Mobile devices can be maliciously exploited to violate the privacy of people. In most attack scenarios, the adversary takes the local or remote control of the mobile device, by leveraging a vulnerability of the system, hence sending back the collected information to some remote web service. In this paper, we consider a different adversary, who does not interact actively with the mobile device, but he is able to eavesdrop the network traffic of the device from the network side (e.g., controlling a Wi-Fi access point). The fact that the network traffic is often encrypted makes the attack even more challenging. In this paper, we investigate to what extent such an external attacker can identify the specific actions that a user is performing on her mobile apps. We design a system that achieves this goal using advanced machine learning techniques. We built a complete implementation of this system, and we also run a thorough set of experiments, which show that our attack can achieve accuracy and precision higher than 95%, for most of the considered actions. We compared our solution with the three state-of-the-art algorithms, and confirming that our system outperforms all these direct competitors.

Analyzing Android Encrypted Network Traffic to Identify User Actions / Conti, Mauro; Mancini, Luigi Vincenzo; Spolaor, Riccardo; Verde, NINO VINCENZO. - In: IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY. - ISSN 1556-6013. - STAMPA. - 11:1(2016), pp. 114-125. [10.1109/TIFS.2015.2478741]

Analyzing Android Encrypted Network Traffic to Identify User Actions

MANCINI, Luigi Vincenzo;VERDE, NINO VINCENZO
2016

Abstract

Mobile devices can be maliciously exploited to violate the privacy of people. In most attack scenarios, the adversary takes the local or remote control of the mobile device, by leveraging a vulnerability of the system, hence sending back the collected information to some remote web service. In this paper, we consider a different adversary, who does not interact actively with the mobile device, but he is able to eavesdrop the network traffic of the device from the network side (e.g., controlling a Wi-Fi access point). The fact that the network traffic is often encrypted makes the attack even more challenging. In this paper, we investigate to what extent such an external attacker can identify the specific actions that a user is performing on her mobile apps. We design a system that achieves this goal using advanced machine learning techniques. We built a complete implementation of this system, and we also run a thorough set of experiments, which show that our attack can achieve accuracy and precision higher than 95%, for most of the considered actions. We compared our solution with the three state-of-the-art algorithms, and confirming that our system outperforms all these direct competitors.
2016
Computer Networks and Communications, data privacy, Safety, Risk, Reliability and Quality, Web services, Machine learning algorithms, Time series analysis, mobile computing, smart phones
01 Pubblicazione su rivista::01a Articolo in rivista
Analyzing Android Encrypted Network Traffic to Identify User Actions / Conti, Mauro; Mancini, Luigi Vincenzo; Spolaor, Riccardo; Verde, NINO VINCENZO. - In: IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY. - ISSN 1556-6013. - STAMPA. - 11:1(2016), pp. 114-125. [10.1109/TIFS.2015.2478741]
File allegati a questo prodotto
File Dimensione Formato  
Mancini_Analyzing_2016.pdf

solo gestori archivio

Tipologia: Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 4.51 MB
Formato Adobe PDF
4.51 MB Adobe PDF   Contatta l'autore

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/878034
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 222
  • ???jsp.display-item.citation.isi??? 166
social impact