• Publications
  • Influence
FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps
Today's smartphones are a ubiquitous source of private and confidential data. At the same time, smartphone users are plagued by carelessly programmed apps that leak important data by accident, and byExpand
  • 1,312
  • 236
  • PDF
IccTA: Detecting Inter-Component Privacy Leaks in Android Apps
Shake Them All is a popular "Wallpaper" application exceeding millions of downloads on Google Play. At installation, this application is given permission to (1) access the Internet (for updatingExpand
  • 419
  • 63
  • PDF
Effective inter-component communication mapping in Android with Epicc: an essential step towards holistic security analysis
Many threats present in smartphones are the result of interactions between application components, not just artifacts of single components. However, current techniques for identifyingExpand
  • 331
  • 44
  • PDF
A Study of Android Application Security
The fluidity of application markets complicate smartphone security. Although recent efforts have shed light on particular security issues, there remains little insight into broader securityExpand
  • 929
  • 41
  • PDF
Composite Constant Propagation: Application to Android Inter-Component Communication Analysis
Many program analyses require statically inferring the possible values of composite types. However, current approaches either do not account for correlations between object fields or do so in an adExpand
  • 162
  • 36
  • PDF
DroidRA: taming reflection to support whole-program analysis of Android apps
Android developers heavily use reflection in their apps for legitimate reasons, but also significantly for hiding malicious actions. Unfortunately, current state-of-the-art static analysis tools forExpand
  • 89
  • 10
  • PDF
Combining static analysis with probabilistic models to enable market-scale Android inter-component analysis
Static analysis has been successfully used in many areas, from verifying mission-critical software to malware detection. Unfortunately, static analysis often produces false positives, which requireExpand
  • 77
  • 9
  • PDF
I know what leaked in your pocket: uncovering privacy leaks on Android Apps with Static Taint Analysis
Android applications may leak privacy data carelessly or maliciously. In this work we perform inter-component data-flow analysis to detect privacy leaks between components of Android applications.Expand
  • 63
  • 8
  • PDF
Highly precise taint analysis for Android applications
Today’s smart phones are a ubiquitous source of private and confidential data. At the same time, smartphone users are plagued by malicious apps that exploit their given privileges to steal suchExpand
  • 91
  • 7
  • PDF