In parallel with the meteoric rise of mobile software, we are witnessing an alarming
escalation in the number and sophistication of the security threats targeted at mobile …

Mobile phones have become important daily companions for millions of people which help
to organize both their private and their professional lives. Having access to data such as the …

Static analysis is the analysis of software at compile time without executing it. Its goal is to
explore all execution paths without needing specific inputs to drive the execution. Thanks to …

With the enormous popularity of smartphones, millions of mobile apps are developed to
provide rich functionalities for users by accessing certain personal data, leading to great …

Software security vulnerabilities and leakages of private information are two of the main
issues in modern software systems. Several different approaches, ranging from design …

This paper elaborates the use of static source code analysis in the context of data protection.
The topic is important for software engineering in order for software developers to improve …

Taint analysis detects if data coming from a source, such as user input, flows into a sink,
such as an SQL query, unsanitized (not properly escaped). Both static and dynamic taint …

Mobile applications often require access to private user information, such as the user or
device ID, the location or the contact list. Usage of such data varies across different …

When installing or executing an app on a smartphone, we grant it access to part of our
(possibly confidential) data stored in the device. Traditional information-flow analyses aim to …

We present the Z3strBV solver for a many-sorted first-order quantifier-free theory Tw, bv of
string equations, string length represented as bit-vectors, and bit-vector arithmetic aimed at …