Journal on Communications ›› 2021, Vol. 42 ›› Issue (2): 154-167.doi: 10.11959/j.issn.1000-436x.2021040
• Comprehensive Reviews • Previous Articles Next Articles
Tengfei ZHANG, Shunzheng YU
Revised:
2020-11-03
Online:
2021-02-25
Published:
2021-02-01
Supported by:
CLC Number:
Tengfei ZHANG, Shunzheng YU. Research prospects of user information detection from encrypted traffic of mobile devices[J]. Journal on Communications, 2021, 42(2): 154-167.
"
方法 | 提出年份 | 文献 | 客户端 | 服务器 | 未知类型 | 实时性 | 探测能力 | 稳健性 |
字符串匹配 | 2015 | 文献[21] | √ | √ | ☆☆☆☆☆ | × | ★★☆☆☆ | ★★☆☆☆ |
字符串匹配 | 2015 | 文献[22] | √ | × | ☆☆☆☆☆ | × | ★★☆☆☆ | ★★☆☆☆ |
字符串匹配 | 2020 | 文献[23] | √ | × | ☆☆☆☆☆ | × | ★★★☆☆ | ★★★★☆ |
字符串匹配 | 2016 | 文献[25] | √ | × | ☆☆☆☆☆ | √ | ★★☆☆☆ | ★★★☆☆ |
字符串匹配 | 2020 | 文献[26] | √ | × | ☆☆☆☆☆ | × | ★★★★☆ | ★★★☆☆ |
字符串匹配 | 2017 | 文献[27] | √ | √ | ☆☆☆☆☆ | × | ★★☆☆☆ | ★★★☆☆ |
正则匹配 | 2015 | 文献[24] | × | × | ☆☆☆☆☆ | × | ★★☆☆☆ | ★★☆☆☆ |
监督学习 | 2016 | 文献[28] | √ | √ | ★★★★☆ | × | ★★★★☆ | ★★★★☆ |
监督学习 | 2018 | 文献[30] | √ | √ | ★★☆☆☆ | √ | ★★★★☆ | ★★★☆☆ |
监督学习 | 2018 | 文献[31] | √ | × | ★★☆☆☆ | √ | ★★★★☆ | ★★★☆☆ |
监督学习 | 2018 | 文献[32] | √ | × | ★★☆☆☆ | × | ★★★★☆ | ★★★☆☆ |
监督学习 | 2018 | 文献[33] | √ | × | ★★☆☆☆ | × | ★★★☆☆ | ★★★☆☆ |
关联挖掘 | 2019 | 文献[20] | √ | × | ★★★☆☆ | × | ★★☆☆☆ | ★★★☆☆ |
[1] | 中国互联网络信息中心. 第45次《中国互联网络发展状况统计报告》.(2020-04-28)[2020-07-14]. |
China Internet Network Information Center. The 45th "Statistical Re-port on Internet Development in China"[R].(2020-04-28)[2020-07-14]. | |
[2] | ENCK W , GILBERT P , HAN S ,et al. TaintDroid:an information-flow tracking system for realtime privacy monitoring on smartphones[J]. ACM Transactions on Computer Systems, 2014,32(2): 1-29. |
[3] | ARDAGNA C A , CONTI M , LEONE M ,et al. An anonymous end-to-end communication protocol for mobile cloud environments[J]. IEEE Transactions on Services Computing, 2014,7(3): 373-386. |
[4] | CONTI M , DRAGONI N , GOTTARDO S . MITHYS:mind the hand you shake-protecting mobile devices from SSL usage vulnerabilities[C]// International Workshop on Security and Trust Management. Berlin:Springer, 2013: 65-81. |
[5] | BERTHOLD O , FEDERRATH H , KOHNTOPP M . Project“anonymity and unobservability in the Internet”[C]// Proceedings of the Tenth Conference on Computers,Freedom and Privacy:Challenging the Assumptions. New York:ACM Press, 2000: 57-65. |
[6] | BUJLOW T , CARELA-ESPANOL V , BARLET-ROS P . Independent comparison of popular DPI tools for traffic classification[J]. Computer Networks, 2015,76: 75-89. |
[7] | WRIGHT C V , COULL S E , MONROSE F . Traffic morphing:an efficient defense against statistical traffic analysis[C]// Proceedings of the 16th Network and Distributed Security Symposium. Piscataway:IEEE Press, 2009: 237-250. |
[8] | FAHL S , HARBACH M , MUDERS T ,et al. Why eve and mallory love android:an analysis of android SSL (in)security categories and subject descriptors[C]// ACM Conference on Computer &Communications Security. New York:ACM Press, 2012: 50-61. |
[9] | GEORGIEV M , IYENGAR S , JANA S ,et al. The most dangerous code in the world:validating SSL certificates in non-browser software[C]// ACM Conference on Computer & Communications Security. New York:ACM Press, 2012: 38-49. |
[10] | STOBER T , FRANK M , SCHMITT J B ,et al. Who do you sync you are? Smartphone fingerprinting via application behaviour[C]// Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks. New York:ACM Press, 2013: 7-12. |
[11] | RAYMOND J , . Traffic analysis:protocols,attacks,design issues,and open problems[C]// Designing Privacy Enhancing Technologies. Berlin:Springer, 2001: 10-29. |
