ReCon: Revealing and Controlling PII Leaks in Mobile Network Traffic

It is well known that apps running on mobile devices extensively track and leak users' personally identifiable information (PII); however, these users have little visibility into PII leaked through the network traffic generated by their devices, and have poor control over how, when and where that traffic is sent and handled by third parties. In this paper, we present the design, implementation, and evaluation of ReCon: a cross-platform system that reveals PII leaks and gives users control over them without requiring any special privileges or custom OSes. ReCon leverages machine learning to reveal potential PII leaks by inspecting network traffic, and provides a visualization tool to empower users with the ability to control these leaks via blocking or substitution of PII. We evaluate ReCon's effectiveness with measurements from controlled experiments using leaks from the 100 most popular iOS, Android, and Windows Phone apps, and via an IRB-approved user study with 92 participants. We show that ReCon is accurate, efficient, and identifies a wider range of PII than previous approaches.

[1]  Seungyeop Han,et al.  Privacy Revelations for Web and Mobile Apps , 2011, HotOS.

[2]  Minas Gjoka,et al.  AntMonitor: A System for Monitoring from Mobile Devices , 2015, C2BD@SIGCOMM.

[3]  Cecilia Mascolo,et al.  Don't kill my ads!: balancing privacy in an ad-supported mobile application market , 2012, HotMobile '12.

[4]  Mayur Naik,et al.  Dynodroid: an input generation system for Android apps , 2013, ESEC/FSE 2013.

[5]  Xin Chen,et al.  DroidJust: automated functionality-aware privacy leakage analysis for Android applications , 2015, WISEC.

[6]  Xue Liu,et al.  Effective Real-Time Android Application Auditing , 2015, 2015 IEEE Symposium on Security and Privacy.

[7]  Malcolm Hall,et al.  ProtectMyPrivacy: detecting and mitigating privacy leaks on iOS devices using crowdsourcing , 2013, MobiSys '13.

[8]  Zellig S. Harris,et al.  Distributional Structure , 1954 .

[9]  Yanick Fratantonio,et al.  ANDRUBIS -- 1,000,000 Apps Later: A View on Current Android Malware Behaviors , 2014, 2014 Third International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS).

[10]  Balachander Krishnamurthy,et al.  Best paper -- Follow the money: understanding economics of online aggregation and advertising , 2013, Internet Measurement Conference.

[11]  Scott Shenker,et al.  Internet indirection infrastructure , 2004, TNET.

[12]  K. Yi,et al.  Static Analyzer for Detecting Privacy Leaks in Android Applications , 2012 .

[13]  Sylvia Ratnasamy,et al.  BlindBox: Deep Packet Inspection over Encrypted Traffic , 2015, SIGCOMM.

[14]  Lakshminarayanan Subramanian,et al.  Reputation-based Worker Filtering in Crowdsourcing , 2014, NIPS.

[15]  Mario Baldi,et al.  Identifying Personal Information in Internet Traffic , 2015, COSN.

[16]  Christopher Krügel,et al.  EdgeMiner: Automatically Detecting Implicit Control Flow Transitions through the Android Framework , 2015, NDSS.

[17]  Yuan Zhang,et al.  AppIntent: analyzing sensitive data transmission in android for privacy leakage detection , 2013, CCS.

[18]  Jacques Klein,et al.  FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps , 2014, PLDI.

[19]  Narseo Vallina-Rodriguez,et al.  Haystack: In Situ Mobile Traffic Analysis in User Space , 2015, ArXiv.

[20]  Sunny Consolvo,et al.  The Wi-Fi privacy ticker: improving awareness & control of personal information exposure on Wi-Fi , 2010, UbiComp.

[21]  Ian H. Witten,et al.  The WEKA data mining software: an update , 2009, SKDD.

[22]  Suman Nath,et al.  PUMA: programmable UI-automation for large-scale dynamic analysis of mobile apps , 2014, MobiSys.

[23]  Dan S. Wallach,et al.  A case of collusion: a study of the interface between ad libraries and their apps , 2013, SPSM '13.

