pith. sign in

arxiv: 2606.12212 · v3 · pith:NU6K2RNJnew · submitted 2026-06-10 · 💻 cs.SE · cs.CR

Mind your key: An Empirical Study of LLM API Credential Leakage in iOS Apps

Pinran Gao , Lingxiang Wang , Yi Liu , Kunpeng Liu , Fan Yang , Ying Zhang This is my paper

Pith reviewed 2026-06-27 09:07 UTC · model grok-4.3

classification 💻 cs.SE cs.CR
keywords LLM API keyscredential leakageiOS appsdynamic analysismobile securityAPI security
0
0 comments X

The pith

282 of 444 iOS apps leak usable LLM API keys in their network traffic.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper conducts the first systematic study of how iOS apps that use large language models handle their API credentials. It assembles 444 such apps and applies a traffic-monitoring tool to see whether keys are sent in ways that outsiders can use. The results show leaks in 282 apps through three main patterns. A follow-up check three months after notifying developers finds that only 28 percent of the affected apps had stopped the leaks. This indicates that credential exposure is common and slow to fix in this ecosystem.

Core claim

Analysis of 444 iOS applications using LLMKeyLens finds that 282 applications expose exploitable LLM API credentials in network traffic across at least ten providers. The leakage occurs in three patterns: JWT-based token leakage in 48 percent of cases, unauthenticated backend proxy access in 33 percent, and plaintext API key transmission in 19 percent. Re-analysis of the 282 vulnerable applications three months after responsible disclosure shows only 28 percent remediated the issue while 72 percent remained exploitable.

What carries the argument

LLMKeyLens, a dynamic analysis framework that detects LLM API key leakage through traffic interception, provider-specific key extraction, and active validity confirmation without requiring source code access or binary decryption.

If this is right

  • LLM API key leakage spans at least ten different providers.
  • Most vulnerabilities persist due to unauthenticated backends and broken JWT implementations.
  • Remediation rates remain low even after direct notification to developers.
  • Secure LLM integration requires explicit security guidance from providers along with platform-level enforcement.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The leakage patterns observed may also occur in LLM-integrated apps on other operating systems.
  • App distribution platforms could implement automated scans for common credential exposure signatures.
  • Standardized secure integration libraries from providers might reduce reliance on custom and error-prone proxy setups.

Load-bearing premise

The 444 apps selected from 1092 candidates accurately represent LLM-integrated iOS apps in general, and the analysis method finds real leaks with few mistakes.

What would settle it

An independent larger scan of iOS apps showing substantially lower leakage rates, or an external verification that most of the 282 apps have since secured their credentials.

Figures

Figures reproduced from arXiv: 2606.12212 by Fan Yang, Kunpeng Liu, Lingxiang Wang, Pinran Gao, Yi Liu, Ying Zhang.

Figure 1
Figure 1. Figure 1: LLM API credential leakage via network traffic [PITH_FULL_IMAGE:figures/full_fig_p001_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: Overview of Data Collection and Classification Workflow [PITH_FULL_IMAGE:figures/full_fig_p004_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Distribution of LLM API key leakage across iOS [PITH_FULL_IMAGE:figures/full_fig_p006_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Distribution of user rating counts for vulnerable [PITH_FULL_IMAGE:figures/full_fig_p006_4.png] view at source ↗
read the original abstract

