Leaky Birds: Exploiting Mobile Application Traffic for Surveillance

Over the last decade, mobile devices and mobile applications have become pervasive in their usage. Although many privacy risks associated with mobile applications have been investigated, prior work mainly focuses on the collection of user information by application developers and advertisers. Inspired by the Snowden revelations, we study the ways mobile applications enable mass surveillance by sending unique identifiers over unencrypted connections. Applying passive network fingerprinting, we show how a passive network adversary can improve his ability to target mobile users’ traffic.

[1]  Elie Bursztein Time has something to tell us about network address translation , 2007 .

[2]  Edward W. Felten,et al.  Cookies That Give You Away: The Surveillance Implications of Web Tracking , 2015, WWW.

[3]  Sebastian Zander,et al.  An Improved Clock-skew Measurement Technique for Revealing Hidden Services , 2008, USENIX Security Symposium.

[4]  Xuxian Jiang,et al.  Unsafe exposure analysis of mobile in-app advertisements , 2012, WISEC '12.

[5]  T. Kohno,et al.  Remote physical device fingerprinting , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[6]  Ali Saman Tosun,et al.  Approximating the Number of Active Nodes Behind a NAT Device , 2011, 2011 Proceedings of 20th International Conference on Computer Communications and Networks (ICCCN).

[7]  Seungyeop Han,et al.  These aren't the droids you're looking for: retrofitting android to protect data from imperious applications , 2011, CCS '11.

[8]  Arvind Narayanan,et al.  The Web Never Forgets: Persistent Tracking Mechanisms in the Wild , 2014, CCS.

[9]  Dawn Xiaodong Song,et al.  NetworkProfiler: Towards automatic fingerprinting of Android apps , 2013, 2013 Proceedings IEEE INFOCOM.

[10]  Steven M. Bellovin,et al.  A technique for counting natted hosts , 2002, IMW '02.

[11]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[12]  Steven J. Murdoch,et al.  Hot or not: revealing hidden services by their clock skew , 2006, CCS '06.

[13]  Eline Vanrykel,et al.  Exploiting Unencrypted Mobile Application Traffic for Surveillance Technical Report , 2017 .

[14]  Steve Hanna,et al.  Android permissions demystified , 2011, CCS '11.

[15]  Mauro Conti,et al.  Detecting Targeted Smartphone Malware with Behavior-Triggering Stochastic Models , 2014, ESORICS.

[16]  Hao Chen,et al.  Investigating User Privacy in Android Ad Libraries , 2012 .

[17]  Dawn Xiaodong Song,et al.  Understanding Mobile App Usage Patterns Using In-App Advertisements , 2013, PAM.

[18]  Mahesh Balakrishnan,et al.  Where's that phone?: geolocating IP addresses on 3G networks , 2009, IMC '09.

[19]  Aleksandar Kuzmanovic,et al.  Mosaic: quantifying privacy leakage in mobile networks , 2013, SIGCOMM.

[20]  Ulrike Meyer,et al.  IP agnostic real-time traffic filtering and host identification using TCP timestamps , 2013, 38th Annual IEEE Conference on Local Computer Networks.