Madushi Hasara Pathmaperuma, Y. Rahulamathavan, Safak Dogan, Ahmet M. Kondoz
{"title":"用户移动应用加密活动检测","authors":"Madushi Hasara Pathmaperuma, Y. Rahulamathavan, Safak Dogan, Ahmet M. Kondoz","doi":"10.1145/3478301.3478303","DOIUrl":null,"url":null,"abstract":"Mobile users install different types of applications on their mobile devices based on their interests and needs and perform various activities on them (known as in-app activities). In this paper, we demonstrate that a passive eavesdropper can identify fine grained in-app activities by analysing encrypted network traffic information obtained by sniffing a Wireless Local Area Network (WLAN). Even though encryption protocols are used to provide security over Internet communications, side channel data is still leaked from encrypted traffic. We utilise this data (frame length, inter arrival time and direction) to identify the in-app activities. Further as a first study of its kind, we show that it is possible to identify in-app activities accurately by observing a very small subset of traffic, rather than observing the entire transaction of an activity as presented in existing literature. To reach these observations, we evaluated 51 in-app activities from three popular social networking apps and identified more than 85% of them correctly using the Bayes Net machine learning algorithm.","PeriodicalId":338866,"journal":{"name":"The 2nd European Symposium on Computer and Communications","volume":"47 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-04-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"User Mobile App Encrypted Activity Detection\",\"authors\":\"Madushi Hasara Pathmaperuma, Y. Rahulamathavan, Safak Dogan, Ahmet M. Kondoz\",\"doi\":\"10.1145/3478301.3478303\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Mobile users install different types of applications on their mobile devices based on their interests and needs and perform various activities on them (known as in-app activities). In this paper, we demonstrate that a passive eavesdropper can identify fine grained in-app activities by analysing encrypted network traffic information obtained by sniffing a Wireless Local Area Network (WLAN). Even though encryption protocols are used to provide security over Internet communications, side channel data is still leaked from encrypted traffic. We utilise this data (frame length, inter arrival time and direction) to identify the in-app activities. Further as a first study of its kind, we show that it is possible to identify in-app activities accurately by observing a very small subset of traffic, rather than observing the entire transaction of an activity as presented in existing literature. To reach these observations, we evaluated 51 in-app activities from three popular social networking apps and identified more than 85% of them correctly using the Bayes Net machine learning algorithm.\",\"PeriodicalId\":338866,\"journal\":{\"name\":\"The 2nd European Symposium on Computer and Communications\",\"volume\":\"47 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-04-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"The 2nd European Symposium on Computer and Communications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3478301.3478303\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"The 2nd European Symposium on Computer and Communications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3478301.3478303","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Mobile users install different types of applications on their mobile devices based on their interests and needs and perform various activities on them (known as in-app activities). In this paper, we demonstrate that a passive eavesdropper can identify fine grained in-app activities by analysing encrypted network traffic information obtained by sniffing a Wireless Local Area Network (WLAN). Even though encryption protocols are used to provide security over Internet communications, side channel data is still leaked from encrypted traffic. We utilise this data (frame length, inter arrival time and direction) to identify the in-app activities. Further as a first study of its kind, we show that it is possible to identify in-app activities accurately by observing a very small subset of traffic, rather than observing the entire transaction of an activity as presented in existing literature. To reach these observations, we evaluated 51 in-app activities from three popular social networking apps and identified more than 85% of them correctly using the Bayes Net machine learning algorithm.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
