Skip to main content
SpringerLink
Log in

Comparison of Static and Dynamic Analyzer Tools for iOS Applications

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Recent studies have indicated that the growing mobile platforms such as Apple’s iOS (iPhone operating system) and Google’s Android operating system are increasingly facing malware attacks. The motivation behind malware attacks is that users store private and confidential data on the Smartphone and they personalize their Smartphone by installing third party applications. Millions of third party applications are present in online stores and they may contain malicious as well as non-malicious applications. The malware that is hidden inside the third party applications steals the private and sensitive information such as GPS location, contacts from the address book, images etc. The malware may exploit user’s data from remote locations without the user’s consent. There have been many data harvesting incidents, worm attacks and malware attacks such as ikee worm attack, Dutch ransom attack that were reported in the past. It is therefore important to reverse engineer the iOS applications by using powerful tools to provide a user with necessary information about an application’s behavior. Reverse engineering can be done in two ways: static analysis and dynamic analysis. In this paper, we present static and dynamic analysis of iOS applications using various tools such as Cycript, iNalyzer and GDB. Additionally, we present the working of each tool with installation steps and demonstrate each tool with a sample application. The paper presents how a user can perform run time analysis and manipulation of application using these tools. We have also demonstrated how a user can manipulate the application’s flow by patching some code in the application and discover the vulnerable areas. In the end, we present a comparison of all the tools which is intended to provide a better insight to a user.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21
Fig. 22
Fig. 23
Fig. 24
Fig. 25
Fig. 26
Fig. 27
Fig. 28
Fig. 29
Fig. 30
Fig. 31
Fig. 32
Fig. 33
Fig. 34
Fig. 35
Fig. 36
Fig. 37
Fig. 38
Fig. 39
Fig. 40
Fig. 41
Fig. 42
Fig. 43
Fig. 44
Fig. 45
Fig. 46
Fig. 47
Fig. 48
Fig. 49
Fig. 50
Fig. 51
Fig. 52
Fig. 53
Fig. 54
Fig. 55
Fig. 56
Fig. 57
Fig. 58

Similar content being viewed by others

References

  1. Werthmann, T., Hund, R., Davi, L., Sadeghi, AR., & Holz, T. (2013). PSiOS: Bring your own privacy and security to iOS devices, 8th ACM symposium on information, computer and communications security (ASIACCS 2013).

  2. Karow, O. Symantec Germany GmbH, Apple iOS security in the enterprise. Link: http://www.oliverkarow.de/cruft/Apple%20iOS%20Security%20in%20the%20Enterprise%20WP.pdf.

  3. Dillet, R. Apple Beats In Q1 2015 With $74.6B Revenue, $18B Profit And $3.06 EPS, Jan 2015. Link: http://techcrunch.com/2015/01/27/apple-q1-2015/.

  4. Perez, S. iTunes app store now has 1.2 million apps, has seen 75 billion downloads to date, June 2014.

  5. Shah, K. Penetration testing for iPhone/iPad applications. Security consultant foundstone professional services. Link: http://www.mcafee.com/in/resources/white-papers/foundstone/wp-pen-testing-iphone-ipad-apps.pdf.

  6. Operating System Weakness: Security Weaknesses in iOS 7 Rectified. Link: http://www.sciencedaily.com/releases/2013/10/131002102309.htm.

  7. Veracode Android versus iOS, How secure are they? Link: http://www.veracode.com/resources/android-ios-security.

  8. Gianchandani, P. iOS application security part 4—runtime analysis using cycript (Yahoo weather app). Link: http://resources.infosecinstitute.com/ios-application-security-part-4-runtime-analysis-using-cycript-yahoo-weather-app/.

  9. Tricks, C. Link: http://iphonedevwiki.net/index.php/Cycript_Tricks.

  10. Gianchandani, P. iOS application security part 8—method swizzling using cycript. Link: http://resources.infosecinstitute.com/ios-application-security-part-8-method-swizzling-using-cycript/.

  11. AppSec Labs Ltd., iNalyzer User Guide. Link: https://appsec-labs.com/wp-content/uploads/2014/10/iNalyzer-User-Guide.pdf.

  12. Tutorial of gcc and gdb. Link: http://cseweb.ucsd.edu/classes/fa09/cse141/tutorial_gcc_gdb.html.

  13. Dinesh, A., & Chow, M. An analysis of mobile malware and detection techniques.

  14. Disassembler From Wikipedia, the free encyclopedia. http://en.wikipedia.org/wiki/Disassembler.

  15. Tutorial Hopper Link: http://www.hopperapp.com/tutorial.html.

  16. Szydlowski, M., Egele, M., Kruegel, C., Vigna, G. Challenges for dynamic analysis of iOS applications. Published in: Proceeding iNetSec’11 Proceedings of the 2011 IFIP WG 11.4 international conference on open problems in network security (pp. 65–77). Heidelberg: Springer 2012, ISBN: 978-3-642-27584-5.

