Identify What You are Doing: Smartphone Apps Fingerprinting on Cellular Network Traffic

Apps installed on smartphones may reveal users' privacy, which is often under malicious attacks. Most privacy attacks are based on network layer traffic. However, the encryption used in the cellular network makes it difficult for a passive adversary to obtain the traffic. In this paper, we leve...

Full description

Saved in:
Bibliographic Details
Main Authors: Zhai, Liuqun, Qiao, Zhuang, Wang, Zhongfang, Wei, Dong
Format: Conference Proceeding
Language:English
Subjects:
5G mobile communication
Apps fingerprinting
cellular network
Cellular networks
Downlink
Encryption
Fingerprint recognition
Metadata
Privacy
privacy attack
traffic identification
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Apps installed on smartphones may reveal users' privacy, which is often under malicious attacks. Most privacy attacks are based on network layer traffic. However, the encryption used in the cellular network makes it difficult for a passive adversary to obtain the traffic. In this paper, we leverage the data link layer metadata, such as PDCP packet size, distribution, and interarrival time, to create Apps fingerprints and then conduct a non-intrusive smartphone Apps privacy attack. We test three different smartphones on a 4G LTE laboratory network. On twenty popular Apps selected from the AppStore and Huawei AppGallary, we achieve an Fl-score ranging from 91.32% to 99.49%. Also, we investigate the effect of classification algorithms, time windows, monitoring duration and smartphone brands on Apps fingerprinting attack. Furthermore, we evaluate the performance of the attack using only downlink traffic, which is consistent with the actual attack scenario. Because the data link layer specifications of 4G LTE and 5G are similar, the method of Apps fingerprinting attack can be extended to the latest 5G networks.
ISSN:2642-7389
DOI:10.1109/ISCC53001.2021.9631415