The rapid integration of large language models (LLMs) into mobile applications has introduced a new class of credential security risk: leaked credentials that grant unauthorized access to LLM inference services, causing financial damage to developers. Prior work on credential leakage has focused primarily on Android apps; to date, no empirical study has systematically investigated LLM API key leakage in iOS applications. We present the first in-depth empirical study of API key leakage in LLM-integrated apps. We construct a high-quality dataset of 444 iOS applications, filtered from 1092 candidates through a standardized process, and develop LLMKeyLens, a dynamic analysis framework that detects LLM API key leakage via traffic interception, provider-specific key extraction, and active validity confirmation, requiring neither source code access nor binary decryption. Our analysis reveals that 282 applications expose exploitable LLM API credentials in network traffic, spanning at least ten providers. We identify three leakage patterns: JWT-based token leakage (48%), unauthenticated backend proxy access (33%), and plaintext API key transmission (19%). To assess remediation, we re-analyzed the same 282 vulnerable applications three months after responsible disclosure; only 28% had remediated the reported vulnerability, while 72% remained exploitable, with persistent issues stemming from unauthenticated backends and broken JWT implementations. Our findings show that LLM API key leakage is both prevalent and persistent in the iOS ecosystem, exposing a systemic gap between developer practice and secure integration principles, and suggest that secure LLM integration requires not only developer awareness but also explicit security guidance from providers and platform-level enforcement.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

3 major / 2 minor

Summary. The paper presents the first empirical study of LLM API key leakage in iOS apps. It constructs a dataset of 444 apps filtered from 1092 candidates via a standardized process, develops LLMKeyLens (a dynamic analysis framework using traffic interception, provider-specific extraction, and active validity confirmation without source code or decryption), and reports that 282 apps leak exploitable keys across at least 10 providers. Leakage patterns are JWT-based (48%), unauthenticated backend proxies (33%), and plaintext keys (19%). Re-analysis of the 282 apps after 3 months shows only 28% remediated, with 72% still vulnerable.

Significance. If the methodological assumptions hold, the work is significant for being the first systematic measurement study on this iOS-specific issue, providing concrete prevalence (282/444), pattern breakdowns, and persistence data (72% after disclosure). The dynamic-analysis approach that avoids binary decryption is a practical strength for empirical security research in mobile ecosystems.

major comments (3)
  1. [Abstract and Dataset section] Abstract and §3 (Dataset Construction): the claim that the 444-app set is a 'high-quality dataset' representative of LLM-integrated iOS apps rests on an unspecified 'standardized process' for filtering 1092 candidates. Without explicit selection criteria, category coverage, confirmation method for LLM integration, or comparison to the broader app population, the headline prevalence (282/444) and systemic-gap conclusion cannot be evaluated.
  2. [Abstract and LLMKeyLens section] Abstract and §4 (LLMKeyLens): the detection of 282 exploitable keys depends on the accuracy of traffic interception + provider-specific extraction + active confirmation. The manuscript reports no ground-truth validation set, false-positive rate, or manual verification sample for key validity, which is load-bearing for both the 282 count and the three-pattern breakdown.
  3. [Abstract and Remediation section] Abstract and §5 (Persistence): the claim that 72% of the 282 apps remained exploitable after 3 months requires details on app re-identification (e.g., version matching), confirmation that the same leakage vectors persisted, and handling of app-store updates or takedowns. These are needed to support the remediation-rate conclusion.
minor comments (2)
  1. [Results] Add a table listing the ten+ providers and their respective leakage counts for clarity.
  2. [Abstract] The abstract uses 'exploitable LLM API credentials' without defining the exact criteria used in active confirmation; a short methods paragraph would help.

Simulated Author's Rebuttal

3 responses · 0 unresolved

We thank the referee for the constructive feedback. We address each major comment below and will revise the manuscript accordingly to provide the requested clarifications and details.

read point-by-point responses

  1. Referee: [Abstract and Dataset section] Abstract and §3 (Dataset Construction): the claim that the 444-app set is a 'high-quality dataset' representative of LLM-integrated iOS apps rests on an unspecified 'standardized process' for filtering 1092 candidates. Without explicit selection criteria, category coverage, confirmation method for LLM integration, or comparison to the broader app population, the headline prevalence (282/444) and systemic-gap conclusion cannot be evaluated.

