Analysis of Location Data Leakage in the Internet Traffic of Android-based Mobile Devices

In recent years we have witnessed a shift towards personalized, context-based services for mobile devices. A key component of many of these services is the ability to infer the current location and predict the future location of users based on location sensors embedded in the devices. Such knowledge enables service providers to present relevant and timely offers to their users and better manage traffic congestion control, thus increasing customer satisfaction and engagement. However, such services suffer from location data leakage which has become one of today's most concerning privacy issues for smartphone users. In this paper we focus specifically on location data that is exposed by Android applications via Internet network traffic in plaintext without the user's awareness. We present an empirical evaluation involving the network traffic of real mobile device users, aimed at: (1) measuring the extent of relevant location data leakage in the Internet traffic of Android-based smartphone devices; (2) understanding the value of this data and the ability to infer users' points of interests (POIs); and (3) deriving a step-by-step attack aimed at inferring the user's POIs under realistic, real-world assumptions. This was achieved by analyzing the Internet traffic recorded from the smartphones of a group of 71 participants for an average period of 37 days. We also propose a procedure for mining and filtering location data from raw network traffic and utilize geolocation clustering methods to infer users' POIs. The key findings of this research center on the extent of this phenomenon in terms of both ubiquity and severity; we found that over 85% of the users' devices leaked location data, and the exposure rate of users' POIs, derived from the relatively sparse leakage indicators, is around 61%.