Comparison of Static and Dynamic Analyzer Tools for iOS Applications

Recent studies have indicated that the growing mobile platforms such as Apple’s iOS (iPhone operating system) and Google’s Android operating system are increasingly facing malware attacks. The motivation behind malware attacks is that users store private and confidential data on the Smartphone and they personalize their Smartphone by installing third party applications. Millions of third party applications are present in online stores and they may contain malicious as well as non-malicious applications. The malware that is hidden inside the third party applications steals the private and sensitive information such as GPS location, contacts from the address book, images etc. The malware may exploit user’s data from remote locations without the user’s consent. There have been many data harvesting incidents, worm attacks and malware attacks such as ikee worm attack, Dutch ransom attack that were reported in the past. It is therefore important to reverse engineer the iOS applications by using powerful tools to provide a user with necessary information about an application’s behavior. Reverse engineering can be done in two ways: static analysis and dynamic analysis. In this paper, we present static and dynamic analysis of iOS applications using various tools such as Cycript, iNalyzer and GDB. Additionally, we present the working of each tool with installation steps and demonstrate each tool with a sample application. The paper presents how a user can perform run time analysis and manipulation of application using these tools. We have also demonstrated how a user can manipulate the application’s flow by patching some code in the application and discover the vulnerable areas. In the end, we present a comparison of all the tools which is intended to provide a better insight to a user.