Following Devil's Footprints: Cross-Platform Analysis of Potentially Harmful Libraries on Android and iOS

Kai Chen                                                  Xiaofeng Wang
Institute of Information Engineering       SoIC
Chinese Academy of Sciences                 Indiana University Bloomington


Dataset Release Policy

To mitigate threats of PhaLibs and help better understanding of security of iOS ecosystem, we are happy to release our samples to the community. However, to avoid misuse of techniques in these iOS PhaLibs, it's necessary to do some verification of user identity. For this purpose, if you are intereted in getting these samples, please read following instructions before getting access.

(1) If you are currently in academia:

(a) If you are a student (or postdoc), please send us an email from your university's email account.

(b) In your email, please give a brief introduction of your name, affiliation and your project. The information is required to verify that samples are used in a proper way. Please Note that your request may be ignored if we are not able to determine your identity.

(c) If your papers or articles use our samples, please cite our Oakland 2016 paper.

[S&P] Kai Chen, Xueqiang Wang, Yi Chen, Peng Wang, Yeonjoon Lee, XiaoFeng Wang, Bin Ma, Aohui Wang, Yingjun Zhang, Wei Zou, "Following Devil's Footprints: Cross-Platform Analysis of Potentially Harmful Libraries on Android and iOS". Accepted by the 37th IEEE Symposium on Security and Privacy (Oakland), 2016.

[USENIX Security] Kai Chen, Peng Wang, Yeonjoon Lee, Xiaofeng Wang, Nan Zhang, Heqing Huang, Wei Zou, Peng Liu, "Finding Unknown Malice in 10 Seconds: Mass Vetting for New Threats at the Google-Play Scale," USENIX Security 2015.

[ICSE] Kai Chen, Peng Liu, Yingjun Zhang, "Achieving Accuracy and Scalability Simultaneously in Detecting Application Clones on Android Market", ICSE 2014, regular paper, June 2014.

(2) If you are currently in industry (including research labs):

(a) Please send us an email from your company's email account. In the email, please briefly introduce yourself (e.g., name and title) and your company.

(b) In the email, please describe why the samples are being requested and the way you are going to use them.

Again, please note that we will ignore emails that do not meet above instructions. Also, please do not share your samples to others without our permission. We may disclose the list of your affiliations on our page. Sending us the email for our dataset access implies that you are aware of and agree with the above policies.

Please send your request emails to Kai Chen ( and Xueqiang Wang ( with "[iOS PHA Samples Request]" in the subject.