移动设备加密流量的用户信息探测研究展望

doi:10.11959/j.issn.1000-436x.2021040

Abstract

Abstract:

Encrypted traffic analysis of mobile devices can obtain multiple types of user information in an active or passive way, which provides protection for network security management and user privacy protection.The basic principles and key methods of data collection, feature selection, models and methods, and evaluation systems involved in these user information detection were analyzed and summarized.The problems in the existing projects were summarized, as well as the future research directions and challenges.

Key words: mobile device, encrypted traffic analysis, network security, privacy protection, information detection

CLC Number:

TN92

Tengfei ZHANG, Shunzheng YU. Research prospects of user information detection from encrypted traffic of mobile devices[J]. Journal on Communications, 2021, 42(2): 154-167.

Figures/Tables 9

References 65

[1]	中国互联网络信息中心. 第45次《中国互联网络发展状况统计报告》.(2020-04-28)[2020-07-14].
	China Internet Network Information Center. The 45th "Statistical Re-port on Internet Development in China"[R].(2020-04-28)[2020-07-14].
[2]	ENCK W , GILBERT P , HAN S ,et al. TaintDroid:an information-flow tracking system for realtime privacy monitoring on smartphones[J]. ACM Transactions on Computer Systems, 2014,32(2): 1-29.
[3]	ARDAGNA C A , CONTI M , LEONE M ,et al. An anonymous end-to-end communication protocol for mobile cloud environments[J]. IEEE Transactions on Services Computing, 2014,7(3): 373-386.
[4]	CONTI M , DRAGONI N , GOTTARDO S . MITHYS:mind the hand you shake-protecting mobile devices from SSL usage vulnerabilities[C]// International Workshop on Security and Trust Management. Berlin:Springer, 2013: 65-81.
[5]	BERTHOLD O , FEDERRATH H , KOHNTOPP M . Project“anonymity and unobservability in the Internet”[C]// Proceedings of the Tenth Conference on Computers,Freedom and Privacy:Challenging the Assumptions. New York:ACM Press, 2000: 57-65.
[6]	BUJLOW T , CARELA-ESPANOL V , BARLET-ROS P . Independent comparison of popular DPI tools for traffic classification[J]. Computer Networks, 2015,76: 75-89.
[7]	WRIGHT C V , COULL S E , MONROSE F . Traffic morphing:an efficient defense against statistical traffic analysis[C]// Proceedings of the 16th Network and Distributed Security Symposium. Piscataway:IEEE Press, 2009: 237-250.
[8]	FAHL S , HARBACH M , MUDERS T ,et al. Why eve and mallory love android:an analysis of android SSL (in)security categories and subject descriptors[C]// ACM Conference on Computer ＆Communications Security. New York:ACM Press, 2012: 50-61.
[9]	GEORGIEV M , IYENGAR S , JANA S ,et al. The most dangerous code in the world:validating SSL certificates in non-browser software[C]// ACM Conference on Computer ＆ Communications Security. New York:ACM Press, 2012: 38-49.
[10]	STOBER T , FRANK M , SCHMITT J B ,et al. Who do you sync you are? Smartphone fingerprinting via application behaviour[C]// Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks. New York:ACM Press, 2013: 7-12.
[11]	RAYMOND J , . Traffic analysis:protocols,attacks,design issues,and open problems[C]// Designing Privacy Enhancing Technologies. Berlin:Springer, 2001: 10-29.
[12]	CONTI M , MANCINI L V , SPOLAOR R ,et al. Can’t you hear me knocking:identification of user actions on android Apps via traffic analysis[C]// Proceedings of the 5th ACM Conference on Data and Application Security and Privacy. New York:ACM Press, 2015: 297-304.
[13]	COULL S E , DYER K P . Traffic analysis of encrypted messaging services:Apple iMessage and beyond[J]. ACM Sigcomm Computer Communication Review, 2014,44(5): 6-11.
[14]	LI H X , ZHU H J , MA D . Demographic information inference through meta-data analysis of Wi-Fi traffic[J]. IEEE Transactions on Mobile Computing, 2018,17(5): 1033-1047.
[15]	WANG P , CHEN X , YE F ,et al. A survey of techniques for mobile service encrypted traffic classification using deep learning[J]. IEEE Access, 2019,7: 54024-54033.
[16]	WANG X , QIN X , HOSSEINI M B ,et al. GUILeak:tracing privacy policy claims on user input data for Android applications[C]// International Conference on Software Engineering. Piscataway:IEEE Press, 2018: 37-47.
[17]	CONTI M , LI Q Q , MARAGNO A ,et al. The dark side(-channel) of mobile devices:a survey on network traffic analysis[J]. IEEE Communications Surveys and Tutorials, 2018,20(4): 2658-2713.
[18]	NABOULSI D , FIORE M , RIBOT S ,et al. Large-scale mobile traffic analysis:a survey[J]. IEEE Communications Surveys and Tutorials, 2016,18(1): 124-161.
[19]	WANG Q , YAHYAVI A , KEMME B ,et al. I know what you did on your smartphone:inferring App usage over encrypted data traffic[C]// 2015 IEEE Conference on Communications and Network Security. Piscataway:IEEE Press, 2015: 433-441.
