Duration: 2+ months
In our Munich-based app analysis Java team we work on tools to automatically analyze Android apps. Our software is based on our open source bytecode manipulation library ProGuardCORE ( https://github.com/Guardsquare/proguard-core ) for static analysis, and on own tooling for dynamic analysis.
A prerequisite for a good data flow analysis is an accurate call graph. Direct method calls easily define the basis of such a call graph, but other techniques exist that modify the execution flow on Android. This can for instance happen if a new Intent is started at one point, so the app’s execution continues where the Intent is received. In this internship you will research the possible ways a traditional call graph can have missing edges in Android. Once those are added, you will investigate how that influences the data flow analysis performance wise, and which additional steps need to be taken to find data flows along those edges.
- Experience with Java
- Interest in code analysis
- Ability to independently perform structured research into a topic
Guardsquare offers the most complete approach to mobile application security on the market. Built on the open source ProGuard technology, Guardsquare’s software integrates seamlessly across the development cycle. From app security testing to code hardening to real-time visibility into the threat landscape, Guardsquare solutions provide enhanced mobile application security from early in the development process through publication.
More than 900 customers worldwide across all major industries rely on Guardsquare to help them identify security risks and protect their mobile applications against reverse engineering and tampering.
Guardsquare is based in Leuven (Belgium) with offices in Boston (USA) and Munich (Germany).
At Guardsquare, we take pride in being a diverse and multicultural company with team members representing numerous nationalities. We value different perspectives and opinions throughout the business which has contributed to our being the market leader in mobile application security.
You will be part of a dynamic team that strives for excellence and focuses on continuous education and enhancement in skills. We encourage & empower our trusted colleagues to share their opinions, actively collaborate, and continue to learn and grow.