    Authors: We agree that the description of the dataset construction requires greater explicitness to support claims of quality and representativeness. In the revised manuscript, we will expand §3 to detail the full standardized filtering process applied to the 1092 candidates. This will include the initial identification criteria (LLM-related keywords in metadata combined with observed LLM API traffic), category coverage and distribution, the exact confirmation method for LLM integration, and a limitations discussion on generalizability to the broader iOS population. These additions will enable readers to better evaluate the prevalence figures and conclusions. revision: yes

  2. Referee: [Abstract and LLMKeyLens section] Abstract and §4 (LLMKeyLens): the detection of 282 exploitable keys depends on the accuracy of traffic interception + provider-specific extraction + active confirmation. The manuscript reports no ground-truth validation set, false-positive rate, or manual verification sample for key validity, which is load-bearing for both the 282 count and the three-pattern breakdown.

    Authors: We acknowledge that explicit validation metrics were not reported. The active confirmation (testing extracted credentials against provider endpoints) provides direct evidence of validity and exploitability. In the revision, we will add to §4 a description of the validation approach, including a manual verification sample of detected keys across providers and the resulting false-positive observations (none identified in the sampled cases due to the active testing). This will support the reliability of the 282 count and the pattern breakdown. revision: yes

  3. Referee: [Abstract and Remediation section] Abstract and §5 (Persistence): the claim that 72% of the 282 apps remained exploitable after 3 months requires details on app re-identification (e.g., version matching), confirmation that the same leakage vectors persisted, and handling of app-store updates or takedowns. These are needed to support the remediation-rate conclusion.

    Authors: We will revise §5 to include the requested methodological details on the re-analysis. This will cover app re-identification via persistent App Store IDs and bundle identifiers, version matching through release dates and update checks, confirmation that the original leakage vectors remained in updated binaries, and handling of app updates or removals (with removed apps noted separately). These clarifications will strengthen the basis for the 72% persistence finding. revision: yes

Circularity Check

0 steps flagged

No circularity: purely observational empirical study with no derivations or fitted predictions

full rationale

The paper performs an empirical measurement of credential leakage in iOS apps using dynamic traffic analysis. It reports counts (282/444 apps leaking keys, 72% persistence after 3 months) obtained via direct observation and re-testing. No equations, parameters, predictions, or derivations are present. The central claims rest on the representativeness of the 444-app sample and the accuracy of LLMKeyLens, which are methodological assumptions rather than self-referential reductions. No self-citation chains, ansatzes, or renamings of results appear. The study is self-contained as an observational report; any concerns about sample bias or detector validity fall under external validity, not circularity.

Axiom & Free-Parameter Ledger

0 free parameters · 2 axioms · 0 invented entities

The central prevalence and persistence claims rest on two unverified domain assumptions about dataset representativeness and tool accuracy; no free parameters or invented entities appear in the abstract.

axioms (2)
  • domain assumption The 444 apps obtained through standardized filtering from 1092 candidates represent the broader population of LLM-integrated iOS applications.
    Prevalence statistics (282/444) depend directly on this sampling assumption.
  • domain assumption Traffic interception plus provider-specific extraction and active validity checks in LLMKeyLens correctly identify leaked credentials without material false positives or negatives.
    All reported leakage patterns and remediation rates rest on the correctness of this detection method.

pith-pipeline@v0.9.1-grok · 5828 in / 1417 out tokens · 26124 ms · 2026-06-27T09:07:11.958894+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

57 extracted references · 20 canonical work pages

  1. [1]

    Apple Inc. 2025. Bundle Structures: iOS App Bundle Struc- ture. https : / / developer .apple.com / documentation / bundleresources / placing_content_in_a_bundle. Accessed: 2026-03-21

    2025

  2. [2]

    Apple Inc. 2025. FairPlay Streaming: Overview. https://developer .apple.com/ streaming/fps/. Accessed: 2026-03-15

    2025

  3. [3]

    Apple Inc. 2026. iTunes Search API. https://performance-partners .apple.com/ resources/documentation/itunes-store-web-service-search-api/. Accessed: 2026-03-23

    2026

  4. [4]

