Call graphs play an important role in different contexts, such as profiling and vulnerability
propagation analysis. Generating call graphs in an efficient manner can be a challenging …

Static analyses have problems modelling dynamic language features soundly while
retaining acceptable precision. The problem is well-understood in theory, but there is little …

Java reflection has been widely used in a variety of applications and frameworks. It allows a
software system to inspect and change the behaviour of its classes, interfaces, methods, and …

Malicious smartphone apps use reflection APIs to exfiltrate user data and steal personal
information. These malware use reflection along with parameter obfuscation and encryption …

Static program analysis is widely used to detect bugs and vulnerabilities early in the life
cycle of software. It models possible program executions without executing a program, and …

Despite its widespread use in Android apps, reflection poses graving problems for static
security analysis. Currently, string inference is applied to handle reflection, resulting in …

Existing static analyses model activity transitions in Android apps context-insensitively,
making it impossible to distinguish different activity launch modes, reducing the pointer …

The Android multitasking mechanism can be plagued with app switching attacks, in which a
malicious app replaces the legitimate top activity of the focused app with one of its own, thus …

Static Program Analysis (SPA) has long been established as an important technique for
gaining insights into software systems. Over the last years, analysis designers increasingly …

Context The R programming language has a huge and active community, especially in the
area of statistical computing. Its interpreted nature allows for several interesting constructs …