[24]  Yan Chen,et al.  Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android , 2015, SecureComm.

[25]  Hao Chen,et al.  AndroidLeaks: Automatically Detecting Potential Privacy Leaks in Android Applications on a Large Scale , 2012, TRUST.

[26]  Heng Yin,et al.  DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis , 2012, USENIX Security Symposium.

[27]  Arnaud Legout,et al.  Demo: ReCon: Revealing and Controlling PII Leaks in Mobile Network Traffic , 2016, MobiSys.

[28]  Balachander Krishnamurthy,et al.  WWW 2009 MADRID! Track: Security and Privacy / Session: Web Privacy Privacy Diffusion on the Web: A Longitudinal Perspective , 2022 .

[29]  Vern Paxson,et al.  Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[30]  Aleksandar Kuzmanovic,et al.  Mosaic: quantifying privacy leakage in mobile networks , 2013, SIGCOMM.

[31]  Edgar R. Weippl,et al.  Appinspect: large-scale evaluation of social networking apps , 2013, COSN '13.

[32]  David Wetherall,et al.  Detecting and Defending Against Third-Party Tracking on the Web , 2012, NSDI.

[33]  Bobby Bhattacharjee,et al.  Privacy Capsules: Preventing Information Leaks by Mobile Apps , 2016, MobiSys.

[34]  Ryan Stevens,et al.  MAdFraud: investigating ad fraud in android applications , 2014, MobiSys.

[35]  Iulian Neamtiu,et al.  Targeted and depth-first exploration for systematic testing of android apps , 2013, OOPSLA.

[36]  Wenke Lee,et al.  CHEX: statically vetting Android apps for component hijacking vulnerabilities , 2012, CCS.

[37]  Christopher Krügel,et al.  PiOS: Detecting Privacy Leaks in iOS Applications , 2011, NDSS.

[38]  Arnaud Legout,et al.  Using the Middle to Meddle with Mobile , 2013 .

[39]  D. Wetherall,et al.  A Study of Third-Party Tracking by Mobile Apps in the Wild , 2012 .

[40]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[41]  Walid Dabbous,et al.  Meddle: middleboxes for increased transparency and control of mobile traffic , 2012, CoNEXT Student '12.

[42]  References , 1971 .

[43]  Xuxian Jiang,et al.  Unsafe exposure analysis of mobile in-app advertisements , 2012, WISEC '12.

[44]  Fabio Massacci,et al.  StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications , 2015, CODASPY.

[45]  Arnaud Legout,et al.  ReCon: Revealing and Controlling Privacy Leaks in Mobile Network Traffic , 2015, ArXiv.

[46]  Yuan Zhang,et al.  Vetting undesirable behaviors in android apps with permission use analysis , 2013, CCS.

[47]  Jeffrey S. Foster,et al.  SymDroid: Symbolic Execution for Dalvik Bytecode , 2012 .

[48]  Seungyeop Han,et al.  These aren't the droids you're looking for: retrofitting android to protect data from imperious applications , 2011, CCS '11.

[49]  Urs Hengartner,et al.  PrivacyGuard: A VPN-based Platform to Detect Information Leakage on Android Devices , 2015, SPSM@CCS.

[50]  Narseo Vallina-Rodriguez,et al.  Breaking for commercials: characterizing mobile advertising , 2012, Internet Measurement Conference.

[51]  Alessandra Gorla,et al.  Automated Test Input Generation for Android: Are We There Yet? (E) , 2015, 2015 30th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[52]  Pablo Rodriguez,et al.  Multi-Context TLS (mcTLS): Enabling Secure In-Network Functionality in TLS , 2015, Comput. Commun. Rev..

[53]  Lorrie Faith Cranor,et al.  "Little brothers watching you": raising awareness of data leaks on smartphones , 2013, SOUPS.

[54]  Gail E. Kaiser,et al.  Phosphor: illuminating dynamic data flow in commodity jvms , 2014, OOPSLA.