NAS third-party packages

We constructed the largest NAS package dataset to date, consisting of 1,489 NAS packages from major third-party sources, which can offer representative data for further research. Given that Synology and QNAP have the largest user bases, these platforms experience the highest frequency of attacks. Furthermore, the NAS package ecosystems provided by other vendors are considerably smaller. So our security measurements focus solely on the NAS packages of Synology and QNAP. We sourced NAS packages from three main origins: official websites, third-party package repositories, and community forums. Specifically, for Synology we gathered all packages available from its official website along with the majority from popular third-party sources and community forums. As for QNAP, which lacks an official package repository, we obtained all packages from the two largest third-party repositories.  For each target website, we developed crawlers using Scrapy or Selenium to retrieve packages files and their metadata, including package name, release date, vendor, and description. We selected the x86 architecture for downloading, due to its widespread use, compatibility, and reliability. As of October 2023, we have collected a total of 1,853 NAS packages. We believe that this dataset to be sufficiently large, diverse, and representative to support our research.

This dataset consists some examples of NAS third-party packages, the complete dataset will be made publicly available upon acceptance of the manuscript.