移动设备加密流量的用户信息探测研究展望

张腾飞; 余顺争

doi:10.11959/j.issn.1000-436x.2021040

您当前的位置：

首页 >

文章列表页 >

移动设备加密流量的用户信息探测研究展望

综述 | 更新时间：2024-06-05

- 移动设备加密流量的用户信息探测研究展望
- Research prospects of user information detection from encrypted traffic of mobile devices
- 通信学报 2021年42卷第2期页码：154-167
- 作者机构：
  
  中山大学计算机学院，广东广州 510006
- 作者简介：
  
  [ "张腾飞（1991- ），男，河南洛阳人，中山大学博士生，主要研究方向为网络安全和网络行为分析。" ]
  [ "余顺争（1958- ），男，江西景德镇人，博士，中山大学教授、博士生导师，主要研究方向为隐半马尔可夫模型和机器学习、协议逆向工程、网络流量和网络行为分析、异常检测、基于SDN的云安全。" ]
- 基金信息：
  
  国家自然科学基金资助项目(U1636118);国家自然科学基金资助项目(61972431);广东省科技计划项目重大专项基金资助项目(2017B030306015);广东省应用型科技研发专项基金资助项目(2017B010125003)
- DOI：10.11959/j.issn.1000-436x.2021040
  中图分类号： TN92
- 网络出版日期：2021-02，
  
  纸质出版日期：2021-02-25
- 稿件说明：
移动端阅览
张腾飞, 余顺争. 移动设备加密流量的用户信息探测研究展望[J]. 通信学报, 2021,42(2):154-167.

Tengfei ZHANG, Shunzheng YU. Research prospects of user information detection from encrypted traffic of mobile devices[J]. Journal on communications, 2021, 42(2): 154-167.
张腾飞, 余顺争. 移动设备加密流量的用户信息探测研究展望[J]. 通信学报, 2021,42(2):154-167. DOI： 10.11959/j.issn.1000-436x.2021040.

Tengfei ZHANG, Shunzheng YU. Research prospects of user information detection from encrypted traffic of mobile devices[J]. Journal on communications, 2021, 42(2): 154-167. DOI： 10.11959/j.issn.1000-436x.2021040.

摘要

移动设备加密流量分析可以用主动或被动的方式获取多种类型的用户信息，为网络安全管理和用户隐私保护提供保障。重点分析、归纳了用户信息探测所涉及的数据采集、特征选择、模型与方法以及评价体系的基本原理和关键方法。总结了现有方案中存在的问题，以及未来研究方向和面临的挑战。

Abstract

Encrypted traffic analysis of mobile devices can obtain multiple types of user information in an active or passive way

which provides protection for network security management and user privacy protection.The basic principles and key methods of data collection

feature selection

models and methods

and evaluation systems involved in these user information detection were analyzed and summarized.The problems in the existing projects were summarized

as well as the future research directions and challenges.

关键词

Keywords

references

中国互联网络信息中心 . 第45次《中国互联网络发展状况统计报告》 .(2020-04-28)[2020-07-14 ] .

China Internet Network Information Center . The 45th "Statistical Re-port on Internet Development in China" [R ] .(2020-04-28)[2020-07-14 ] .

ENCK W , GILBERT P , HAN S , et al . TaintDroid:an information-flow tracking system for realtime privacy monitoring on smartphones [J ] . ACM Transactions on Computer Systems , 2014 , 32 ( 2 ): 1 - 29 .

ARDAGNA C A , CONTI M , LEONE M , et al . An anonymous end-to-end communication protocol for mobile cloud environments [J ] . IEEE Transactions on Services Computing , 2014 , 7 ( 3 ): 373 - 386 .

CONTI M , DRAGONI N , GOTTARDO S . MITHYS:mind the hand you shake-protecting mobile devices from SSL usage vulnerabilities [C ] // International Workshop on Security and Trust Management . Berlin:Springer , 2013 : 65 - 81 .

BERTHOLD O , FEDERRATH H , KOHNTOPP M . Project“anonymity and unobservability in the Internet” [C ] // Proceedings of the Tenth Conference on Computers,Freedom and Privacy:Challenging the Assumptions . New York:ACM Press , 2000 : 57 - 65 .

BUJLOW T , CARELA-ESPANOL V , BARLET-ROS P . Independent comparison of popular DPI tools for traffic classification [J ] . Computer Networks , 2015 , 76 : 75 - 89 .

WRIGHT C V , COULL S E , MONROSE F . Traffic morphing:an efficient defense against statistical traffic analysis [C ] // Proceedings of the 16th Network and Distributed Security Symposium . Piscataway:IEEE Press , 2009 : 237 - 250 .

FAHL S , HARBACH M , MUDERS T , et al . Why eve and mallory love android:an analysis of android SSL (in)security categories and subject descriptors [C ] // ACM Conference on Computer ＆Communications Security . New York:ACM Press , 2012 : 50 - 61 .

GEORGIEV M , IYENGAR S , JANA S , et al . The most dangerous code in the world:validating SSL certificates in non-browser software [C ] // ACM Conference on Computer ＆ Communications Security . New York:ACM Press , 2012 : 38 - 49 .

STOBER T , FRANK M , SCHMITT J B , et al . Who do you sync you are? Smartphone fingerprinting via application behaviour [C ] // Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks . New York:ACM Press , 2013 : 7 - 12 .

