移动设备网络流量分析技术综述

doi:10.11959/j.issn.1000-0801.2018151

Abstract

Abstract:

Mobile devices are now ubiquitous in people’s life,thus analyzing network traffic generated by these devices can provide valuable information for network management and privacy preservation.In order to review the works that contribute to the state of the art of network analysis targeting mobile devices,the framework of network analysis,traffic collection approaches were introduced and a classification of the works according to the goal of the analysis was presented.Finally,the future research of network analysis targeting mobile devices was proposed based on the current problems in this literature.

Key words: mobile device, network management, privacy preservation, network traffic analysis

CLC Number:

TP393

Ming XU,Xue YANG,Jianwu ZHANG. A review of network traffic analysis targeting mobile devices[J]. Telecommunications Science, 2018, 34(4): 98-108.

Figures/Tables 3

References 53

[1]	STATIST A . Number of smartphone user worldwide from 2014 to 2020 (in billions)[EB]. 2016.
[2]	MOORE A , PAPAGIANNAKI K . Toward the accurate identification of network applications[C]// International Conference on passive and active network measurement,March 31-April 1,2005,Boston,MA,USA. Heidelberg:Springer-Verlag, 2005: 41-54.
[3]	KARAGIANNIS T , PAPAGIANNAKI K , FALOUTSOS M . BLINC:multilevel traffic classification in the dark[C]// ACM Special Interest Group on Data Communication,August 22-26,2005,Philadelphia,PA,USA. New York:ACM Press, 2005: 229-240.
[4]	FERREIRA D , VAZQUEZ F , VORMAYR G . A meta-analysis approach for feature selection in network traffic research[C]// The Reproducibility Workshop,August 21-25,2017, ,Los Angeles,NV,USA.[S.l.:s.n] 2017.
[5]	LINDORFER M , NEUGSCHWANDTNER M , WEICHSELBAUM L ,et al. ANDRUBIS - 1,000,000 apps later:a view on current Android malware behaviors[C]// The 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security,September 11,2014,Wroclaw,Poland. Washington:IEEE Computer Society, 2014: 3-17.
[6]	SHEPARD C , RAHMATI A , TOSSELL C ,et al. LiveLab:Measuring wireless networks and smartphone users in the field[J]. ACM SIGMETRICS Performance Evaluation Review, 2010,38(3): 15-20.
[7]	STEVENS R , GIBLER C , CRUSSELL J ,et al. Investigating user privacy in Android Ad libraries[C]// The 2012 Workshop on Mobile Security Technologies,May 24,2012, San Francisco,CA,USA.[S.l.:s.n], 2012.
[8]	CHEN X , JIN R , SUH K ,et al. Network performance of smart mobile handhelds in a university campus WI-FI network[C]// The 2012 ACM SIGCOMM Internet Measurement Conference,August 13-16,2012,Helsinki,Finland. New York:ACM Press, 2012: 315-328.
[9]	CHEN Z , HAN H , YAN Q ,et al. A first look at Android malware traffic in first few minutes[C]// 2015 IEEE Trustcom/BigDataSE/ISPA,August 20-22,2015,Helsinki,Finland. New York:IEEE Computer Society, 2015: 206-213.
[10]	NAYAM W , LAOLEE A , CHAROENWATANA L ,et al. An analysis of mobile application network behavior[C]// The 12th Asian Internet Engineering Conference,November 30-December 2,2016,Bangkok,Thailand. New York:ACM Press, 2016: 9-16.
[11]	GEMBER A , ANAND A , AKELLA A . A comparative study of handheld and non-handheld traffic in campus Wi-Fi networks[C]// The 12th International Conference on Passive and Active Measurement,March 20-22,2011,Atlanta. Heidelberg:Springer-Verlag, 2011: 173-183.
[12]	WEI X , VALLER N , MADHYASTHA H ,et al. Characterizing the behavior of handheld devices and its implications[J]. Computer Networks, 2017(114): 1-12.
[13]	FALAKI H , LYMBEROPOULOS D , MAHAJAN R ,et al. A first look at traffic on smartphones[C]// The 2010 ACM SIGCOMM Internet Measurement Conference,November 1-3,2010,Melbourne,Australia. New York:ACM Press, 2010: 281-287.
[14]	AFANASYEV M , CHEN T , VOELKER G ,et al. Usage patterns in an urban Wi-Fi network[J]. IEEE/ACM Transactions on Networking, 2010,18(5): 1359-1372.
[15]	ESPADA A , GALLARDO M , SALMERON A ,et al. Performance analysis of Spotifyc for Android with model-based testing[J]. Mobile Information Systems, 2017.
[16]	COULL S , DYER K . Traffic analysis of encrypted messaging services:Apple iMessage and beyond[J]. ACM SIGCOMM Computer Communication Review, 2014,44(5): 5-11.
[17]	RUFFING N , ZHU Y , LIBERTINI R ,et al. Smartphone reconnaissance:Operating system identification[C]// 13th IEEE Annual Consumer Communications and Networking Conference,January 9-12,2016,Las Vegas,NV,USA. New York:IEEE Communications Society, 2016: 1086-1091.
