRS 2025), QRS 2025 ; Conference date: 16-07-2025 Through 20-07-2025",

year = "2025",

month = oct,

doi = "10.1109/QRS-C65679.2025.00101",

language = "English",

isbn = "978-1-6654-7774-1",

pages = "771--772",

booktitle = "2025 25th International Conference on Software Quality, Reliability, and Security Companion (QRS-C)",

publisher = "IEEE Computer Society Conference Publishing Services (CPS)",

url = "https://qrs25.techconf.org",

}

Mao, Z, Fan, X, Wang, Y , Keung, J & Li, J 2025, Hybrid Privacy Policy-Code Consistency Check using Knowledge Graphs and LLMs. in 2025 25th International Conference on Software Quality, Reliability, and Security Companion (QRS-C). IEEE Computer Society Conference Publishing Services (CPS), pp. 771-772, The 25th International Conference on Software Quality, Reliability, and Security (QRS 2025), Hangzhou, China, 16/07/25. https://doi.org/10.1109/QRS-C65679.2025.00101

Hybrid Privacy Policy-Code Consistency Check using Knowledge Graphs and LLMs. / Mao, Zhenyu; Fan, Xinxin; Wang, Yifei et al.
2025 25th International Conference on Software Quality, Reliability, and Security Companion (QRS-C). IEEE Computer Society Conference Publishing Services (CPS), 2025. p. 771-772.

Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review

TY - GEN

T1 - Hybrid Privacy Policy-Code Consistency Check using Knowledge Graphs and LLMs

AU - Mao, Zhenyu

AU - Fan, Xinxin

AU - Wang, Yifei

AU - Keung, Jacky

AU - Li, Jialong

N1 - Information for this record is supplemented by the author(s) concerned.

PY - 2025/10

Y1 - 2025/10

N2 - The increasing concern in user privacy misuse has accelerated research into checking consistencies between smartphone apps' declared privacy policies and their actual behaviors. Recent advances in Large Language Models (LLMs) have introduced promising techniques for semantic comparison, but these methods often suffer from low accuracies and expensive computational costs. To address this problem, this paper proposes a novel hybrid approach that integrates 1) knowledge graph-based deterministic checking to ensure higher accuracy, and 2) LLMs exclusively used for preliminary semantic analysis to save computational costs. Preliminary evaluation indicates this hybrid approach not only achieves 37.63% increase in precision and 23.13% increase F1-score but also consumes 93.5% less tokens and 87.3% shorter time. ©2025 IEEE

AB - The increasing concern in user privacy misuse has accelerated research into checking consistencies between smartphone apps' declared privacy policies and their actual behaviors. Recent advances in Large Language Models (LLMs) have introduced promising techniques for semantic comparison, but these methods often suffer from low accuracies and expensive computational costs. To address this problem, this paper proposes a novel hybrid approach that integrates 1) knowledge graph-based deterministic checking to ensure higher accuracy, and 2) LLMs exclusively used for preliminary semantic analysis to save computational costs. Preliminary evaluation indicates this hybrid approach not only achieves 37.63% increase in precision and 23.13% increase F1-score but also consumes 93.5% less tokens and 87.3% shorter time. ©2025 IEEE

KW - Privacy Alignment

KW - Privacy Testing

KW - Large Language Models

KW - Knowledge Graph

KW - Static Analysis

U2 - 10.1109/QRS-C65679.2025.00101

DO - 10.1109/QRS-C65679.2025.00101

M3 - RGC 32 - Refereed conference paper (with host publication)

SN - 978-1-6654-7774-1

SP - 771

EP - 772

BT - 2025 25th International Conference on Software Quality, Reliability, and Security Companion (QRS-C)

PB - IEEE Computer Society Conference Publishing Services (CPS)

T2 - The 25th International Conference on Software Quality, Reliability, and Security (QRS 2025)

Y2 - 16 July 2025 through 20 July 2025

ER -

Hybrid Privacy Policy-Code Consistency Check using Knowledge Graphs and LLMs

Abstract

Conference

Bibliographical note

Research Keywords

Access Output

Other Access Options

Permanent Link

Fingerprint

Cite this