The Android operating system dominates the smartphone market. Thus, to service the market, the number of Android applications has risen dramatically. These applications are processing a great amount of sensitive data, which could result in various concerns including data leakage and privacy violations. For example, applications may misuse the sensitive data stored on Android devices and violate the privacy of the user. Therefore, it is essential to maintain user privacy and protect sensitive data from leakage. Static data flow analysis approaches are used for analyzing Android applications to uncover security and privacy issues. However, these approaches frequently generate false alarms, given the different challenges created by Android applications, such as inter-component communication (ICC), reflection, and implicit flow. This work presents the DroidRista approach for conducting static data flow analysis on Android applications to detect sensitive data leakage. DroidRista analyzes ICC, reflection, and implicit flow in Android applications. To evaluate the performance of DroidRista, it was tested on three data sets. The results demonstrate improved performance in terms of detecting data leakage compared to existing static data flow analysis approaches.

中文翻译：

---

DroidRista：适用于Android应用程序的高精度静态数据流分析框架

Android操作系统主导了智能手机市场。因此，为了服务市场，Android应用程序的数量急剧增加。这些应用程序正在处理大量敏感数据，这可能导致各种问题，包括数据泄漏和侵犯隐私。例如，应用程序可能会滥用存储在Android设备上的敏感数据，并侵犯用户的隐私。因此，必须维护用户隐私并保护敏感数据免于泄漏。静态数据流分析方法用于分析Android应用程序以发现安全性和隐私问题。但是，考虑到Android应用程序所带来的不同挑战，例如组件间通信（ICC），反射和隐式流程，这些方法经常会产生错误警报。这项工作提出了DroidRista方法，用于在Android应用程序上进行静态数据流分析以检测敏感数据泄漏。DroidRista分析Android应用程序中的ICC，反射和隐式流。为了评估DroidRista的性能，在三个数据集上进行了测试。结果表明，与现有的静态数据流分析方法相比，在检测数据泄漏方面性能有所提高。