Loading…
Automated Privacy Network Traffic Detection via Self-labeling and Learning
With the increasing popularity of mobile devices, privacy leakage has become more and more serious. The inappropriate behaviors of mobile APPs have brought substantial security risks to the public (e.g., location leakage). Existing solutions detect privacy leakage based on network traffic analysis....
Saved in:
| Main Authors: | , , , , , , |
|---|---|
| Format: | Conference Proceeding |
| Language: | English |
| Subjects: | |
| Online Access: | Request full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | With the increasing popularity of mobile devices, privacy leakage has become more and more serious. The inappropriate behaviors of mobile APPs have brought substantial security risks to the public (e.g., location leakage). Existing solutions detect privacy leakage based on network traffic analysis. However, they can only detect unencrypted traffic, which leads to failures in the face of encrypted traffic. To solve this challenge, we designed an Automated Privacy Traffic Detection system (APTD). APTD can automatically generate self-labeling privacy traffic datasets, learn to identify the encrypted privacy traffic, and accurately assess the risk of privacy leakage. Due to its automation capability, APTD can directly support privacy leakage detection for newly-emerged applications without any system changes. To comprehensively evaluate APTD, we conducted an experiment on 2327 real-world mobile APPs. APTD automatically generated a labeled dataset containing 27343 real-world encrypted traffic traces. Based on the dataset, APTD identifies privacy traffic, and performs a privacy leakage risk assessment of APPs. The results show that APTD achieves 97% accuracy and 99% recall on our dataset and identifies 12 APPs that transmit high-risk privacy data. |
|---|---|
| ISSN: | 2642-7389 |
| DOI: | 10.1109/ISCC55528.2022.9912471 |