[18]	MALIK N , CHANDRAMOULI J , SURESH P ,et al. Using network traffic to verify mobile device forensic artifacts[C]// The 14th IEEE Annual Consumer Communications and Networking Conference,January 8-11,2017,Las Vegas,NV,USA. Piscataway:IEEE Press, 2017: 114-119.
[19]	VANRYKEL E , ACAR G , HERRMANN M ,et al. Leaky birds:exploiting mobile application traffic for surveillance[C]// the 20th International Conference on Financial Cryptography and Data Security,February 22-26,2016,Barbados. Heidelberg:Springer-Verlag, 2017: 367-384.
[20]	VERDE N , ATENIESE G , GABRIELLI E ,et al. No NAT’d user left behind:fingerprinting users behind NAT from NetFlow records alone[C]// The 34th IEEE International Conference on Distributed Computing Systems,June 30-July 3,2014,Madrid,Spain. Washington:IEEE Computer Society, 2014: 218-227.
[21]	PARK K , KIM H . Encryption is not enough:inferring user activities on KakaoTalk with traffic analysis[C]// The 16th International Workshop on Information Security Applications,August 20-22,2015,Jeju Island,Korea. Heidelberg:SpringerVerlag, 2015: 254-265.
[22]	SHAFIQ M , YU X Z , LOGHARI A ,et al. WeChat text and picture messages service flow traffic classification using machine learning technique[C]// The 14th International Conference on Smart City,December 12-14,2016, Sydney,Australia.[S.l.:s.n], 2016.
[23]	CONTI M , MANCINI L , SPOLAOR R ,et al. Analyzing Android encrypted network traffic to identify user actions[J]. IEEE Transactions on Information Forensics and Security, 2016,11(1): 114-25.
[24]	FU Y J , XIONG H , LU X J ,et al. Service usage classification with encrypted Internet traffic in mobile messaging apps[J]. IEEE Transactions on Mobile Computing, 2016,15(11): 2851-2864.
[25]	WANG Q L , YAHYAVI A , KEMME B ,et al. I know what you did on your smartphone:inferring app usage over encrypted data traffic[C]// The 2015 IEEE Conference on Communications and Network Security,September 28-30,2015,Florence,Italy. New York:IEEE Communications Society, 2015: 433-441.
[26]	H.KUZUNO AND S. Tonami , . Signature generation for sensitive information leakage in Android applications[C]// The 29th IEEE International Conference on Data Engineering,April 8-12,2013,Brisbane,Australia. Washington:IEEE Computer Society, 2013: 112-119.
[27]	REN J , RAO A , LINDORFER M ,et al. ReCon:revealing and controlling PII leaks in mobile network traffic[C]// The 14th Annual International Conference on Mobile Systems,Applications,and Services,June 26-30,2016,Singapore. New York:ACM Press, 2016: 361-374.
[28]	RAO A , MOLAVI KAKHKI A , RAZAGHPANAHS A ,et al. Using the middle to meddle with mobile[R]. 2012.
[29]	LE A , VARMARKEN J , LANGHOFF S ,et al. AntMonitor:a system for monitoring from mobile devices[C]// 2015 ACM SIGCOMM Workshop on Crowdsourcing and Crowdsharing of Big (Internet) Data,August 17-21,2015,London,UK. New York:ACM Press, 2015: 15-20.
[30]	SONG Y , HENGARTNER U . PrivacyGuard:a VPN-based platform to detect information leakage on Android devices[C]// The 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices,October 12,2015,Denver,USA. New York:ACM Press, 2015: 15-26.
[31]	ENCK W , GILBERT P , CHUN B G ,et al. TaintDroid:an information-flow tracking system for realtime privacy monitoring on smartphones[C]// The 9th USENIX Symposium on Operating Systems Design and Implementation,October 4-6,2010,Vancouver,Canada. Berkeley:USENIX Association, 2010: 393-407.
[32]	CONTINELLA A , FRATANTONIO Y , LINDORFER M ,et al. Obfuscation-resilient privacy leak detection for mobile apps through differential analysis[C]// The 2017 Network and Distributed System Security Symposium,February 26-March 1,2017,San Diego,USA. Reston:Internet Society, 2017.
[33]	BARBERA M , EPASTO A , MEI A ,et al. Signals from the crowd:Uncovering social relationships through smartphone probes[C]// The 2013 ACM SIGCOMM Internet Measurement Conference,October 23-25,2013,Barcelona,Spain. New York:ACM Press, 2013: 265-276.
[34]	LI H , XU Z , ZHU H ,et al. Demographics Inference through WI-FI network traffic analysis[C]// The 35th IEEE International Conference on Computer Communications,April 10-15,2016,San Francisco,USA. Piscataway:IEEE Press, 2016: 1-9.
[35]	HUSTED N , MYERS S . Mobile location tracking in metro areas:Malnets and others[C]// The 17th ACM Conference on Computer and Communications Security,October 4-8,2010,Chicago,USA. New York:ACM Press, 2010: 85-96.