[12] | CONTI M , MANCINI L V , SPOLAOR R ,et al. Can’t you hear me knocking:identification of user actions on android Apps via traffic analysis[C]// Proceedings of the 5th ACM Conference on Data and Application Security and Privacy. New York:ACM Press, 2015: 297-304. |
[13] | COULL S E , DYER K P . Traffic analysis of encrypted messaging services:Apple iMessage and beyond[J]. ACM Sigcomm Computer Communication Review, 2014,44(5): 6-11. |
[14] | LI H X , ZHU H J , MA D . Demographic information inference through meta-data analysis of Wi-Fi traffic[J]. IEEE Transactions on Mobile Computing, 2018,17(5): 1033-1047. |
[15] | WANG P , CHEN X , YE F ,et al. A survey of techniques for mobile service encrypted traffic classification using deep learning[J]. IEEE Access, 2019,7: 54024-54033. |
[16] | WANG X , QIN X , HOSSEINI M B ,et al. GUILeak:tracing privacy policy claims on user input data for Android applications[C]// International Conference on Software Engineering. Piscataway:IEEE Press, 2018: 37-47. |
[17] | CONTI M , LI Q Q , MARAGNO A ,et al. The dark side(-channel) of mobile devices:a survey on network traffic analysis[J]. IEEE Communications Surveys and Tutorials, 2018,20(4): 2658-2713. |
[18] | NABOULSI D , FIORE M , RIBOT S ,et al. Large-scale mobile traffic analysis:a survey[J]. IEEE Communications Surveys and Tutorials, 2016,18(1): 124-161. |
[19] | WANG Q , YAHYAVI A , KEMME B ,et al. I know what you did on your smartphone:inferring App usage over encrypted data traffic[C]// 2015 IEEE Conference on Communications and Network Security. Piscataway:IEEE Press, 2015: 433-441. |
[20] | JIA Q , ZHOU L , LI H ,et al. Who leaks my privacy:towards automatic and association detection with GDPR compliance[C]// International Conference on Wireless Algorithms,Systems,and Applications. Berlin:Springer, 2019: 137-148. |
[21] | LE A , VARMARKEN J , LANGHOFF S ,et al. AntMonitor:a system for monitoring from mobile devices[C]// Proceedings of the 2015 ACM SIGCOMM Workshop on Crowdsourcing and Crowdsharing of Big (Internet) Data. New York:ACM Press, 2015: 15-20. |
[22] | RAZAGHPANAH A , VALLINA-RODRIGUEZ N , SUNDARESAN S ,et al. Haystack:in situ mobile traffic analysis in user space[J]. arXiv Preprint,arXiv:1510.01419, 2015. |
[23] | NOVAK E , AUNG P T , DO T . VPN+ towards detection and remediation of information leakage on smartphones[C]// 2020 21st IEEE International Conference on Mobile Data Management. Piscataway:IEEE Press, 2020: 39-48. |
[24] | SONG Y , HENGARTNER U . PrivacyGuard:a VPN-based platform to detect information leakage on android devices[C]// Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices. New York:ACM Press, 2015: 15-26. |
[25] | SHUBA A , LE A , ALIMPERTIS E ,et al. AntMonitor:a system for on-device mobile network monitoring and its applications[J]. arXiv Preprint,arXiv:1611.04268, 2016. |
[26] | BAKOPOULOU E , SHUBA A , MARKOPOULOU A J A P A . Exposures exposed:a measurement and user study to assess mobile data privacy in context[J]. arXiv Preprint,arXiv:2008.08973, 2020. |
[27] | SRIVASTAVA G , BHUWALKA K , SAHOO S K ,et al. Privacyproxy:leveraging crowdsourcing and in situ traffic analysis to detect and mitigate information leakage[J]. arXiv Preprint,arXiv:1708.06384, 2017. |
[28] | REN J , RAO A , LINDORFER M ,et al. ReCon:revealing and controlling PII leaks in mobile network traffic[C]// Proceedings of the 14th Annual International Conference on Mobile Systems,Applications,and Services. New York:ACM Press, 2016: 361-374. |
[29] | RAO A , KAKHKI A M , RAZAGHPANAH A ,et al. Using the middle to meddle with mobile[R].(2013-12-10)[2020-07-14]. |
