{"title":"识别你在做什么:手机网络流量上的智能手机应用指纹","authors":"Liuqun Zhai, Zhuang Qiao, Zhongfang Wang, Dongxue Wei","doi":"10.1109/ISCC53001.2021.9631415","DOIUrl":null,"url":null,"abstract":"Apps installed on smartphones may reveal users' privacy, which is often under malicious attacks. Most privacy attacks are based on network layer traffic. However, the encryption used in the cellular network makes it difficult for a passive adversary to obtain the traffic. In this paper, we leverage the data link layer metadata, such as PDCP packet size, distribution, and interarrival time, to create Apps fingerprints and then conduct a non-intrusive smartphone Apps privacy attack. We test three different smartphones on a 4G LTE laboratory network. On twenty popular Apps selected from the AppStore and Huawei AppGallary, we achieve an Fl-score ranging from 91.32% to 99.49%. Also, we investigate the effect of classification algorithms, time windows, monitoring duration and smartphone brands on Apps fingerprinting attack. Furthermore, we evaluate the performance of the attack using only downlink traffic, which is consistent with the actual attack scenario. Because the data link layer specifications of 4G LTE and 5G are similar, the method of Apps fingerprinting attack can be extended to the latest 5G networks.","PeriodicalId":270786,"journal":{"name":"2021 IEEE Symposium on Computers and Communications (ISCC)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Identify What You are Doing: Smartphone Apps Fingerprinting on Cellular Network Traffic\",\"authors\":\"Liuqun Zhai, Zhuang Qiao, Zhongfang Wang, Dongxue Wei\",\"doi\":\"10.1109/ISCC53001.2021.9631415\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Apps installed on smartphones may reveal users' privacy, which is often under malicious attacks. Most privacy attacks are based on network layer traffic. However, the encryption used in the cellular network makes it difficult for a passive adversary to obtain the traffic. In this paper, we leverage the data link layer metadata, such as PDCP packet size, distribution, and interarrival time, to create Apps fingerprints and then conduct a non-intrusive smartphone Apps privacy attack. We test three different smartphones on a 4G LTE laboratory network. On twenty popular Apps selected from the AppStore and Huawei AppGallary, we achieve an Fl-score ranging from 91.32% to 99.49%. Also, we investigate the effect of classification algorithms, time windows, monitoring duration and smartphone brands on Apps fingerprinting attack. Furthermore, we evaluate the performance of the attack using only downlink traffic, which is consistent with the actual attack scenario. Because the data link layer specifications of 4G LTE and 5G are similar, the method of Apps fingerprinting attack can be extended to the latest 5G networks.\",\"PeriodicalId\":270786,\"journal\":{\"name\":\"2021 IEEE Symposium on Computers and Communications (ISCC)\",\"volume\":\"30 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-09-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE Symposium on Computers and Communications (ISCC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISCC53001.2021.9631415\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE Symposium on Computers and Communications (ISCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCC53001.2021.9631415","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Identify What You are Doing: Smartphone Apps Fingerprinting on Cellular Network Traffic
Apps installed on smartphones may reveal users' privacy, which is often under malicious attacks. Most privacy attacks are based on network layer traffic. However, the encryption used in the cellular network makes it difficult for a passive adversary to obtain the traffic. In this paper, we leverage the data link layer metadata, such as PDCP packet size, distribution, and interarrival time, to create Apps fingerprints and then conduct a non-intrusive smartphone Apps privacy attack. We test three different smartphones on a 4G LTE laboratory network. On twenty popular Apps selected from the AppStore and Huawei AppGallary, we achieve an Fl-score ranging from 91.32% to 99.49%. Also, we investigate the effect of classification algorithms, time windows, monitoring duration and smartphone brands on Apps fingerprinting attack. Furthermore, we evaluate the performance of the attack using only downlink traffic, which is consistent with the actual attack scenario. Because the data link layer specifications of 4G LTE and 5G are similar, the method of Apps fingerprinting attack can be extended to the latest 5G networks.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
