help promote
usenix conference policies
You are here
Eavesdropping on Fine-Grained User Activities Within Smartphone Apps Over Encrypted Network Traffic
Brendan Saltaformaggio, Hongjun Choi, Kristen Johnson, Yonghwi Kwon, Qi Zhang, Xiangyu Zhang, and Dongyan Xu, Purdue University; John Qian, Cisco Systems
Smartphone apps have changed the way we interact with online services, but highly specialized apps come at a cost to privacy. In this paper we will demonstrate that a passive eavesdropper is capable of identifying finegrained user activities within the wireless network traffic generated by apps. Despite the widespread use of fully encrypted communication, our technique, called NetScope, is based on the intuition that the highly specific implementation of each app leaves a fingerprint on its traffic behavior (e.g., transfer rates, packet exchanges, and data movement). By learning the subtle traffic behavioral differences between activities (e.g., “browsing” versus “chatting” in a dating app), NetScope is able to perform robust inference of users’ activities, for both Android and iOS devices, based solely on inspecting IP headers. Our evaluation with 35 widely popular app activities (ranging from social networking and dating to personal health and presidential campaigns) shows that NetScope yields high detection accuracy (78.04% precision and 76.04% recall on average).
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Brendan Saltaformaggio and Hongjun Choi and Kristen Johnson and Yonghwi Kwon and Qi Zhang and Xiangyu Zhang and Dongyan Xu and John Qian},
title = {Eavesdropping on {Fine-Grained} User Activities Within Smartphone Apps Over Encrypted Network Traffic},
booktitle = {10th USENIX Workshop on Offensive Technologies (WOOT 16)},
year = {2016},
address = {Austin, TX},
url = {https://www.usenix.org/conference/woot16/workshop-program/presentation/saltaformaggio},
publisher = {USENIX Association},
month = aug
}
connect with us