The Queryella project was conceived to close a critical gap in the assessment of privacy and security risks posed by mobile applications. Its core ambition was to build a unified platform that brings together a range of existing code‑scanning tools and extends them with novel capabilities, thereby offering developers, security analysts and enterprises a single, user‑friendly interface for comprehensive risk evaluation.

A central technical achievement was the development of an automated risk‑assessment engine (Work Package 4.2). This system automatically filters the output of multiple static code scanners, such as StringHound, and applies advanced data‑flow analysis to determine the potential impact on user privacy and device security. By integrating results from different scanners into a common risk model, the engine delivers a unified score that reflects the likelihood and severity of privacy violations or security breaches. The approach also includes mechanisms for detecting obfuscated strings and hidden credentials, thereby exposing threats that would otherwise remain hidden in the compiled code.

To make the platform scalable and accessible, the team introduced a client‑server architecture (Work Package 5.1). Rather than running the heavy analysis locally on a user’s machine, the workload is shifted to a central server. This change reduces the computational burden on client devices, speeds up analysis turnaround, and allows the platform to serve a larger user base. The server hosts a database that stores all analysis results, enabling users to retrieve past findings and compare new submissions against historical data.

Extending the platform’s reach, an application programming interface (API) was created (Work Package 5.2). The API provides secure, key‑based access to the platform’s services, allowing third‑party systems such as VirusTotal or ImmuniWeb Mobile to submit apps for analysis and retrieve risk reports programmatically. This integration capability opens the door to broader adoption and facilitates the incorporation of Queryella’s insights into existing security workflows.

The database layer (Work Package 5.3) was designed to support efficient storage and retrieval of analysis outcomes. A full‑text search engine was embedded, enabling users to query the database by keyword, risk level, or affected component. The combination of structured metadata and unstructured text search makes it straightforward for analysts to locate relevant findings across thousands of analyzed applications.

Throughout the project, the team demonstrated resilience in the face of personnel shortages and coordination delays. By reallocating responsibilities among team members and adopting agile development practices, they maintained momentum and delivered all planned features on schedule. The resulting platform not only integrates multiple scanners but also enhances them with automated risk scoring, server‑side processing, API access, and robust data management.

Collaboration was organized around a multidisciplinary group of researchers and developers who combined expertise in static analysis, privacy law, and software engineering. While the report does not list specific institutional partners or funding bodies, it indicates that the project was supported by a research grant that enabled the procurement of necessary computational resources and the recruitment of skilled personnel. The project’s timeline spanned several years, during which the team iterated on the architecture, refined the risk model, and expanded the platform’s integration points.

In summary, the Queryella project delivered a technically sophisticated, user‑centric platform that automates the aggregation and risk assessment of mobile app code, offloads analysis to a scalable server infrastructure, exposes its services through a secure API, and stores results in a searchable database. These innovations collectively provide a comprehensive solution for evaluating privacy and security risks in mobile applications, thereby advancing the state of the art in mobile security analytics.