Loading…
Identify What You are Doing: Smartphone Apps Fingerprinting on Cellular Network Traffic
Apps installed on smartphones may reveal users' privacy, which is often under malicious attacks. Most privacy attacks are based on network layer traffic. However, the encryption used in the cellular network makes it difficult for a passive adversary to obtain the traffic. In this paper, we leve...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Conference Proceeding |
| Language: | English |
| Subjects: | |
| Online Access: | Request full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | |
|---|---|
| cites | |
| container_end_page | 7 |
| container_issue | |
| container_start_page | 1 |
| container_title | |
| container_volume | |
| creator | Zhai, Liuqun Qiao, Zhuang Wang, Zhongfang Wei, Dong |
| description | Apps installed on smartphones may reveal users' privacy, which is often under malicious attacks. Most privacy attacks are based on network layer traffic. However, the encryption used in the cellular network makes it difficult for a passive adversary to obtain the traffic. In this paper, we leverage the data link layer metadata, such as PDCP packet size, distribution, and interarrival time, to create Apps fingerprints and then conduct a non-intrusive smartphone Apps privacy attack. We test three different smartphones on a 4G LTE laboratory network. On twenty popular Apps selected from the AppStore and Huawei AppGallary, we achieve an Fl-score ranging from 91.32% to 99.49%. Also, we investigate the effect of classification algorithms, time windows, monitoring duration and smartphone brands on Apps fingerprinting attack. Furthermore, we evaluate the performance of the attack using only downlink traffic, which is consistent with the actual attack scenario. Because the data link layer specifications of 4G LTE and 5G are similar, the method of Apps fingerprinting attack can be extended to the latest 5G networks. |
| doi_str_mv | 10.1109/ISCC53001.2021.9631415 |
| format | conference_proceeding |
| fullrecord | <record><control><sourceid>ieee_CHZPO</sourceid><recordid>TN_cdi_ieee_primary_9631415</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>9631415</ieee_id><sourcerecordid>9631415</sourcerecordid><originalsourceid>FETCH-LOGICAL-i203t-cf6c2b56d5055b68571421d4327ef9305e4697aec41ccf8ecba3ad088c77b0293</originalsourceid><addsrcrecordid>eNotkMtKw0AYhUdBsNY-gSDzAolzv7gr0Wqh6KKV4qpMJv-0ozEJkxTp2xuwqwMHzsfHQeiekpxSYh-W66KQnBCaM8JobhWngsoLNLPaUKWkYFoIe4kmTAmWaW7sNbrp-y9CiJFMT9B2WUEzxHDC24Mb8Gd7xC4Bfmpjs3_E6x-Xhu7QNoDnXdfjxdhC6lIcJ80etw0uoK6PtUv4DYbfNn3jTXIhRH-LroKre5idc4o-Fs-b4jVbvb8si_kqi4zwIfNBeVZKVUkiZamM1FQwWgnONATLiQShrHbgBfU-GPCl464ixnitS8Isn6K7f24EgN1oNhqfducf-B_RRFKQ</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Identify What You are Doing: Smartphone Apps Fingerprinting on Cellular Network Traffic</title><source>IEEE Xplore All Conference Series</source><creator>Zhai, Liuqun ; Qiao, Zhuang ; Wang, Zhongfang ; Wei, Dong</creator><creatorcontrib>Zhai, Liuqun ; Qiao, Zhuang ; Wang, Zhongfang ; Wei, Dong</creatorcontrib><description>Apps installed on smartphones may reveal users' privacy, which is often under malicious attacks. Most privacy attacks are based on network layer traffic. However, the encryption used in the cellular network makes it difficult for a passive adversary to obtain the traffic. In this paper, we leverage the data link layer metadata, such as PDCP packet size, distribution, and interarrival time, to create Apps fingerprints and then conduct a non-intrusive smartphone Apps privacy attack. We test three different smartphones on a 4G LTE laboratory network. On twenty popular Apps selected from the AppStore and Huawei AppGallary, we achieve an Fl-score ranging from 91.32% to 99.49%. Also, we investigate the effect of classification algorithms, time windows, monitoring duration and smartphone brands on Apps fingerprinting attack. Furthermore, we evaluate the performance of the attack using only downlink traffic, which is consistent with the actual attack scenario. Because the data link layer specifications of 4G LTE and 5G are similar, the method of Apps fingerprinting attack can be extended to the latest 5G networks.