Abstract
Security and privacy issues are magnified by velocity, volume, and variety of big data. User's privacy is an even more sensitive topic attracting most people's attention. While Xcode-Ghost, a malware of iOS emerging in late 2015, leads to the privacy-leakage of a large number of users, only a few studies have examined Xcode-Ghost based on its source code. In this paper we describe observations by monitoring the network activities for more than 2.59 million iPhone users in a provincial area across 232 days. Our analysis reveals a number of interesting points. For example, we propose a decay model for the prevalence rate of XcodeGhost and we find that the ratio of the infected devices is more than 60%; that a lot of popular applications, such as Wechat, railway 12306, didi taxi, Youku video are also infected; and that the duration as well as the traffic volume of most XcodeGhost-related HTTP-requests is similar with usual HTTP-request which makes it difficult to be found. Besides, we propose a heuristic model based on fingerprint and its web-knowledge to identify the infected applications. The identifying result shows the efficiency of this model.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