[30] | SHUBA A , BAKOPOULOU E , MEHRABADI M A ,et al. Antshield:on-device detection of personal information exposure[J]. arXiv Preprint,arXiv:1803.01261, 2018. |
[31] | SHUBA A , BAKOPOULOU E , MARKOPOULOU A . Privacy leak classification on mobile devices[C]// 2018 IEEE 19th International Workshop on Signal Processing Advances in Wireless Communications. Piscataway:IEEE Press, 2018: 1-5. |
[32] | JIN H , LIU M , DODHIA K ,et al. Why are they collecting my data? Inferring the purposes of network traffic in mobile Apps[J]. Proceedings of the ACM on Interactive,Mobile,Wearable and Ubiquitous Technologies, 2018,2(4): 1-27. |
[33] | TAN H Z , ZHAO W , SHEN H H . A context-perceptual privacy protection approach on Android devices[C]// 2018 IEEE International Conference on Communications. Piscataway:IEEE Press, 2018: 1-7. |
[34] | JUNG J , SHETH A , GREENSTEIN B ,et al. Privacy oracle:a system for finding application leaks with black box differential testing[C]// Proceedings of the 15th ACM Conference on Computer and Communications Security. New York:ACM Press, 2008: 279-288. |
[35] | CONTINELLA A , FRATANTONIO Y , LINDORFER M ,et al. Obfuscation-resilient privacy leak detection for mobile Apps through differential analysis[C]// Network and Distributed System Security Symposium. Virginia:the Internet Society, 2017: 1-15. |
[36] | LIU Y , LIAO L , SONG T J S C I S . Static tainting extraction approach based on information flow graph for personally identifiable information[J]. Science China Information Sciences, 2020,63(3): 1-17. |
[37] | ZHANG F , HE W , CHEN Y ,et al. Thwarting Wi-Fi side-channel analysis through traffic demultiplexing[J]. IEEE Transactions on Wireless Communications, 2014,13(1): 86-98. |
[38] | ATKINSON J S , MITCHELL J E , RIO M ,et al. Your Wi-Fi is leaking:what do your mobile Apps gossip about you?[J]. Future Generation Computer Systems-the International Journal of Escience, 2018,80: 546-557. |
[39] | CHENG Z , CHEN X , ZHANG Y ,et al. Detecting information theft based on mobile network flows for android users[C]// 2017 International Conference on Networking,Architecture,and Storage (NAS). Piscataway:IEEE Press, 2017: 1-10. |
[40] | ACETO G , CIUONZO D , MONTIERI A ,et al. Mobile encrypted traffic classification using deep learning:experimental evaluation,lessons learned,and challenges[J]. IEEE Transactions on Network and Service Management, 2019,16(2): 445-458. |
[41] | LIU J , FU Y , MING J ,et al. Effective and real-time in-App activity analysis in encrypted internet traffic streams[C]// Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. New York:ACM Press, 2017: 335-344. |
[42] | FU Y , XIONG H , LU X ,et al. Service usage classification with encrypted internet traffic in mobile messaging Apps[J]. IEEE Transactions on Mobile Computing, 2016,15(11): 2851-2864. |
[43] | ZHANG Q , XU M , ZHENG N ,et al. Identifying WeChat message types without using traditional traffic[J]. Information, 2020,11(1): 18. |
[44] | PAPADOGIANNAKI E , HALEVIDIS C , AKRITIDIS P ,et al. OTTer:a scalable high-resolution encrypted traffic identification engine[C]// International Symposium on Research in Attacks,Intrusions,and Defenses. Berlin:Springer, 2018: 315-334. |
[45] | FU Y , LIU J , LI X ,et al. Service usage analysis in mobile messaging apps:a multi-label multi-view perspective[C]// 2016 IEEE 16th International Conference on Data Mining. Piscataway:IEEE Press, 2016: 877-882. |
[46] | FU Y J , LIU J M , LI X L ,et al. A multi-label multi-view learning framework for in-App service usage analysis[J]. ACM Transactions on Intelligent Systems and Technology, 2018,9(4): 40. |