    Williams

    Setu Kumar Basak, Lorenzo Neil, Bradley Reaves, and Laurie A. Williams. 2023. What Challenges Do Developers Face About Checked-in Secrets in Software Artifacts?. In45th IEEE/ACM International Conference on Software Engineering, ICSE 2023, Melbourne, Australia, May 14-20, 2023. IEEE, 1635–1647. doi:10 .1109/ ICSE48619.2023.00141

    arXiv 2023

  5. [5]

    Alessandro Brucato. 2024. LLMjacking: Stolen Cloud Credentials Used in New AI Attack. Sysdig Blog. https://www .sysdig.com/blog/llmjacking-stolen-cloud- credentials-used-in-new-ai-attack Accessed: 2025-01-18

    2024

  6. [6]

    Meifang Chen, Zhe YANG, HUANG Nianchen, Yizhan Huang, Yichen LI, and Michael R. Lyu. 2025. Understanding Secret Leakage Risks in Code LLMs: A Tokenization Perspective. InNeurIPS 2025 Fourth Workshop on Deep Learning for Code. https://openreview.net/forum?id=c3OYeGH1Zj

    2025

  7. [7]

    William G. Cochran. 1977.Sampling Techniques(3rd ed.). John Wiley & Sons

    1977

  8. [8]

    Andrea Continella, Yanick Fratantonio, Martina Lindorfer, Alessandro Puccetti, Ali Zand, Christopher Kruegel, and Giovanni Vigna. 2017. Obfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential Analysis. In24th Annual Network and Distributed System Security Symposium, NDSS 2017, San Diego, California, USA, February 26 - March 1, 20...

    2017

  9. [9]

    Gelei Deng, Yi Liu, Yuekang Li, Kailong Wang, Ying Zhang, Zefeng Li, Haoyu Wang, Tianwei Zhang, and Yang Liu. 2024. MASTERKEY: Automated Jailbreaking of Large Language Model Chatbots. In31st Annual Network and Distributed System Security Symposium, NDSS 2024, San Diego, California, USA, February 26 - March 1, 2024. The Internet Society. https://www .ndss-...

    2024

  10. [10]

    Zhui Deng, Brendan Saltaformaggio, Xiangyu Zhang, and Dongyan Xu. 2015. iRiS: Vetting Private API Abuse in iOS Applications. InProceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, October 12-16, 2015, Indrajit Ray, Ninghui Li, and Christopher Kruegel (Eds.). ACM, 44–56. doi:10.1145/2810103.2813675

    work page doi:10.1145/2810103.2813675 2015

  11. [11]

    Daniel Domínguez-Álvarez, Alejandro de la Cruz, Alessandra Gorla, and Juan Ca- ballero. 2023. LibKit: Detecting Third-Party Libraries in iOS Apps. InProceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ESEC/FSE 2023, San Francisco, CA, USA, December 3-9, 2023, Satish Chandra, ...

    work page doi:10.1145/3611643.3616344 2023

  12. [12]

    Manuel Egele, Christopher Kruegel, Engin Kirda, and Giovanni Vigna. 2011. PiOS: Detecting Privacy Leaks in iOS Applications. InProceedings of the Network and Distributed System Security Symposium, NDSS 2011, San Diego, California, USA, 6th February - 9th February 2011. The Internet Society. https://www .ndss- symposium.org/ndss2011/pios-detecting-privacy-...