[20]	JIA Q , ZHOU L , LI H ,et al. Who leaks my privacy:towards automatic and association detection with GDPR compliance[C]// International Conference on Wireless Algorithms,Systems,and Applications. Berlin:Springer, 2019: 137-148.
[21]	LE A , VARMARKEN J , LANGHOFF S ,et al. AntMonitor:a system for monitoring from mobile devices[C]// Proceedings of the 2015 ACM SIGCOMM Workshop on Crowdsourcing and Crowdsharing of Big (Internet) Data. New York:ACM Press, 2015: 15-20.
[22]	RAZAGHPANAH A , VALLINA-RODRIGUEZ N , SUNDARESAN S ,et al. Haystack:in situ mobile traffic analysis in user space[J]. arXiv Preprint,arXiv:1510.01419， 2015.
[23]	NOVAK E , AUNG P T , DO T . VPN+ towards detection and remediation of information leakage on smartphones[C]// 2020 21st IEEE International Conference on Mobile Data Management. Piscataway:IEEE Press, 2020: 39-48.
[24]	SONG Y , HENGARTNER U . PrivacyGuard:a VPN-based platform to detect information leakage on android devices[C]// Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices. New York:ACM Press, 2015: 15-26.
[25]	SHUBA A , LE A , ALIMPERTIS E ,et al. AntMonitor:a system for on-device mobile network monitoring and its applications[J]. arXiv Preprint,arXiv:1611.04268， 2016.
[26]	BAKOPOULOU E , SHUBA A , MARKOPOULOU A J A P A . Exposures exposed:a measurement and user study to assess mobile data privacy in context[J]. arXiv Preprint,arXiv:2008.08973， 2020.
[27]	SRIVASTAVA G , BHUWALKA K , SAHOO S K ,et al. Privacyproxy:leveraging crowdsourcing and in situ traffic analysis to detect and mitigate information leakage[J]. arXiv Preprint,arXiv:1708.06384， 2017.
[28]	REN J , RAO A , LINDORFER M ,et al. ReCon:revealing and controlling PII leaks in mobile network traffic[C]// Proceedings of the 14th Annual International Conference on Mobile Systems,Applications,and Services. New York:ACM Press, 2016: 361-374.
[29]	RAO A , KAKHKI A M , RAZAGHPANAH A ,et al. Using the middle to meddle with mobile[R].(2013-12-10)[2020-07-14].
[30]	SHUBA A , BAKOPOULOU E , MEHRABADI M A ,et al. Antshield:on-device detection of personal information exposure[J]. arXiv Preprint,arXiv:1803.01261， 2018.
[31]	SHUBA A , BAKOPOULOU E , MARKOPOULOU A . Privacy leak classification on mobile devices[C]// 2018 IEEE 19th International Workshop on Signal Processing Advances in Wireless Communications. Piscataway:IEEE Press, 2018: 1-5.
[32]	JIN H , LIU M , DODHIA K ,et al. Why are they collecting my data? Inferring the purposes of network traffic in mobile Apps[J]. Proceedings of the ACM on Interactive,Mobile,Wearable and Ubiquitous Technologies, 2018,2(4): 1-27.
[33]	TAN H Z , ZHAO W , SHEN H H . A context-perceptual privacy protection approach on Android devices[C]// 2018 IEEE International Conference on Communications. Piscataway:IEEE Press, 2018: 1-7.
[34]	JUNG J , SHETH A , GREENSTEIN B ,et al. Privacy oracle:a system for finding application leaks with black box differential testing[C]// Proceedings of the 15th ACM Conference on Computer and Communications Security. New York:ACM Press, 2008: 279-288.
[35]	CONTINELLA A , FRATANTONIO Y , LINDORFER M ,et al. Obfuscation-resilient privacy leak detection for mobile Apps through differential analysis[C]// Network and Distributed System Security Symposium. Virginia:the Internet Society, 2017: 1-15.
[36]	LIU Y , LIAO L , SONG T J S C I S . Static tainting extraction approach based on information flow graph for personally identifiable information[J]. Science China Information Sciences, 2020,63(3): 1-17.
[37]	ZHANG F , HE W , CHEN Y ,et al. Thwarting Wi-Fi side-channel analysis through traffic demultiplexing[J]. IEEE Transactions on Wireless Communications, 2014,13(1): 86-98.
[38]	ATKINSON J S , MITCHELL J E , RIO M ,et al. Your Wi-Fi is leaking:what do your mobile Apps gossip about you?[J]. Future Generation Computer Systems-the International Journal of Escience, 2018,80: 546-557.
[39]	CHENG Z , CHEN X , ZHANG Y ,et al. Detecting information theft based on mobile network flows for android users[C]// 2017 International Conference on Networking,Architecture,and Storage (NAS). Piscataway:IEEE Press, 2017: 1-10.
[40]	ACETO G , CIUONZO D , MONTIERI A ,et al. Mobile encrypted traffic classification using deep learning:experimental evaluation,lessons learned,and challenges[J]. IEEE Transactions on Network and Service Management, 2019,16(2): 445-458.
[41]	LIU J , FU Y , MING J ,et al. Effective and real-time in-App activity analysis in encrypted internet traffic streams[C]// Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. New York:ACM Press, 2017: 335-344.
[42]	FU Y , XIONG H , LU X ,et al. Service usage classification with encrypted internet traffic in mobile messaging Apps[J]. IEEE Transactions on Mobile Computing, 2016,15(11): 2851-2864.
[43]	ZHANG Q , XU M , ZHENG N ,et al. Identifying WeChat message types without using traditional traffic[J]. Information, 2020,11(1): 18.
