Mobile devices such as smartphones, notebooks and tablets are gaining increasing popularity. In particular, next-generation mobile phones are spreading faster and faster and are increasingly an important part of our every days life with growing opportunities. The ever increasing dependency on mobile applications leads mobile users to gain leap of faith and therefore to entrust applications private data. Due to the growing number of functions and computing capacity of such mobile devices the risk increases, in which mobile users become targets of various attacks. In order to protect todays and tomorrows mobile devices and their users effective, new approaches are required which take also the peculiarities of these devices into account.

With the solution called Androlyzer, which was developed at the DAI laboratory, we carry out static data flow analyses on any Android app. With this analysis technique we are able to investigate data protection violations without the source code of an app. The app does not even have to be installed or started. As a result of a source sink investigation, access to private data is detected. Starting from here, further processing steps of the app are analyzed in which such a step could correspond to the sending of such data. These and other analysis results are made available to the evaluator in the form of a report.