Abstract
Smartphone apps have changed the way we interact with online services, but highly specialized apps come at a cost to privacy. In this paper we will demonstrate that a passive eavesdropper is capable of identifying fine-grained user activities within the wireless network traffic generated by apps. Despite the widespread use of fully encrypted communication, our technique, called NetScope, is based on the intuition that the highly specific implementation of each app leaves a fingerprint on its traffic behavior (e.g., transfer rates, packet exchanges, and data movement). By learning the subtle traffic behavioral differences between activities (e.g., “browsing” versus “chatting” in a dating app), NetScope is able to perform robust inference of users’ activities, for both Android and iOS devices, based solely on inspecting IP headers. Our evaluation with 35 widely popular app activities (ranging from social networking and dating to personal health and presidential campaigns) shows that NetScope yields high detection accuracy (78.04% precision and 76.04% recall on average).
| Original language | English |
|---|---|
| State | Published - 2016 |
| Event | 10th USENIX Workshop on Offensive Technologies, WOOT 2016 - Austin, United States Duration: 8 Aug 2016 → 9 Aug 2016 |
Conference
| Conference | 10th USENIX Workshop on Offensive Technologies, WOOT 2016 |
|---|---|
| Country/Territory | United States |
| City | Austin |
| Period | 8/08/16 → 9/08/16 |
Bibliographical note
Publisher Copyright:© 2016 USENIX Association. All rights reserved.