top of page

ABSTRACT

phone1.jpg

Android offers a popular platform for the creation and use of mobile applications, but with this popularity has come the risk of endemic security issues. Through malicious or careless design, Android apps may leak a user’s private information to untrusted sources by exploiting broad security permissions. Methods of static analysis for Android applications, such as the taint analysis provided by the open source FlowDroid project, can identify the flow of confidential information to unsafe locations as a way of testing a program’s security. However, the abstraction techniques required by static analysis results in a loss of precision, increasing the number of false positives. By refining the string analysis methods within the preexisting FlowDroid tool, we hope to increase the precision of its security analysis.

bottom of page