Data

Since there is no previous work has been done in vetting the security of network service of iOS app, we carry out our study from the ground up. Our study starts from the seed data set, that is, the top 20 apps across each categories (1,300 in total) on iTunes. Then, we extend our study to the whole data set.

In our primitive analysis stage, we use dynamic analysis to get candidate apps which provide network service. The apps (1300 in total), the dynamic analysis result and call stacks can be accessed via the github.

On top of the above analysis result, we use static analysis further to vet the security of the network service. If a vulnerability is introduced by a third-party library, we extend our finding to the whole dataset to find more vulnerable apps. The collected third-party network service libraries can be accessed via: third-party network service library.

Our iOS app data set is still in developing and will be made public soon. Although the collected iOS apps have exceeded 1200,000 by now, we locked the apps which has been collected in May, 2018 for our study.