[{"has_accepted_license":"1","citation":{"bibtex":"@inproceedings{Khedkar_Bodden_2024, title={Toward an Android Static Analysis Approach for Data Protection}, DOI={<a href=\"https://doi.org/10.1145/3647632.3651389\">10.1145/3647632.3651389</a>}, booktitle={Proceedings of the IEEE/ACM 11th International Conference on Mobile Software Engineering and Systems (MOBILESoft ’24). Association for Computing Machinery, New York, NY, USA, 65–68.}, author={Khedkar, Mugdha and Bodden, Eric}, year={2024} }","short":"M. Khedkar, E. Bodden, in: Proceedings of the IEEE/ACM 11th International Conference on Mobile Software Engineering and Systems (MOBILESoft ’24). Association for Computing Machinery, New York, NY, USA, 65–68., 2024.","mla":"Khedkar, Mugdha, and Eric Bodden. “Toward an Android Static Analysis Approach for Data Protection.” <i>Proceedings of the IEEE/ACM 11th International Conference on Mobile Software Engineering and Systems (MOBILESoft ’24). Association for Computing Machinery, New York, NY, USA, 65–68.</i>, 2024, doi:<a href=\"https://doi.org/10.1145/3647632.3651389\">10.1145/3647632.3651389</a>.","apa":"Khedkar, M., &#38; Bodden, E. (2024). Toward an Android Static Analysis Approach for Data Protection. <i>Proceedings of the IEEE/ACM 11th International Conference on Mobile Software Engineering and Systems (MOBILESoft ’24). Association for Computing Machinery, New York, NY, USA, 65–68.</i> 11th International Conference on Mobile Software Engineering and Systems 2024, Lisbon, Portugal. <a href=\"https://doi.org/10.1145/3647632.3651389\">https://doi.org/10.1145/3647632.3651389</a>","chicago":"Khedkar, Mugdha, and Eric Bodden. “Toward an Android Static Analysis Approach for Data Protection.” In <i>Proceedings of the IEEE/ACM 11th International Conference on Mobile Software Engineering and Systems (MOBILESoft ’24). Association for Computing Machinery, New York, NY, USA, 65–68.</i>, 2024. <a href=\"https://doi.org/10.1145/3647632.3651389\">https://doi.org/10.1145/3647632.3651389</a>.","ieee":"M. Khedkar and E. Bodden, “Toward an Android Static Analysis Approach for Data Protection,” presented at the 11th International Conference on Mobile Software Engineering and Systems 2024, Lisbon, Portugal, 2024, doi: <a href=\"https://doi.org/10.1145/3647632.3651389\">10.1145/3647632.3651389</a>.","ama":"Khedkar M, Bodden E. Toward an Android Static Analysis Approach for Data Protection. In: <i>Proceedings of the IEEE/ACM 11th International Conference on Mobile Software Engineering and Systems (MOBILESoft ’24). Association for Computing Machinery, New York, NY, USA, 65–68.</i> ; 2024. doi:<a href=\"https://doi.org/10.1145/3647632.3651389\">10.1145/3647632.3651389</a>"},"date_updated":"2026-03-04T08:11:48Z","author":[{"first_name":"Mugdha","full_name":"Khedkar, Mugdha","id":"88024","last_name":"Khedkar"},{"last_name":"Bodden","orcid":"0000-0003-3470-3647","full_name":"Bodden, Eric","id":"59256","first_name":"Eric"}],"doi":"10.1145/3647632.3651389","conference":{"name":"11th International Conference on Mobile Software Engineering and Systems 2024","start_date":"2024-04-14","end_date":"2024-04-15","location":"Lisbon, Portugal"},"type":"conference","status":"public","_id":"52235","department":[{"_id":"76"}],"user_id":"88024","file_date_updated":"2024-03-03T14:39:08Z","year":"2024","date_created":"2024-03-03T14:37:53Z","title":"Toward an Android Static Analysis Approach for Data Protection","publication":"Proceedings of the IEEE/ACM 11th International Conference on Mobile Software Engineering and Systems (MOBILESoft '24). Association for Computing Machinery, New York, NY, USA, 65–68.","abstract":[{"text":"Android applications collecting data from users must protect it according to the current legal frameworks. Such data protection has become even more important since the European Union rolled out the General Data Protection Regulation (GDPR). Since app developers are not legal experts, they find it difficult to write privacy-aware source code. Moreover, they have limited tool support to reason about data protection throughout their app development process.\r\nThis paper motivates the need for a static analysis approach to diagnose and explain data protection in Android apps. The analysis will recognize personal data sources in the source code, and aims to further examine the data flow originating from these sources. App developers can then address key questions about data manipulation, derived data, and the presence of technical measures. Despite challenges, we explore to what extent one can realize this analysis through static taint analysis, a common method for identifying security vulnerabilities. This is a first step towards designing a tool-based approach that aids app developers and assessors in ensuring data protection in Android apps, based on automated static program