[44]	PAPADOGIANNAKI E , HALEVIDIS C , AKRITIDIS P ,et al. OTTer:a scalable high-resolution encrypted traffic identification engine[C]// International Symposium on Research in Attacks,Intrusions,and Defenses. Berlin:Springer, 2018: 315-334.
[45]	FU Y , LIU J , LI X ,et al. Service usage analysis in mobile messaging apps:a multi-label multi-view perspective[C]// 2016 IEEE 16th International Conference on Data Mining. Piscataway:IEEE Press, 2016: 877-882.
[46]	FU Y J , LIU J M , LI X L ,et al. A multi-label multi-view learning framework for in-App service usage analysis[J]. ACM Transactions on Intelligent Systems and Technology, 2018,9(4): 40.
[47]	PARK K , KIM H . Encryption is not enough:inferring user activities on Kakaotalk with traffic analysis[C]// Workshop on Information Security Applications. Berlin:Springer, 2015: 254-265.
[48]	CONTI M , MANCINI L V , SPOLAOR R ,et al. Analyzing android encrypted network traffic to identify user actions[J]. IEEE Transactions on Information Forensics and Security, 2016,11(1): 114-125.
[49]	SALTAFORMAGGIO B , CHOI H , JOHNSON K ,et al. Eavesdropping on fine-grained user activities within smartphone Apps over encrypted network traffic[C]// 10th USENIX Workshop on Offensive Technologies. Berkeley:USENIX Association, 2016: 69-78.
[50]	SAPIO A , LIAO Y , BALDI M ,et al. Per-user policy enforcement on mobile Apps through network functions virtualization[C]// Proceedings of the 9th ACM workshop on Mobility in the evolving internet architecture. New York:ACM Press, 2014: 37-42.
[51]	TONGAONKAR A , DAI S , NUCCI A ,et al. Understanding mobile App usage patterns using in-App advertisements[C]// International Conference on Passive and Active Network Measurement. Berlin:Springer, 2013: 63-72.
[52]	LI K , LI H , ZHU H S ,et al. Side-channel information leakage of traffic data in instant messaging[C]// 2019 IEEE 38th International Performance Computing and Communications Conference. Piscataway:IEEE Press, 2019:doi.org/ 10.1109/ IPCCC47392.2019.8958775.
[53]	DYER K P , COULL S E , RISTENPART T ,et al. Peek-a-Boo,I still see you:why efficient traffic analysis countermeasures fail[C]// 2012 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2012: 332-346.
[54]	HOU C , SHI J , KANG C ,et al. Classifying user activities in the encrypted WeChat traffic[C]// 2018 IEEE 37th International Performance Computing and Communications Conference. Piscataway:IEEE Press, 2018: 1-8.
[55]	PATHMAPERUMA M H , RAHULAMATHAVAN Y , DOGAN S ,et al. In-App activity recognition from Wi-Fi encrypted traffic[C]// Science and Information Conference. Berlin:Springer, 2020: 685-697.
[56]	YAN F , XU M , QIAO T ,et al. Identifying WeChat red packets and fund transfers via analyzing encrypted network traffic[C]// 2018 17th IEEE International Conference On Trust,Security and Privacy in Computing and Communications/ 12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE). Piscataway:IEEE Press, 2018: 1426-1432.
[57]	WANG Y , ZHENG N , XU M ,et al. Hierarchical identifier:application to user privacy eavesdropping on mobile payment App[J]. Sensors (Basel)， 2019:doi.org/10.3390/s19143052.
[58]	AIOLLI F , CONTI M , GANGWAL A ,et al. Mind your wallet’s privacy:identifying Bitcoin wallet Apps and user’s actions through network traffic analysis[C]// Proceedings of the 34th ACM/SIGApp Symposium on Applied Computing. New York:ACM Press, 2019: 1484-1491.
[59]	NAIK M , BHATIA A , TIWARI K . I know who you are:a learning framework to profile smartphone users[C]// 2020 International Conference on Communication Systems ＆ Networks. Piscataway:IEEE Press, 2020: 555-558.
[60]	MOORE A , ZUEV D , CROGAN M . Discriminators for use in flow-based classification[R].(2005-08)[2020-07-14].
[61]	LI D , LI W , WANG X ,et al. ActiveTracker:uncovering the trajectory of App activities over encrypted internet traffic streams[C]// 2019 16th Annual IEEE International Conference on Sensing,Communication,and Networking. Piscataway:IEEE Press, 2019: 1-9.
[62]	HOU T , WANG T , LU Z ,et al. Smart spying via deep learning:inferring your activities from encrypted wireless traffic[C]// IEEE Global Conference on Signal and Information Processing. Piscataway:IEEE Press, 2019:doi.org/ 10.1109/GlobalSIP45357.2019.8969428.
[63]	ALAN H F , KAUR J . Can Android applications be identified using only TCP/IP headers of their launch time traffic?[C]// ACM Conference on Security ＆ Privacy in Wireless ＆ Mobile Networks. New York:ACM Press, 2016: 61-66.
[64]	GROLMAN E , FINKELSHTEIN A , PUZIS R ,et al. Transfer learning for user action identication in mobile Apps via encrypted trafc analysis[J]. IEEE Intelligent Systems, 2018,33(2): 40-53.
[65]	WU H , WU Q , CHENG G ,et al. Instagram user behavior identification based on multidimensional features[C]// IEEE INFOCOM 2020-IEEE Conference on Computer Communications Workshops. Piscataway:IEEE Press, 2020: 1111-1116.

