Stony Brook University and WhoisXML API: Analyzing Mobile App Stability
About
Johnny So, a Computer Science PhD candidate at Stony Brook University, sought to assess if mobile Android apps adhere to one of the tenets of computer security—ensuring that data is correct and has not been tampered with. To investigate, So analyzed apps that rely on dependencies with expired domains using WHOIS History API. Mobile apps dependent on expired domains can see their stability affected. This issue can be pressing, as mobile platforms contribute a significant portion to all web traffic, and mobile usage only continues to grow.
Highlights
-
Accurate WHOIS information is challenging to access but necessary to assess the dependencies of mobile apps.
-
An accurate and easy-to-use WHOIS history service supports a robust methodology for assessing risks related to domain-reliant mobile apps.
-
The research methodology was made 50% more reliable.
Determining Domain Expiration History Accurately
Mobile app developers often integrate third-party SDKs to enhance app functionality and generate revenue through advertising. However, these SDKs can introduce additional dependencies, which the researcher extracted through a dynamic analysis pipeline.
One of So’s key research questions was then to determine the stability of the mobile apps by checking whether all domain connections remain in good standing, specifically concerning their registration status.
To do that, the researcher knew he needed a solution that could provide accurate historical WHOIS information, including domain registration and expiration dates.
Accurate and Easy-to-Use WHOIS History API
After initially using a historical WHOIS product that did not provide accurate data, the researcher decided to leverage WhoisXML API’s WHOIS History API to augment and verify his existing methodology. In particular, he combined historical WHOIS data with passive DNS data as a form of cross-verification for utmost data accuracy.
With WHOIS History API’s accuracy, the researcher was able to reinforce the detection of domain WHOIS expiration. He also found the API easy to use and implement, allowing him to smoothly process the data.
“WhoisXML API offers a comprehensive suite that can serve as a one-stop shop. Furthermore, the team is very supportive of the academic research community, and overall responsive to customer inquiries!”
Robust Method for Determining Apps Likely to Contact Expired Domains
The research sought to quantify the percentage of the Android app ecosystem that was susceptible to contacting expired domains throughout time. Accurate historical WHOIS information enabled the researcher to make his proposed methodology more robust. Specifically, using WHOIS History API strengthened the evaluation of his research methodology by about 50%.