    2011

  13. [13]

    Johannes Feichtner, David Missmann, and Raphael Spreitzer. 2018. Automated Binary Analysis on iOS: A Case Study on Cryptographic Misuse in iOS Applica- tions. InProceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks, WiSec 2018, Stockholm, Sweden, June 18-20, 2018, Panos Papadimitratos, Kevin R. B. Butler, and Christi...

    work page doi:10.1145/3212480.3212487 2018

  14. [14]

    Runhan Feng, Ziyang Yan, Shiyan Peng, and Yuanyuan Zhang. 2022. Auto- mated Detection of Password Leakage from Public GitHub Repositories. In2022 IEEE/ACM 44th International Conference on Software Engineering (ICSE). 175–186. doi:10.1145/3510003.3510150

    work page doi:10.1145/3510003.3510150 2022

  15. [15]

    Frida Project. 2026. Frida: Dynamic Instrumentation Toolkit Documentation. https://frida.re/docs/home/. Accessed: 2026-03-15

    2026

  16. [16]

    Google. 2025. Gemini API Documentation. https://ai .google.dev/docs. Accessed: 2025-XX-XX

    2025

  17. [17]

    Bengü Gülay and Cemal Yilmaz. 2025. Mitigating Information Leakage in Large Language Models: Evaluating the Impact of Code Obfuscation on Vul- nerability Detection. InIEEE European Symposium on Security and Privacy, EuroS&P 2025 - Workshops, Venice, Italy, June 30 - July 4, 2025. IEEE, 1–8. doi:10.1109/EUROSPW67616.2025.00007

    work page doi:10.1109/eurospw67616.2025.00007 2025

  18. [18]

    Xinyi Hou, Yanjie Zhao, and Haoyu Wang. 2025. On the (in) security of llm app stores. In2025 IEEE Symposium on Security and Privacy (SP). IEEE, 317–335

    2025

  19. [19]

    Bo Hui, Haolin Yuan, Neil Gong, Philippe Burlina, and Yinzhi Cao. 2024. PLeak: Prompt Leaking Attacks against Large Language Model Applications. InPro- ceedings of the 2024 on ACM SIGSAC Conference on Computer and Communica- tions Security, CCS 2024, Salt Lake City, UT, USA, October 14-18, 2024, Bo Luo, Xiaojing Liao, Jun Xu, Engin Kirda, and David Lie (E...

    work page doi:10.1145/3658644.3670370 2024

  20. [20]

    Berkay Celik, Aravind Machiry, and Antonio Bianchi

    Muhammad Ibrahim, Güliz Seray Tuncay, Z. Berkay Celik, Aravind Machiry, and Antonio Bianchi. 2025. LM-Scout: Analyzing the Security of Language Model Integration in Android Apps.arXiv preprint arXiv:2505.08204(2025)

    arXiv 2025

  21. [21]

    Michael Jones, John Bradley, and Nat Sakimura. 2015. JSON Web Token (JWT). RFC 7519. doi:10.17487/RFC7519

    work page doi:10.17487/rfc7519 2015

  22. [22]

    Gerhard Jungwirth, Aakanksha Saha, Michael Schröder, Tobias Fiebig, Martina Lindorfer, and Jürgen Cito. 2023. Connecting the .dotfiles: Checked-In Secret Exposure with Extra (Lateral Movement) Steps. In20th IEEE/ACM International Conference on Mining Software Repositories, MSR 2023, Melbourne, Australia, May 15-16, 2023. IEEE, 322–333. doi:10.1109/MSR5907...

    work page doi:10.1109/msr59073.2023.00051 2023

  23. [23]

    KJCracks. 2017. Clutch: Fast iOS Executable Dumper. https://github .com/ KJCracks/Clutch. GitHub repository, accessed 2026-03-15

    2017

  24. [24]

    Klemmer, Nicolas Huaman, Dominik Wermke, Yasemin Acar, and Sascha Fahl

    Alexander Krause, Jan H. Klemmer, Nicolas Huaman, Dominik Wermke, Yasemin Acar, and Sascha Fahl. 2023. Pushed by Accident: A Mixed-Methods Study on Strategies of Handling Secret Information in Source Code Repositories. In32nd USENIX Security Symposium (USENIX Security 23). USENIX Association, Ana- heim, CA, 2527–2544. https://www .usenix.org/conference/us...