[47] | PARK K , KIM H . Encryption is not enough:inferring user activities on Kakaotalk with traffic analysis[C]// Workshop on Information Security Applications. Berlin:Springer, 2015: 254-265. |
[48] | CONTI M , MANCINI L V , SPOLAOR R ,et al. Analyzing android encrypted network traffic to identify user actions[J]. IEEE Transactions on Information Forensics and Security, 2016,11(1): 114-125. |
[49] | SALTAFORMAGGIO B , CHOI H , JOHNSON K ,et al. Eavesdropping on fine-grained user activities within smartphone Apps over encrypted network traffic[C]// 10th USENIX Workshop on Offensive Technologies. Berkeley:USENIX Association, 2016: 69-78. |
[50] | SAPIO A , LIAO Y , BALDI M ,et al. Per-user policy enforcement on mobile Apps through network functions virtualization[C]// Proceedings of the 9th ACM workshop on Mobility in the evolving internet architecture. New York:ACM Press, 2014: 37-42. |
[51] | TONGAONKAR A , DAI S , NUCCI A ,et al. Understanding mobile App usage patterns using in-App advertisements[C]// International Conference on Passive and Active Network Measurement. Berlin:Springer, 2013: 63-72. |
[52] | LI K , LI H , ZHU H S ,et al. Side-channel information leakage of traffic data in instant messaging[C]// 2019 IEEE 38th International Performance Computing and Communications Conference. Piscataway:IEEE Press, 2019:doi.org/ 10.1109/ IPCCC47392.2019.8958775. |
[53] | DYER K P , COULL S E , RISTENPART T ,et al. Peek-a-Boo,I still see you:why efficient traffic analysis countermeasures fail[C]// 2012 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2012: 332-346. |
[54] | HOU C , SHI J , KANG C ,et al. Classifying user activities in the encrypted WeChat traffic[C]// 2018 IEEE 37th International Performance Computing and Communications Conference. Piscataway:IEEE Press, 2018: 1-8. |
[55] | PATHMAPERUMA M H , RAHULAMATHAVAN Y , DOGAN S ,et al. In-App activity recognition from Wi-Fi encrypted traffic[C]// Science and Information Conference. Berlin:Springer, 2020: 685-697. |
[56] | YAN F , XU M , QIAO T ,et al. Identifying WeChat red packets and fund transfers via analyzing encrypted network traffic[C]// 2018 17th IEEE International Conference On Trust,Security and Privacy in Computing and Communications/ 12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE). Piscataway:IEEE Press, 2018: 1426-1432. |
[57] | WANG Y , ZHENG N , XU M ,et al. Hierarchical identifier:application to user privacy eavesdropping on mobile payment App[J]. Sensors (Basel), 2019:doi.org/10.3390/s19143052. |
[58] | AIOLLI F , CONTI M , GANGWAL A ,et al. Mind your wallet’s privacy:identifying Bitcoin wallet Apps and user’s actions through network traffic analysis[C]// Proceedings of the 34th ACM/SIGApp Symposium on Applied Computing. New York:ACM Press, 2019: 1484-1491. |
[59] | NAIK M , BHATIA A , TIWARI K . I know who you are:a learning framework to profile smartphone users[C]// 2020 International Conference on Communication Systems & Networks. Piscataway:IEEE Press, 2020: 555-558. |
[60] | MOORE A , ZUEV D , CROGAN M . Discriminators for use in flow-based classification[R].(2005-08)[2020-07-14]. |
[61] | LI D , LI W , WANG X ,et al. ActiveTracker:uncovering the trajectory of App activities over encrypted internet traffic streams[C]// 2019 16th Annual IEEE International Conference on Sensing,Communication,and Networking. Piscataway:IEEE Press, 2019: 1-9. |
[62] | HOU T , WANG T , LU Z ,et al. Smart spying via deep learning:inferring your activities from encrypted wireless traffic[C]// IEEE Global Conference on Signal and Information Processing. Piscataway:IEEE Press, 2019:doi.org/ 10.1109/GlobalSIP45357.2019.8969428. |