[36]	MUSA A , ERIKSSON J . Tracking unmodified smartphones using Wi-Fi monitors[C]// The 10th ACM Conference on Embedded Networked Sensor Systems,November 6-9,2012,Toronto,Canada. New York:ACM Press, 2012: 281-294.
[37]	LEE S , PARK J , LEE H ,et al. A study on smart-phone traffic analysis[C]// The 13th Asia-Pacific Network Operations and Management Symposium,September 21-23,2011,Taipei,China. New York:IEEE Communications Society, 2011: 177-183.
[38]	YAO H , RANJAN G , TONGAONKAR A ,et al. SAMPLES:self adaptive mining of persistent LExical Snippets for classifying mobile application traffic[C]// The 21th Annual International Conference on Mobile Computing and Networking,September 7-11,2015,Paris,France. New York:ACM Press, 2015: 439-451.
[39]	TAYOR V , SPOLAOR R , CONTI M ,et al. AppScanner:automatic fingerprinting of smartphone Apps from encrypted network traffic[C]// The 1st IEEE European Symposium on Security and Privacy,March 21-24,2016,Saarbrucken,Germany. Piscataway:IEEE Press, 2016: 439-454.
[40]	ALAN H , KAUR J . Can Android applications be identified using only TCP/IP headers of their launch time traffic[C]// The 9th ACM Conference on Security and Privacy in Wireless and Mobile Networks,July 18-20,2016,Darmstadt,Germany. New York:ACM Press, 2016: 61-66.
[41]	SU X , CHUAN M , TAN G . Smartphone dual defense protection framework:detecting malicious applications in Android markets[C]// The 8th International Conference on Mobile Ad-hoc and Sensor Networks,December 14-16,2012,Chengdu,China. Washington:IEEE Computer Society, 2012: 153-160.
[42]	WEI T E , MAO C H , JENG A B ,et al. Android malware detection via a latent network behavior analysis[C]// The 11th IEEE International Conference on Trust,Security and Privacy in Computing and Communications,June 25-27,2012,Liverpool,UK. Washington:IEEE Computer Society, 2012: 1251-1258.
[43]	ZAMAN M , SIDDIQUI T , AMIN M ,et al. Malware detection in Android by network traffic analysis[C]// The 1st International Conference on Networking Systems and Security,January 5-7,2015,Dhaka,Bangladesh. Piscataway:IEEE Press, 2015: 1-5.
[44]	NARUDIN F , FEIZOLLAH A , ANUAR N ,et al. Evaluation of machine learning classifiers for mobile malware detection[J]. Soft Computing, 2016,20(1): 1-5.
[45]	WANG S , CHEN Z , ZHANG L ,et al. TrafficAV:an effective and explainable detection of mobile malware behavior using network traffic[C]// The 24th IEEE/ACM International Symposium on Quality of Service,June 20-21,2016,Beijing,China. Piscataway:IEEE Press, 2016: 384-389.
[46]	ARORA A , PEDDOJU S . Minimizing network traffic features for Android mobile malware detection[C]// The 18th International Conference on Distributed Computing and Networking,January 4-7,2017,Hyderabad,India. New York:ACM Press, 2017:32.
[47]	SHABTAI A , KANONOV U , ELOVICI Y ,et al. “Andromaly”:a behavioral malware detection framework for Android devices[J]. Journal of Intelligent Information Systems, 2012,38(1): 161-190.
[48]	SHABTAI A , TENENBOIM-CHEKINA L , MIMRAN D ,et al. Mobile malware detection through analysis of deviations in application network behavior[J]. Computers ＆ Security, 2014,43(6): 1-18.
[49]	汪来富, 金华敏, 刘东鑫 ,等. 面向网络大数据的安全分析技术应用[J]. 电信科学, 2017,33(3): 112-118.
	WANG L F , JIN H M , LIU D X ,et al. Application of security analysis technology for network big data[J]. Telecommunications Science, 2017,33(3): 112-118.
[50]	姜红红, 张涛, 赵新建 ,等. 基于大数据的电力信息网络流量异常检测机制[J]. 电信科学, 2017,33(3): 134-141.
	JIANG H H , ZHANG T , ZHAO X J ,et al. A big data based flow anomaly detection mechanism of electric power information network[J]. Telecommunications Science, 2017,33(3): 134-141.
[51]	王帅, 汪来富, 金华敏 ,等. 网络安全分析中的大数据技术应用[J]. 电信科学, 2015,31(7): 145-150.
	WANG S , WANG L F , JIN H M , SHEN J ,et al. Big data application in network security analysis[J]. Telecommunications Science, 2015,31(7): 145-150.
[52]	曹旭, 曹瑞彤 . 基于大数据分析的网络异常检测方法[J]. 电信科学, 2014,30(6): 152-156.
	CAO X , CAO R T . Network anomaly prediction method based on big data[J]. Telecommunications Science, 2014,30(6): 152-156.
[53]	NASR M , HOUMANSADR A , MAZUMDAR A . Compressive traffic analysis:a new paradigm for scalable traffic analysis[C]// The 2017 ACM Conference on Computer and Communications Security,October 30-November 3,2017,Dallas,USA. New York:ACM Press, 2017: 2053-2069.