Metrics

Recommended 0

No Suggested Reading articles found!

方法	提出年份	文献	客户端	服务器	未知类型	实时性	探测能力	稳健性
字符串匹配	2015	文献[21]	√	√	☆☆☆☆☆	×	★★☆☆☆	★★☆☆☆
字符串匹配	2015	文献[22]	√	×	☆☆☆☆☆	×	★★☆☆☆	★★☆☆☆
字符串匹配	2020	文献[23]	√	×	☆☆☆☆☆	×	★★★☆☆	★★★★☆
字符串匹配	2016	文献[25]	√	×	☆☆☆☆☆	√	★★☆☆☆	★★★☆☆
字符串匹配	2020	文献[26]	√	×	☆☆☆☆☆	×	★★★★☆	★★★☆☆
字符串匹配	2017	文献[27]	√	√	☆☆☆☆☆	×	★★☆☆☆	★★★☆☆
正则匹配	2015	文献[24]	×	×	☆☆☆☆☆	×	★★☆☆☆	★★☆☆☆
监督学习	2016	文献[28]	√	√	★★★★☆	×	★★★★☆	★★★★☆
监督学习	2018	文献[30]	√	√	★★☆☆☆	√	★★★★☆	★★★☆☆
监督学习	2018	文献[31]	√	×	★★☆☆☆	√	★★★★☆	★★★☆☆
监督学习	2018	文献[32]	√	×	★★☆☆☆	×	★★★★☆	★★★☆☆
监督学习	2018	文献[33]	√	×	★★☆☆☆	×	★★★☆☆	★★★☆☆
关联挖掘	2019	文献[20]	√	×	★★★☆☆	×	★★☆☆☆	★★★☆☆