[63] | ALAN H F , KAUR J . Can Android applications be identified using only TCP/IP headers of their launch time traffic?[C]// ACM Conference on Security & Privacy in Wireless & Mobile Networks. New York:ACM Press, 2016: 61-66. |
[64] | GROLMAN E , FINKELSHTEIN A , PUZIS R ,et al. Transfer learning for user action identication in mobile Apps via encrypted trafc analysis[J]. IEEE Intelligent Systems, 2018,33(2): 40-53. |
[65] | WU H , WU Q , CHENG G ,et al. Instagram user behavior identification based on multidimensional features[C]// IEEE INFOCOM 2020-IEEE Conference on Computer Communications Workshops. Piscataway:IEEE Press, 2020: 1111-1116. |
[1] | Shiqi ZHAO, Xiaohong HUANG, Zhigang ZHONG. Research and implementation of reputation-based inter-domain routing selection mechanism [J]. Journal on Communications, 2023, 44(6): 47-56. |
[2] | Xindi MA, Qinghua LI, Qi JIANG, Zhuo MA, Sheng GAO, Youliang TIAN, Jianfeng MA. Byzantine-robust federated learning over Non-IID data [J]. Journal on Communications, 2023, 44(6): 138-153. |
[3] | Tao FENG, Liqiu CHEN, Junli FANG, Jianming SHI. Blockchain data sharing scheme based on localized difference privacy and attribute-based searchable encryption [J]. Journal on Communications, 2023, 44(5): 224-233. |
[4] | Baiji HU, Xiaojuan ZHANG, Yuancheng LI, Rongxin LAI. Multi-function supported privacy protection data aggregation scheme for V2G network [J]. Journal on Communications, 2023, 44(4): 187-200. |
[5] | Ming XU, Baojun ZHANG, Yiming WU, Chenduo YING, Ning ZHENG. Cyber attacks and privacy protection distributed consensus algorithm for multi-agent systems [J]. Journal on Communications, 2023, 44(3): 117-127. |
[6] | Haiyan KANG, Molan LONG. Research on network attack analysis method based on attack graph of absorbing Markov chain [J]. Journal on Communications, 2023, 44(2): 122-135. |
[7] | Xuewang ZHANG, Zhihong LI, Jinzhao LIN. Privacy protection scheme based on fair blind signature and hierarchical encryption for consortium blockchain [J]. Journal on Communications, 2022, 43(8): 131-141. |
[8] | Jifeng WANG, Guofeng WANG. Research on ciphertext search and sharing technology in edge computing mode [J]. Journal on Communications, 2022, 43(4): 227-238. |
[9] | Huamin FENG, Rui SHI, Feng YUAN, Yanjun LI, Yang YANG. Efficient strong privacy protection and transferable attribute-based ticket scheme [J]. Journal on Communications, 2022, 43(3): 63-75. |
[10] | Yan YAN, Yiming CONG, Mahmood Adnan, Quanzheng SHENG. Statistics release and privacy protection method of location big data based on deep learning [J]. Journal on Communications, 2022, 43(1): 203-216. |
[11] | Hui LIU, Xinyan LIU, Yan XU, Hong ZHONG, Meng WANG. Privacy protection of warning message publishing protocol in VANET [J]. Journal on Communications, 2021, 42(8): 120-129. |
[12] | Hongtao LI, Xiaoyu REN, Jie WANG, Jianfeng MA. Continuous location privacy protection mechanism based on differential privacy [J]. Journal on Communications, 2021, 42(8): 164-175. |
[13] | Wenbo ZHANG, Wenhua HUANG, Jingyu FENG. Secure communication mechanism for VSN based on certificateless signcryption [J]. Journal on Communications, 2021, 42(7): 128-136. |
[14] | Jie CUI, Xuefeng CHEN, Jing ZHANG, Lu WEI, Hong ZHONG. Bus cache-based location privacy protection scheme in the Internet of vehicles [J]. Journal on Communications, 2021, 42(7): 150-161. |
[15] | Guangjun LIU, Wangmei GUO, Jinbo XIONG, Ximeng LIU, Changyu DONG. Lightweight privacy protection data auditing scheme for regenerating-coding-based distributed storage [J]. Journal on Communications, 2021, 42(7): 220-230. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|