    2023

  25. [25]

    Wenzhi Li, Jialong Guo, Jiongyi Chen, Fan Li, Yujie Xing, Yanbo Xu, Shishuai Yang, and Wenrui Diao. 2025. FirmProj: Detecting Firmware Leakage in IoT Update Processes via Companion App Analysis. In40th IEEE/ACM International Conference on Automated Software Engineering, ASE 2025, Seoul, Korea, Republic of, November 16-20, 2025. IEEE, 2058–2070. doi:10.110...

    work page doi:10.1109/ase63991.2025.00171 2025

  26. [26]

    Dexin Liu, Yue Xiao, Chaoqi Zhang, Kaitao Xie, Xiaolong Bai, Shikun Zhang, and Luyi Xing. 2024. iHunter: Hunting Privacy Violations at Scale in the Soft- ware Supply Chain on iOS. In33rd USENIX Security Symposium, USENIX Se- curity 2024, Philadelphia, PA, USA, August 14-16, 2024, Davide Balzarotti and Wenyuan Xu (Eds.). USENIX Association. https://www .us...

    2024

  27. [27]

    Xueqing Liu, Yue Leng, Wei Yang, Wenyu Wang, Chengxiang Zhai, and Tao Xie

  28. [28]

    A Large-Scale Empirical Study on Android Runtime-Permission Rationale Messages. In2018 IEEE Symposium on Visual Languages and Human-Centric Computing, VL/HCC 2018, Lisbon, Portugal, October 1-4, 2018, Jácome Cunha, João Paulo Fernandes, Caitlin Kelleher, Gregor Engels, and Jorge Mendes (Eds.). IEEE Computer Society, 137–146. doi:10.1109/VLHCC.2018.8506574

    work page doi:10.1109/vlhcc.2018.8506574 2018

  29. [29]

    Yi Liu, Gelei Deng, Yuekang Li, Kailong Wang, Zihao Wang, Xiaofeng Wang, Tianwei Zhang, Yepang Liu, Haoyu Wang, Yan Zheng, et al. 2023. Prompt injection attack against llm-integrated applications.arXiv preprint arXiv:2306.05499(2023)

    Pith/arXiv arXiv 2023

  30. [30]

    McNiece, and Bradley Reaves

    Michael Meli, Matthew R. McNiece, and Bradley Reaves. 2019. How Bad Can It Git? Characterizing Secret Leakage in Public GitHub Repositories. In26th Annual Network and Distributed System Security Symposium, NDSS 2019, San Diego, California, USA, February 24-27, 2019. The Internet Society. https:// www.ndss-symposium .org/ndss-paper/how-bad-can-it-git-chara...

    2019

  31. [31]

    Abner Mendoza and Guofei Gu. 2018. Mobile Application Web API Reconnais- sance: Web-to-Mobile Inconsistencies & Vulnerabilities. In2018 IEEE Symposium on Security and Privacy, SP 2018, Proceedings, 21-23 May 2018, San Francisco, California, USA. IEEE Computer Society, 756–769. doi:10.1109/SP.2018.00039

    work page doi:10.1109/sp.2018.00039 2018

  32. [32]

    Shi Meng, Liu Wang, Shenao Wang, Kailong Wang, Xusheng Xiao, Guangdong Bai, and Haoyu Wang. 2023. Wemint:Tainting Sensitive Data Leaks in WeChat Mini-Programs. In38th IEEE/ACM International Conference on Automated Software Engineering, ASE 2023, Luxembourg, September 11-15, 2023. IEEE, 1403–1415. doi:10.1109/ASE56229.2023.00151

    work page doi:10.1109/ase56229.2023.00151 2023

  33. [33]

    mitmproxy project. 2026. mitmproxy: A Free and Open Source Interactive HTTPS Proxy. https://mitmproxy.org/. Accessed: 2026-03-15

    2026

  34. [34]

    Yuhong Nan, Zhemin Yang, Xiaofeng Wang, Yuan Zhang, Donglai Zhu, and Min Yang. 2018. Finding Clues for Your Secrets: Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps. In25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18-21, 2018. The Internet Society. https://www .ndss-symposi...