analysis. ","lang":"eng"}],"license":"https://creativecommons.org/licenses/by/4.0/","file":[{"date_updated":"2024-03-03T14:39:08Z","creator":"khedkarm","date_created":"2024-03-03T14:39:08Z","file_size":530812,"file_name":"2402.07889v1.pdf","access_level":"closed","file_id":"52236","content_type":"application/pdf","success":1,"relation":"main_file"}],"external_id":{"arxiv":["2402.07889"]},"keyword":["static program analysis","data protection and privacy","GDPR compliance"],"ddc":["006"],"language":[{"iso":"eng"}]},{"year":"2023","title":"Static Analysis for Android GDPR Compliance Assurance","date_created":"2023-04-24T12:14:17Z","file":[{"file_name":"2023047614.pdf","file_id":"44147","access_level":"closed","file_size":85313,"date_created":"2023-04-24T12:15:27Z","creator":"khedkarm","date_updated":"2023-04-24T12:15:27Z","relation":"main_file","success":1,"content_type":"application/pdf"}],"abstract":[{"text":"Many Android applications collect data from users. When they do, they must\r\nprotect this collected data according to the current legal frameworks. Such\r\ndata protection has become even more important since the European Union rolled\r\nout the General Data Protection Regulation (GDPR). App developers have limited\r\ntool support to reason about data protection throughout their app development\r\nprocess. Although many Android applications state a privacy policy, privacy\r\npolicy compliance checks are currently manual, expensive, and prone to error.\r\nOne of the major challenges in privacy audits is the significant gap between\r\nlegal privacy statements (in English text) and technical measures that Android\r\napps use to protect their user's privacy. In this thesis, we will explore to\r\nwhat extent we can use static analysis to answer important questions regarding\r\ndata protection. Our main goal is to design a tool based approach that aids app\r\ndevelopers and auditors in ensuring data protection in Android applications,\r\nbased on automated static program analysis.","lang":"eng"}],"publication":"2023 IEEE/ACM 45th International Conference on Software Engineering: Companion Proceedings (ICSE-Companion), Melbourne, Australia, 2023, pp. 197-199","language":[{"iso":"eng"}],"ddc":["004"],"keyword":["static analysis","data protection and privacy","GDPR compliance"],"external_id":{"arxiv":["2303.09606"]},"citation":{"apa":"Khedkar, M. (n.d.). Static Analysis for Android GDPR Compliance Assurance. <i>2023 IEEE/ACM 45th International Conference on Software Engineering: Companion Proceedings (ICSE-Companion), Melbourne, Australia, 2023, Pp. 197-199</i>. <a href=\"https://doi.org/10.1109/ICSE-Companion58688.2023.00054\">https://doi.org/10.1109/ICSE-Companion58688.2023.00054</a>","mla":"Khedkar, Mugdha. “Static Analysis for Android GDPR Compliance Assurance.” <i>2023 IEEE/ACM 45th International Conference on Software Engineering: Companion Proceedings (ICSE-Companion), Melbourne, Australia, 2023, Pp. 197-199</i>, doi:<a href=\"https://doi.org/10.1109/ICSE-Companion58688.2023.00054\">10.1109/ICSE-Companion58688.2023.00054</a>.","short":"M. Khedkar, in: 2023 IEEE/ACM 45th International Conference on Software Engineering: Companion Proceedings (ICSE-Companion), Melbourne, Australia, 2023, Pp. 197-199, n.d.","bibtex":"@inproceedings{Khedkar, title={Static Analysis for Android GDPR Compliance Assurance}, DOI={<a href=\"https://doi.org/10.1109/ICSE-Companion58688.2023.00054\">10.1109/ICSE-Companion58688.2023.00054</a>}, booktitle={2023 IEEE/ACM 45th International Conference on Software Engineering: Companion Proceedings (ICSE-Companion), Melbourne, Australia, 2023, pp. 197-199}, author={Khedkar, Mugdha} }","chicago":"Khedkar, Mugdha. “Static Analysis for Android GDPR Compliance Assurance.” In <i>2023 IEEE/ACM 45th International Conference on Software Engineering: Companion Proceedings (ICSE-Companion), Melbourne, Australia, 2023, Pp. 197-199</i>, n.d. <a href=\"https://doi.org/10.1109/ICSE-Companion58688.2023.00054\">https://doi.org/10.1109/ICSE-Companion58688.2023.00054</a>.","ieee":"M. Khedkar, “Static Analysis for Android GDPR Compliance Assurance,” doi: <a href=\"https://doi.org/10.1109/ICSE-Companion58688.2023.00054\">10.1109/ICSE-Companion58688.2023.00054</a>.","ama":"Khedkar M. Static Analysis for Android GDPR Compliance Assurance. In: <i>2023 IEEE/ACM 45th International Conference on Software Engineering: Companion Proceedings (ICSE-Companion), Melbourne, Australia, 2023, Pp. 197-199</i>. doi:<a href=\"https://doi.org/10.1109/ICSE-Companion58688.2023.00054\">10.1109/ICSE-Companion58688.2023.00054</a>"},"publication_status":"accepted","has_accepted_license":"1","doi":"10.1109/ICSE-Companion58688.2023.00054","author":[{"first_name":"Mugdha","last_name":"Khedkar","id":"88024","full_name":"Khedkar, Mugdha"}],"date_updated":"2024-09-16T08:46:25Z","status":"public","type":"conference","file_date_updated":"2023-04-24T12:15:27Z","user_id":"88024","department":[{"_id":"76"}],"_id":"44146"}]