行为	应用	规则
语音电话	微信	3{1,3}, 56-60{1,3}, 400-800
语音电话	微信	3{1,3}, 56-60{1,3}, 3{1,3}, 117 OR 3{1,3}, 56-60{1,3},3{1,3}, 114
聊天信息	微信	3{1,3}，52

Research prospects of user information detection from encrypted traffic of mobile devices

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 9

References 65

Related Articles 15

Metrics

Recommended 0

[1]	Shiqi ZHAO, Xiaohong HUANG, Zhigang ZHONG. Research and implementation of reputation-based inter-domain routing selection mechanism [J]. Journal on Communications, 2023, 44(6): 47-56.
[2]	Xindi MA, Qinghua LI, Qi JIANG, Zhuo MA, Sheng GAO, Youliang TIAN, Jianfeng MA. Byzantine-robust federated learning over Non-IID data [J]. Journal on Communications, 2023, 44(6): 138-153.
[3]	Tao FENG, Liqiu CHEN, Junli FANG, Jianming SHI. Blockchain data sharing scheme based on localized difference privacy and attribute-based searchable encryption [J]. Journal on Communications, 2023, 44(5): 224-233.
[4]	Baiji HU, Xiaojuan ZHANG, Yuancheng LI, Rongxin LAI. Multi-function supported privacy protection data aggregation scheme for V2G network [J]. Journal on Communications, 2023, 44(4): 187-200.
[5]	Ming XU, Baojun ZHANG, Yiming WU, Chenduo YING, Ning ZHENG. Cyber attacks and privacy protection distributed consensus algorithm for multi-agent systems [J]. Journal on Communications, 2023, 44(3): 117-127.
[6]	Haiyan KANG, Molan LONG. Research on network attack analysis method based on attack graph of absorbing Markov chain [J]. Journal on Communications, 2023, 44(2): 122-135.
[7]	Xuewang ZHANG, Zhihong LI, Jinzhao LIN. Privacy protection scheme based on fair blind signature and hierarchical encryption for consortium blockchain [J]. Journal on Communications, 2022, 43(8): 131-141.
[8]	Jifeng WANG, Guofeng WANG. Research on ciphertext search and sharing technology in edge computing mode [J]. Journal on Communications, 2022, 43(4): 227-238.
[9]	Huamin FENG, Rui SHI, Feng YUAN, Yanjun LI, Yang YANG. Efficient strong privacy protection and transferable attribute-based ticket scheme [J]. Journal on Communications, 2022, 43(3): 63-75.
[10]	Yan YAN, Yiming CONG, Mahmood Adnan, Quanzheng SHENG. Statistics release and privacy protection method of location big data based on deep learning [J]. Journal on Communications, 2022, 43(1): 203-216.
[11]	Hui LIU, Xinyan LIU, Yan XU, Hong ZHONG, Meng WANG. Privacy protection of warning message publishing protocol in VANET [J]. Journal on Communications, 2021, 42(8): 120-129.
[12]	Hongtao LI, Xiaoyu REN, Jie WANG, Jianfeng MA. Continuous location privacy protection mechanism based on differential privacy [J]. Journal on Communications, 2021, 42(8): 164-175.
[13]	Wenbo ZHANG, Wenhua HUANG, Jingyu FENG. Secure communication mechanism for VSN based on certificateless signcryption [J]. Journal on Communications, 2021, 42(7): 128-136.
[14]	Jie CUI, Xuefeng CHEN, Jing ZHANG, Lu WEI, Hong ZHONG. Bus cache-based location privacy protection scheme in the Internet of vehicles [J]. Journal on Communications, 2021, 42(7): 150-161.
[15]	Guangjun LIU, Wangmei GUO, Jinbo XIONG, Ximeng LIU, Changyu DONG. Lightweight privacy protection data auditing scheme for regenerating-coding-based distributed storage [J]. Journal on Communications, 2021, 42(7): 220-230.