Learn More
Today's smartphones are a ubiquitous source of private and confidential data. At the same time, smartphone users are plagued by carelessly programmed apps that leak important data by accident, and by malicious apps that exploit their given privileges to copy such data intentionally. While existing static taint-analysis approaches have the potential of(More)
The fluidity of application markets complicate smart-phone security. Although recent efforts have shed light on particular security issues, there remains little insight into broader security characteristics of smartphone applications. This paper seeks to better understand smart-phone application security by studying 1,100 popular free Android applications.(More)
Many threats present in smartphones are the result of interactions between application components, not just ar-tifacts of single components. However, current techniques for identifying inter-application communication are ad hoc and do not scale to large numbers of applications. In this paper, we reduce the discovery of inter-component communication (ICC) in(More)
Today's smart phones are a ubiquitous source of private and confidential data. At the same time, smartphone users are plagued by malicious apps that exploit their given privileges to steal such sensitive data, or to track users without their consent or even the users noticing. Dynamic program analyses fail to discover such malicious activity because apps(More)
The Android OS has emerged as the leading platform for SmartPhone applications. However, because Android applications are compiled from Java source into platform-specific Dalvik bytecode, existing program analysis tools cannot be used to evaluate their behavior. This paper develops and evaluates algorithms for retargeting Android applications received from(More)
<i>Shake Them All</i> is a popular "Wallpaper" application exceeding millions of downloads on Google Play. At installation, this application is given permission to (1) access the Internet (for updating wallpapers) and (2) use the device microphone (to change background following noise changes). With these permissions, the application could silently record(More)
Android applications may leak privacy data carelessly or maliciously. In this work we perform inter-component data-flow analysis to detect privacy leaks between components of Android applications. Unlike all current approaches, our tool, called IccTA, propagates the context between the components , which improves the precision of the analysis. IccTA(More)
Many program analyses require statically inferring the possible values of composite types. However, current approaches either do not account for correlations between object fields or do so in an <i>ad hoc</i> manner. In this paper, we introduce the problem of composite constant propagation. We develop the first generic solver that infers all possible values(More)
—Online social communities often exhibit complex relationship structures, ranging from close friends to political rivals. As a result, persons are influenced by their friends and foes differently. Network applications can benefit from accompanying these structural differences in propagation schemes. In this paper, we study the optimal influence propagation(More)