Robust App Fingerprinting Over the Air

IF 3 3区计算机科学 Q2 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

IEEE/ACM Transactions on Networking Pub Date : 2024-08-30 DOI:10.1109/TNET.2024.3448621

Jianfeng Li;Zheng Lin;Jian Qu;Shuohan Wu;Hao Zhou;Yangyang Liu;Xiaobo Ma;Ting Wang;Xiapu Luo;Xiaohong Guan

{"title":"Robust App Fingerprinting Over the Air","authors":"Jianfeng Li;Zheng Lin;Jian Qu;Shuohan Wu;Hao Zhou;Yangyang Liu;Xiaobo Ma;Ting Wang;Xiapu Luo;Xiaohong Guan","doi":"10.1109/TNET.2024.3448621","DOIUrl":null,"url":null,"abstract":"Mobile apps have significantly transformed various aspects of modern life, leading to growing concerns about privacy risks. Despite widespread encrypted communication, app fingerprinting (AF) attacks threaten user privacy substantially. However, existing AF attacks, when targeted at wireless traffic, face four fundamental challenges, namely 1) sample inseparability; 2) app multiplexing; 3) signal attenuation; and 4) open-world recognition. In this paper, we advance a novel AF attack, dubbed PacketPrint, to recognize app user activities over the air in an open-world setting. We introduce two novel models, i.e., sequential XGBoost and hierarchical bag-of-words model, to tackle sample inseparability and enhance robustness against noise packets arising from app multiplexing. We also propose the environment-aware model enhancement to bolster PacketPrint’s robustness in handling packet loss at the sniffer caused by signal attenuation. We conduct extensive experiments to evaluate the proposed attack in a series of challenging scenarios, including 1) open-world setting; 2) simultaneous use of different apps; 3) severe packet loss at the sniffer; and 4) cross-dataset recognition. The experimental results show that PacketPrint can accurately recognize app user activities. It achieves the average F1-score 0.947 for open-world app recognition and the average F1-score 0.959 for in-app user action recognition.","PeriodicalId":13443,"journal":{"name":"IEEE/ACM Transactions on Networking","volume":"32 6","pages":"5065-5080"},"PeriodicalIF":3.0000,"publicationDate":"2024-08-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE/ACM Transactions on Networking","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10660481/","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

Mobile apps have significantly transformed various aspects of modern life, leading to growing concerns about privacy risks. Despite widespread encrypted communication, app fingerprinting (AF) attacks threaten user privacy substantially. However, existing AF attacks, when targeted at wireless traffic, face four fundamental challenges, namely 1) sample inseparability; 2) app multiplexing; 3) signal attenuation; and 4) open-world recognition. In this paper, we advance a novel AF attack, dubbed PacketPrint, to recognize app user activities over the air in an open-world setting. We introduce two novel models, i.e., sequential XGBoost and hierarchical bag-of-words model, to tackle sample inseparability and enhance robustness against noise packets arising from app multiplexing. We also propose the environment-aware model enhancement to bolster PacketPrint’s robustness in handling packet loss at the sniffer caused by signal attenuation. We conduct extensive experiments to evaluate the proposed attack in a series of challenging scenarios, including 1) open-world setting; 2) simultaneous use of different apps; 3) severe packet loss at the sniffer; and 4) cross-dataset recognition. The experimental results show that PacketPrint can accurately recognize app user activities. It achieves the average F1-score 0.947 for open-world app recognition and the average F1-score 0.959 for in-app user action recognition.

查看原文本刊更多论文

强大的空中应用程序指纹识别功能

移动应用极大地改变了现代生活的各个方面，导致人们对隐私风险的担忧日益增加。尽管加密通信广泛存在，但应用程序指纹（AF）攻击极大地威胁了用户隐私。然而，现有的针对无线流量的AF攻击面临四个基本挑战：1)样本不可分离性；2)应用复用；3)信号衰减；4)开放世界的识别。在本文中，我们提出了一种新的AF攻击，称为PacketPrint，用于在开放世界环境中通过空中识别应用程序用户活动。我们引入了两个新颖的模型，即顺序XGBoost和分层词袋模型，以解决样本不可分性并增强对应用复用产生的噪声包的鲁棒性。我们还提出了环境感知模型的增强，以增强PacketPrint在处理信号衰减引起的嗅探器丢包方面的鲁棒性。我们进行了大量的实验来评估在一系列具有挑战性的场景中提出的攻击，包括1)开放世界设置；2)同时使用不同的app；3)嗅探器丢包严重；4)跨数据集识别。实验结果表明，packketprint能够准确识别应用程序用户的活动。开放世界应用识别平均F1-score 0.947，应用内用户动作识别平均F1-score 0.959。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE/ACM Transactions on Networking 工程技术-电信学

CiteScore

8.20

自引率

5.40%

发文量

246

审稿时长

4-8 weeks

期刊介绍： The IEEE/ACM Transactions on Networking’s high-level objective is to publish high-quality, original research results derived from theoretical or experimental exploration of the area of communication/computer networking, covering all sorts of information transport networks over all sorts of physical layer technologies, both wireline (all kinds of guided media: e.g., copper, optical) and wireless (e.g., radio-frequency, acoustic (e.g., underwater), infra-red), or hybrids of these. The journal welcomes applied contributions reporting on novel experiences and experiments with actual systems.