    2018

  35. [35]

    OpenAI. 2025. OpenAI API Documentation. https://platform .openai.com/docs/ api-reference. Accessed: 2025-XX-XX

    2025

  36. [36]

    OpenAI. 2026. OpenAI API Keys. https://platform .openai.com/api-keys. Ac- cessed: 2026-03-21

    2026

  37. [37]

    OpenRouter. 2025. OpenRouter: A Unified API for Hundreds of AI Models. https://openrouter.ai. Accessed: 2025-XX-XX

    2025

  38. [38]

    Damilola Orikogbo, Matthias Büchler, and Manuel Egele. 2016. CRiOS: Toward Large-Scale iOS Application Analysis. InProceedings of the 6th Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM@CCS 2016, Vienna, Austria, October 24, 2016, Long Lu and Mohammad Mannan (Eds.). ACM, 33–42. http://dl.acm.org/citation.cfm?id=2994473

    2016

  39. [39]

    Mehmet Ozkaya. 2024. LLM Providers: OpenAI, Meta AI, Anthropic, Hug- ging Face, Microsoft, Google, and Mistral AI.Medium(19 November 2024). https://mehmetozkaya.medium.com/llm-providers-openai-meta-ai-anthropic- hugging-face-microsoft-google-and-mistral-ai-46ad8c027f6b 7 min read

    2024

  40. [40]

    Potatso Labs. 2025. Potatso: Network Proxy Utility for iOS. https://potatso .com/. Accessed: 2026-03-15

    2025

  41. [41]

    Amogh Pradeep, Muhammad Talha Paracha, Protick Bhowmick, Ali Dava- nian, Abbas Razaghpanah, Taejoong Chung, Martina Lindorfer, Narseo Vallina- Rodriguez, Dave Levin, and David Choffnes. 2022. A Comparative Analysis of Certificate Pinning in Android & iOS. InProceedings of the 22nd ACM Inter- net Measurement Conference, IMC 2022, Nice, France, October 25–2...

    work page doi:10.1145/3517745.3561439 2022

  42. [42]

    Dubois, Ashwin Rao, David R

    Jingjing Ren, Martina Lindorfer, Daniel J. Dubois, Ashwin Rao, David R. Choffnes, and Narseo Vallina-Rodriguez. 2018. Bug Fixes, Improvements, ... and Privacy Leaks - A Longitudinal Study of PII Leaks Across Android App Versions. In25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18-21, 2018. T...

    2018

  43. [43]

    Choffnes

    Jingjing Ren, Ashwin Rao, Martina Lindorfer, Arnaud Legout, and David R. Choffnes. 2016. ReCon: Revealing and Controlling PII Leaks in Mobile Network Traffic. InProceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys 2016, Singapore, June 26-30, 2016, Rajesh Krishna Balan, Archan Misra, Sharad Agarwal...

    work page doi:10.1145/2906388.2906392 2016

  44. [44]

    David Schmidt, Sebastian Schrittwieser, and Edgar R. Weippl. 2025. Leaky Apps: Large-scale Analysis of Secrets Distributed in Android and iOS Apps. InPro- ceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security, CCS 2025, Taipei, Taiwan, October 13-17, 2025, Chun-Ying Huang, Jyh- Cheng Chen, Shiuh-Pyng Shieh, David Lie, and Véro...

    work page doi:10.1145/3719027.3765033 2025

  45. [45]

    Sensor Tower. 2025. State of Mobile AI Apps 2025. https://sensortower .com/ blog/2025-state-of-mobile-ai-is-everywhere-on-mobile

    2025

  46. [47]

    Yin Wang, Ming Fan, Hao Zhou, Haijun Wang, Wuxia Jin, Jiajia Li, Wenbo Chen, Shijie Li, Yu Zhang, Deqiang Han, and Ting Liu. 2024. MiniChecker: Detecting Data Privacy Risk of Abusive Permission Request Behavior in Mini-Programs. In Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering, ASE 2024, Sacramento, CA, USA, O...

