Welcome to the MiniSec store!

Welcome to the miniapp dataset shop! A ‘‘store’’ affiliated with the MiniSec Community that aims to facilitate and advocate the miniapp security research.

What is Miniapp? See here for introduction. Chinese only right now, but English version on the way!

I am Yuqing, the owner of this little family-own grocery store! We host by far the largest dataset in the field of super app and miniapp security, totaling over 4 millions of miniapps!

This little store does not ‘‘sell’’ the products, but ‘‘share’’ the products — if you are researchers who are curious or interested in the miniapp security and other related field of study, you are welcomed to submit requests of dataset hosted on this website. All you need is to clarify your affiliation, so we can validate your identity and ensure that the dataset is not misused. Please check our service catalogs and release policy below:

1. Service catalog

We proudly provide:

• Dataset for Cross-miniapp Request Forgery Vulnerability [CCS22]
• Dataset for Miniapps with AppSecret Leakage [CCS23] (This requires additional consent and agreement, contact me for details)
• Evasive miniapp malware [NDSS25]
• Randomly-selected miniapp samples to facilitate your preliminary research [SIGMETRICS21]
• Analysis tools for CMRF vulnerability discovery, AppSecret leakage detection, malware analysis, taint analysis. Contact me for details
• Plus other made-to-order dataset

Plus, the meta data of the miniapps if applicable. They are attached to the dataset, as our ways to thank your interest in miniapp security!

2. How to obtain

We are happy to share our dataset to ignite and facilitate more research in this field. However, to avoid misuse, we do require institutional authentication and written consent to not misuse the released dataset. If you would like to access these dataset, please follow the format as listed below to avoid being ignored. If I fail to respond in 7 days, feel free to send the email again!

Please send your request emails to Yuqing Yang (yang.5656@osu.edu) AND Dr. Zhiqiang Lin (zlin@cse.ohio-state.edu) with “[MiniMalware Samples Request]” in the subject, plus:

2.1 If you are currently in academia:

Send the email with your university email address. If you are a student (or postdoc), cc your advisor.

In your email, include your name, affiliation, and homepage (if we do not know each other). The information is needed for verification purpose. Note that your request may be ignored if we are not able to determine your identity or affiliation.

If your papers or articles use our dataset, please cite our related papers. Appreciated!

2.2 If you are currently in industry (including research labs):

Send us an email from your company’s email account. In the email, please briefly introduce yourself (e.g., name and title – in case we do not know each other) and your company.

We will be in contact with you to discuss the detail, including your request of dataset and the contents that need to be included in the justification letter.

Please follow-up by sending us a justification letter (in PDF format) in official letterhead. The letter needs to acknowledge the MiniSec project, and the paper associated with the requested dataset. Also, acknowledge why the dataset is required, and that the dataset will not be shared to others without our permission.

3. Access Policies

• We emphasize that we will ignore emails that do not follow the above instructions.

• Our responsibilities: we are responsible to verify the identity of the institutions and individuals who request the dataset to prevent misuse.

• Your responsibilities: you are responsible for properly preserving the dataset. Sharing any samples in our dataset to others without our permission is not allowed.

• We may disclose the list of universities, research labs, companies that have requested our dataset on this webpage.

Sending us the email for requesting dataset implies that you are aware of and agree with the above policies.

4. Acknowledgements

Our datasets have been released to the following Affiliations:

1. niversity of Electronic Science and Technology of China
2. Harbin Institute of Technology
3. Nanjing University
4. Xidian University
5. Rochester Institute of Technology
6. Johns Hopkins University
7. Xi’an Jiao Tong University
8. University of Science and Technology Beijing
9. University of Chinese Academy of Sciences
10. Peking University