  17. Dynamic Analysis versus Static Analysis Internet: https://software.intel.com/sites/products/documentation/doclib/iss/2013/inspector/lin/ug_docs/GUID-E901AB30-1590-4706-94B1-9CD4736D8D2D.htm, 2013.

  18. Ertel, D. Dynamic analysis with cycript, information intoxication, a day in the life of information security. Link: http://www.infointox.net/?p=125.

  19. Application Security Labs, Breaking iOS Apps using Cycript. Link: http://www.slideshare.net/null0x00/breaking-ios-apps-using-cycript, June 2013.

  20. Jackson, W. Software assurance static versus dynamic code analysis: advantages and disadvantages. Link: http://gcn.com/articles/2009/02/09/static-vs-dynamic-code-analysis.aspx, Feb 09, 2009.

  21. Gianchandani, P. IOS application security part 26—patching IOS applications using IDA Pro and Hex Fiend, Link: http://resources.infosecinstitute.com/ios-application-security-part-26-patching-ios-applications-using-ida-pro-hex-fiend/”.

  22. Kumar, A. 15 practical examples of “dpkg commands” for debian based distros. Link: http://www.tecmint.com/dpkg-command-examples/.

  23. Gianchandani, P. IOS application security part 5—advanced runtime analysis and manipulation using cycript (Yahoo weather app). Link:http://resources.infosecinstitute.com/ios-application-security-part-5-advanced-runtime-analysis-and-manipulation-using-cycript-yahoo-weather-app/.

  24. Gianchandani, P. iOS application security part 2—getting class information of IOS apps. Link: http://resources.infosecinstitute.com/ios-application-security-part-2-getting-class-information-of-ios-apps/.

  25. Gianchandani, P. iOS application security part 15—static analysis of IOS applications using iNalyzer. Link: http://resources.infosecinstitute.com/part-15-static-analysis-of-ios-apps-using-inalyzer/.

  26. Graphviz—Graph visualization software envisioning connections. Link: http://www.graphviz.org/.

  27. Graphviz From Wikipedia, the free encyclopaedia. Link: http://en.wikipedia.org/wiki/Graphviz.

  28. DOT (graph description language) from Wikipedia, the free encyclopedia Link: http://en.wikipedia.org/wiki/DOT_%28graph_description_language%29.

  29. Doxygen, Generate documentation from source code, Link: http://www.stack.nl/~dimitri/doxygen/.

  30. Secure Planet, Adventure in iOSLand: Analyzing iOS applications, 2013. Link: https://www.securepla.net/adventures-in-iosland/.

  31. .ipa (file extension) From Wikipedia, the free encyclopedia. Link: http://en.wikipedia.org/wiki/.ipa_%28file_extension%29.

  32. Gianchandani, P. IOS application security part 16—runtime analysis of IOS applications using iNalyzer. Link: http://resources.infosecinstitute.com/ios-app-security-part-16-runtime-analysis-of-ios-apps-using-inalyzer/.

  33. Gianchandani, P. IOS application security part 21—ARM and GDB basics. Link: http://resources.infosecinstitute.com/ios-application-security-part-21-arm-gdb-basics/#article.

  34. Security Learn, Penetration testing of iPhone applications—part 6. Link: http://www.securitylearn.net/2013/09/12/penetration-testing-of-iphone-applications-part-6/.

  35. Gianchandani, P. IOS application security part 22—runtime analysis and manipulation using GDB. Link: http://resources.infosecinstitute.com/ios-application-security-part-22-runtime-analysis-manipulation-using-gdb/#article.

  36. Freeman, J. (Saurik), Cycript manual. Link : http://www.cycript.org/manual/.

  37. Cydia Substrate—The iPhone Wiki. Link: http://iphonedevwiki.net/index.php/MobileSubstrate.

  38. iNalyzer iOS Penetration Testing Framework. Link: https://appsec-labs.com/inalyzer/.

  39. GDB Developers, GDB: The GNU project debugger. Link: https://www.gnu.org/software/gdb/.

  40. Kulkarni, V. Reverse engineering IOS applications in a fun way, NetSPi. Link: https://blog.netspi.com/reverse-engineering-ios-applications-in-a-fun-way/.

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science Engineering, Jaypee Institute of Information Technology, Noida, India

    Arpita Jadhav Bhatt & Chetna Gupta

Authors
  1. Arpita Jadhav Bhatt
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chetna Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Arpita Jadhav Bhatt.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Bhatt, A.J., Gupta, C. Comparison of Static and Dynamic Analyzer Tools for iOS Applications. Wireless Pers Commun 96, 4013–4046 (2017). https://doi.org/10.1007/s11277-017-4366-1

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-017-4366-1

Keywords

Search

Navigation