    work page doi:10.1145/3691620.3695534 2024

  47. [48]

    Lili Wei, Heqing Huang, Shing-Chi Cheung, and Kevin Li. 2025. How Far Are App Secrets from Being Stolen? A Case Study on Android.Empirical Software Engineering30, 3 (2025). doi:10.1007/s10664-024-10607-9

    work page doi:10.1007/s10664-024-10607-9 2025

  48. [49]

    Wikipedia contributors. 2026. FairPlay. https://en .wikipedia.org/wiki/FairPlay. Accessed: 2026-03-21

    2026

  49. [50]

    Yue Xiao, Zhengyi Li, Yue Qin, Xiaolong Bai, Jiale Guan, Xiaojing Liao, and Luyi Xing. 2023. Lalaine: Measuring and Characterizing Non-Compliance of Apple Privacy Labels. In32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023, Joseph A. Calandrino and Carmela Troncoso (Eds.). USENIX Association, 1091–1108. https://www ...

    2023

  50. [51]

    Soufian El Yadmani, Olga Gadyatskaya, and Yury Zhauniarovich. 2025. The File That Contained the Keys Has Been Removed: An Empirical Analysis of Secret Leaks in Cloud Buckets and Responsible Disclosure Outcomes. InIEEE Symposium on Security and Privacy, SP 2025, San Francisco, CA, USA, May 12- 15, 2025, Marina Blanton, William Enck, and Cristina Nita-Rotar...

    work page doi:10.1109/sp61157.2025.00009 2025

  51. [52]

    Brower-Sinning, Grace A

    Chenyang Yang, Rachel A. Brower-Sinning, Grace A. Lewis, and Christian Kästner

  52. [53]

    In37th IEEE/ACM International Conference on Automated Software Engineering, ASE 2022, Rochester, MI, USA, October 10-14, 2022

    Data Leakage in Notebooks: Static Detection and Better Processes. In37th IEEE/ACM International Conference on Automated Software Engineering, ASE 2022, Rochester, MI, USA, October 10-14, 2022. ACM, 30:1–30:12. doi:10 .1145/ 3551349.3556918

    arXiv 2022

  53. [54]

    Yue Zhang, Yuqing Yang, and Zhiqiang Lin. 2023. Don’t leak your keys: Under- standing, measuring, and exploiting the appsecret leaks in mini-programs. In Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security. 2411–2425

    2023

  54. [55]

    Shide Zhou, Tianlin Li, Kailong Wang, Yihao Huang, Ling Shi, Yang Liu, and Haoyu Wang. 2025. Understanding the Effectiveness of Coverage Crite- ria for Large Language Models: A Special Angle from Jailbreak Attacks. In 47th IEEE/ACM International Conference on Software Engineering, ICSE 2025, Ottawa, ON, Canada, April 26 - May 6, 2025. IEEE, 730–742. doi:1...

    arXiv 2025

  55. [56]

    Yajin Zhou, Lei Wu, Zhi Wang, and Xuxian Jiang. 2015. Harvesting developer credentials in Android apps. InProceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, New York, NY, USA, June 22-26, 2015. ACM, 23:1–23:12. doi:10.1145/2766498.2766499

    work page doi:10.1145/2766498.2766499 2015

  56. [57]

    Chaoshun Zuo, Zhiqiang Lin, and Yinqian Zhang. 2019. Why Does Your Data Leak? Uncovering the Data Leakage in Cloud from Mobile Apps. In2019 IEEE Symposium on Security and Privacy, SP 2019, San Francisco, CA, USA, May 19-23,

    2019

  57. [58]

    Kelemen, S

    IEEE, 1296–1310. doi:10.1109/SP.2019.00009

    work page doi:10.1109/sp.2019.00009 2019