Abstract

We present DiOS, a practical system to perform automated dynamic privacy analysis of iOS apps. DiOS provides a highly scalable and fully automated solution to schedule apps from the official Apple App Store for privacy analysis to iOS devices. While apps are automatically executed, user interaction is simulated using random and smart execution strategies, and sensitive API calls as well as network connections are tracked. We evaluated the system on 1,136 of the most popular free apps from the iOS App Store and found out that almost 20% of all investigated apps are tracking users’ locations on every app start, one third of all accesses to users’ address books are attributed to apps from the social network category and almost half of all apps are tracking users’ app usage behavior by incorporating tracking and advertising libraries.

Technical Report: “DiOS: Dynamic Privacy Analysis of iOS Applications” (PDF)

Authors: Andreas Kurtz, Andreas Weinlein, Christoph Settgast and Felix C. Freiling

Source Code: DiOS is licensed under the BSD License. The full source code is available at https://github.com/DiOS-Analysis/DiOS.

Contact: For general questions on DiOS, please contact us at dios@i1.cs.fau.de. For feature requests or bug reports, please use the issue tracking system: https://github.com/DiOS-Analysis/DiOS/issues.

DiOS in Action

System Overview

Open-Close Execution

The most basic execution strategy within DiOS launches an app for a defined duration. After a few seconds (15s by default) the app is suspended to the background by simulating a tap on the iOS device’s home button. Again, five seconds later the app is resumed for another 15 seconds until execution is finally terminated. Apart from handling alerts by pressing the default button no other user interaction is simulated.

Random Execution

Moreover, DiOS provides a random execution strategy that utilizes Apple’s UI Automation framework to execute randomly chosen events, from pressing the home-button, changing a devices orientation or location, shaking the device, or adjusting the volume, to tapping on a random screen position or performing any advanced gestures. To allow the simulated user interaction to be as realistic as possible, the random events were weighted and can be freely adjusted. Thus, the event of tapping a random screen position, e.g., is ten times more likely to occur than changing a device’s orientation. Using this approach we aimed to effectively maximize an app’s coverage without the need for exploring the actual UI in detail.

Smart Execution

The third execution strategy implemented within DiOS examines the actual user interface in great detail. For this, it explores the available UI elements on every screen and keeps track of already executed UI paths. This enables targeted navigation through an app’s user interface, while avoiding repeated execution of already visited contents.