</description><identifier>EISSN: 2642-7389</identifier><identifier>EISBN: 9781665427449</identifier><identifier>EISBN: 1665427442</identifier><identifier>DOI: 10.1109/ISCC53001.2021.9631415</identifier><language>eng</language><publisher>IEEE</publisher><subject>5G mobile communication ; Apps fingerprinting ; cellular network ; Cellular networks ; Downlink ; Encryption ; Fingerprint recognition ; Metadata ; Privacy ; privacy attack ; traffic identification</subject><ispartof>2021 IEEE Symposium on Computers and Communications (ISCC), 2021, p.1-7</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/9631415$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,27925,54555,54932</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/9631415$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Zhai, Liuqun</creatorcontrib><creatorcontrib>Qiao, Zhuang</creatorcontrib><creatorcontrib>Wang, Zhongfang</creatorcontrib><creatorcontrib>Wei, Dong</creatorcontrib><title>Identify What You are Doing: Smartphone Apps Fingerprinting on Cellular Network Traffic</title><title>2021 IEEE Symposium on Computers and Communications (ISCC)</title><addtitle>ISCC</addtitle><description>Apps installed on smartphones may reveal users' privacy, which is often under malicious attacks. Most privacy attacks are based on network layer traffic. However, the encryption used in the cellular network makes it difficult for a passive adversary to obtain the traffic. In this paper, we leverage the data link layer metadata, such as PDCP packet size, distribution, and interarrival time, to create Apps fingerprints and then conduct a non-intrusive smartphone Apps privacy attack. We test three different smartphones on a 4G LTE laboratory network. On twenty popular Apps selected from the AppStore and Huawei AppGallary, we achieve an Fl-score ranging from 91.32% to 99.49%. Also, we investigate the effect of classification algorithms, time windows, monitoring duration and smartphone brands on Apps fingerprinting attack. Furthermore, we evaluate the performance of the attack using only downlink traffic, which is consistent with the actual attack scenario. Because the data link layer specifications of 4G LTE and 5G are similar, the method of Apps fingerprinting attack can be extended to the latest 5G networks.</description><subject>5G mobile communication</subject><subject>Apps fingerprinting</subject><subject>cellular network</subject><subject>Cellular networks</subject><subject>Downlink</subject><subject>Encryption</subject><subject>Fingerprint recognition</subject><subject>Metadata</subject><subject>Privacy</subject><subject>privacy attack</subject><subject>traffic identification</subject><issn>2642-7389</issn><isbn>9781665427449</isbn><isbn>1665427442</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2021</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNotkMtKw0AYhUdBsNY-gSDzAolzv7gr0Wqh6KKV4qpMJv-0ozEJkxTp2xuwqwMHzsfHQeiekpxSYh-W66KQnBCaM8JobhWngsoLNLPaUKWkYFoIe4kmTAmWaW7sNbrp-y9CiJFMT9B2WUEzxHDC24Mb8Gd7xC4Bfmpjs3_E6x-Xhu7QNoDnXdfjxdhC6lIcJ80etw0uoK6PtUv4DYbfNn3jTXIhRH-LroKre5idc4o-Fs-b4jVbvb8si_kqi4zwIfNBeVZKVUkiZamM1FQwWgnONATLiQShrHbgBfU-GPCl464ixnitS8Isn6K7f24EgN1oNhqfducf-B_RRFKQ</recordid><startdate>20210905</startdate><enddate>20210905</enddate><creator>Zhai, Liuqun</creator><creator>Qiao, Zhuang</creator><creator>Wang, Zhongfang</creator><creator>Wei, Dong</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>20210905</creationdate><title>Identify What You are Doing: Smartphone Apps Fingerprinting on Cellular Network Traffic</title><author>Zhai, Liuqun ; Qiao, Zhuang ; Wang, Zhongfang ; Wei, Dong</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i203t-cf6c2b56d5055b68571421d4327ef9305e4697aec41ccf8ecba3ad088c77b0293</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2021</creationdate><topic>5G mobile communication</topic><topic>Apps fingerprinting</topic><topic>cellular network</topic><topic>Cellular networks</topic><topic>Downlink</topic><topic>Encryption</topic><topic>Fingerprint recognition</topic><topic>Metadata</topic><topic>Privacy</topic><topic>privacy attack</topic><topic>traffic identification</topic><toplevel>online_resources</toplevel><creatorcontrib>Zhai, Liuqun</creatorcontrib><creatorcontrib>Qiao, Zhuang</creatorcontrib><creatorcontrib>Wang, Zhongfang</creatorcontrib><creatorcontrib>Wei, Dong</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE/IET Electronic Library</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Zhai, Liuqun</au><au>Qiao, Zhuang</au><au>Wang, Zhongfang</au><au>Wei, Dong</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Identify What You are Doing: Smartphone Apps Fingerprinting on Cellular Network Traffic</atitle><btitle>2021 IEEE Symposium on Computers and Communications (ISCC)</btitle><stitle>ISCC</stitle><date>2021-09-05</date><risdate>2021</risdate><spage>1</spage><epage>7</epage><pages>1-7</pages><eissn>2642-7389</eissn><eisbn>9781665427449</eisbn><eisbn>1665427442</eisbn><abstract>Apps installed on smartphones may reveal users' privacy, which is often under malicious attacks. Most privacy attacks are based on network layer traffic. However, the encryption used in the cellular network makes it difficult for a passive adversary to obtain the traffic. In this paper, we leverage the data link layer metadata, such as PDCP packet size, distribution, and interarrival time, to create Apps fingerprints and then conduct a non-intrusive smartphone Apps privacy attack. We test three different smartphones on a 4G LTE laboratory network. On twenty popular Apps selected from the AppStore and Huawei AppGallary, we achieve an Fl-score ranging from 91.32% to 99.49%. Also, we investigate the effect of classification algorithms, time windows, monitoring duration and smartphone brands on Apps fingerprinting attack. Furthermore, we evaluate the performance of the attack using only downlink traffic, which is consistent with the actual attack scenario. Because the data link layer specifications of 4G LTE and 5G are similar, the method of Apps fingerprinting attack can be extended to the latest 5G networks.</abstract><pub>IEEE</pub><doi>10.1109/ISCC53001.2021.9631415</doi><tpages>7</tpages></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | EISSN: 2642-7389 |
| ispartof | 2021 IEEE Symposium on Computers and Communications (ISCC), 2021, p.1-7 |
| issn | 2642-7389 |
| language | eng |
| recordid | cdi_ieee_primary_9631415 |
| source | IEEE Xplore All Conference Series |
| subjects | 5G mobile communication Apps fingerprinting cellular network Cellular networks Downlink Encryption Fingerprint recognition Metadata Privacy privacy attack traffic identification |
| title | Identify What You are Doing: Smartphone Apps Fingerprinting on Cellular Network Traffic |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-29T05%3A54%3A35IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_CHZPO&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Identify%20What%20You%20are%20Doing:%20Smartphone%20Apps%20Fingerprinting%20on%20Cellular%20Network%20Traffic&rft.btitle=2021%20IEEE%20Symposium%20on%20Computers%20and%20Communications%20(ISCC)&rft.au=Zhai,%20Liuqun&rft.date=2021-09-05&rft.spage=1&rft.epage=7&rft.pages=1-7&rft.eissn=2642-7389&rft_id=info:doi/10.1109/ISCC53001.2021.9631415&rft.eisbn=9781665427449&rft.eisbn_list=1665427442&rft_dat=%3Cieee_CHZPO%3E9631415%3C/ieee_CHZPO%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-i203t-cf6c2b56d5055b68571421d4327ef9305e4697aec41ccf8ecba3ad088c77b0293%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=9631415&rfr_iscdi=true |