Metrics

Recommended 0

No Suggested Reading articles found!

A review of network traffic analysis targeting mobile devices

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 3

References 53

Related Articles 15

Metrics

Recommended 0

[1]	Qian HU, Guoyong ZHAO, Xiaoli HUO, Junjie LI, Ruiquan JING, Fei YAN, Xiaofeng WU. Application and research of SDN-based management and control technology for optical transport grey-box devices [J]. Telecommunications Science, 2021, 37(12): 93-100.
[2]	Guanchen LIN, Zhifei WANG. Research and prospect of standard for biometric multi-modal fusion used with mobile devices [J]. Telecommunications Science, 2021, 37(1): 32-38.
[3]	Haiqing YU,Wei DING,Jie XU. Accuracy analysis on access hyper-point real-time detection algorithms in high-speed network [J]. Telecommunications Science, 2020, 36(4): 74-82.
[4]	Chengyu ZHANG,Rangding WANG,Ling YAO,Songyin FU,Fuqiang ZUO. A mutual authentication security scheme for mobile NFC devices [J]. Telecommunications Science, 2017, 33(8): 163-172.
[5]	Jinming ZHAO. A network status evaluation method based on random projection [J]. Telecommunications Science, 2016, 32(8): 164-168.
[6]	Jinming ZHAO. Data processing method for telecom data based on projection pursuit [J]. Telecommunications Science, 2016, 32(12): 144-148.
[7]	Yun LIU,Guojun LIU,Jianwei REN,Jian LI. Equipment network management security of electrical power PTN [J]. Telecommunications Science, 2015, 31(Z1): 85-89.
[8]	Afang Song,Lian Lin,Faguang Wang. Research on Migration or Deployment of Telecom Network Management System on Cloud Computing Network [J]. Telecommunications Science, 2015, 31(6): 103-108.
[9]	Wei Li. Network Management System's Data Management Layer Based on Big Data Technology [J]. Telecommunications Science, 2015, 31(11): 185-188.
[10]	Zhi Chai. Network Management Method Based on Optimal Control [J]. Telecommunications Science, 2015, 31(11): 189-192.
[11]	Pingli Zhou,Yanchuan Wang,Zhiming Yang. Study of Intelligent Network Management System in Intensive Operation [J]. Telecommunications Science, 2014, 30(6): 38-42.
[12]	Xu Cao,Ruitong Cao. Network Anomaly Prediction Method Based on Big Data [J]. Telecommunications Science, 2014, 30(6): 152-156.
[13]	Dameng Wu,Jiangbo Qian,Yefang Chen,Yihong Dong. Query Processing Algorithm Based on Neighbor Information in Delay Tolerant Network [J]. Telecommunications Science, 2014, 30(4): 100-108.
[14]	Haiqiang Wang,Shujian Zhang,Bo Lei. A New Intelligent Gateway Element in Transmission Network [J]. Telecommunications Science, 2014, 30(3): 149-155.
[15]	Ruitong Cao,Xu Cao. A Scheme of QoS Evaluation Based on Support Vector Machine [J]. Telecommunications Science, 2014, 30(2): 123-126.