RAYMOND J , . Traffic analysis:protocols,attacks,design issues,and open problems [C ] // Designing Privacy Enhancing Technologies . Berlin:Springer , 2001 : 10 - 29 .

CONTI M , MANCINI L V , SPOLAOR R , et al . Can’t you hear me knocking:identification of user actions on android Apps via traffic analysis [C ] // Proceedings of the 5th ACM Conference on Data and Application Security and Privacy . New York:ACM Press , 2015 : 297 - 304 .

COULL S E , DYER K P . Traffic analysis of encrypted messaging services:Apple iMessage and beyond [J ] . ACM Sigcomm Computer Communication Review , 2014 , 44 ( 5 ): 6 - 11 .

LI H X , ZHU H J , MA D . Demographic information inference through meta-data analysis of Wi-Fi traffic [J ] . IEEE Transactions on Mobile Computing , 2018 , 17 ( 5 ): 1033 - 1047 .

WANG P , CHEN X , YE F , et al . A survey of techniques for mobile service encrypted traffic classification using deep learning [J ] . IEEE Access , 2019 , 7 : 54024 - 54033 .

WANG X , QIN X , HOSSEINI M B , et al . GUILeak:tracing privacy policy claims on user input data for Android applications [C ] // International Conference on Software Engineering . Piscataway:IEEE Press , 2018 : 37 - 47 .

CONTI M , LI Q Q , MARAGNO A , et al . The dark side(-channel) of mobile devices:a survey on network traffic analysis [J ] . IEEE Communications Surveys and Tutorials , 2018 , 20 ( 4 ): 2658 - 2713 .

NABOULSI D , FIORE M , RIBOT S , et al . Large-scale mobile traffic analysis:a survey [J ] . IEEE Communications Surveys and Tutorials , 2016 , 18 ( 1 ): 124 - 161 .

WANG Q , YAHYAVI A , KEMME B , et al . I know what you did on your smartphone:inferring App usage over encrypted data traffic [C ] // 2015 IEEE Conference on Communications and Network Security . Piscataway:IEEE Press , 2015 : 433 - 441 .

JIA Q , ZHOU L , LI H , et al . Who leaks my privacy:towards automatic and association detection with GDPR compliance [C ] // International Conference on Wireless Algorithms,Systems,and Applications . Berlin:Springer , 2019 : 137 - 148 .

LE A , VARMARKEN J , LANGHOFF S , et al . AntMonitor:a system for monitoring from mobile devices [C ] // Proceedings of the 2015 ACM SIGCOMM Workshop on Crowdsourcing and Crowdsharing of Big (Internet) Data . New York:ACM Press , 2015 : 15 - 20 .

RAZAGHPANAH A , VALLINA-RODRIGUEZ N , SUNDARESAN S , et al . Haystack:in situ mobile traffic analysis in user space [J ] . arXiv Preprint,arXiv:1510.01419 ， 2015 .

NOVAK E , AUNG P T , DO T . VPN+ towards detection and remediation of information leakage on smartphones [C ] // 2020 21st IEEE International Conference on Mobile Data Management . Piscataway:IEEE Press , 2020 : 39 - 48 .

SONG Y , HENGARTNER U . PrivacyGuard:a VPN-based platform to detect information leakage on android devices [C ] // Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices . New York:ACM Press , 2015 : 15 - 26 .

SHUBA A , LE A , ALIMPERTIS E , et al . AntMonitor:a system for on-device mobile network monitoring and its applications [J ] . arXiv Preprint,arXiv:1611.04268 ， 2016 .

BAKOPOULOU E , SHUBA A , MARKOPOULOU A J A P A . Exposures exposed:a measurement and user study to assess mobile data privacy in context [J ] . arXiv Preprint,arXiv:2008.08973 ， 2020 .

SRIVASTAVA G , BHUWALKA K , SAHOO S K , et al . Privacyproxy:leveraging crowdsourcing and in situ traffic analysis to detect and mitigate information leakage [J ] . arXiv Preprint,arXiv:1708.06384 ， 2017 .

REN J , RAO A , LINDORFER M , et al . ReCon:revealing and controlling PII leaks in mobile network traffic [C ] // Proceedings of the 14th Annual International Conference on Mobile Systems,Applications,and Services . New York:ACM Press , 2016 : 361 - 374 .

RAO A , KAKHKI A M , RAZAGHPANAH A , et al . Using the middle to meddle with mobile [R ] .(2013-12-10)[2020-07-14 ] .

SHUBA A , BAKOPOULOU E , MEHRABADI M A , et al . Antshield:on-device detection of personal information exposure [J ] . arXiv Preprint,arXiv:1803.01261 ， 2018 .

SHUBA A , BAKOPOULOU E , MARKOPOULOU A . Privacy leak classification on mobile devices [C ] // 2018 IEEE 19th International Workshop on Signal Processing Advances in Wireless Communications . Piscataway:IEEE Press , 2018 : 1 - 5 .

JIN H , LIU M , DODHIA K , et al . Why are they collecting my data? Inferring the purposes of network traffic in mobile Apps [J ] . Proceedings of the ACM on Interactive,Mobile,Wearable and Ubiquitous Technologies , 2018 , 2 ( 4 ): 1 - 27 .

TAN H Z , ZHAO W , SHEN H H . A context-perceptual privacy protection approach on Android devices [C ] // 2018 IEEE International Conference on Communications . Piscataway:IEEE Press , 2018 : 1 - 7 .

JUNG J , SHETH A , GREENSTEIN B , et al . Privacy oracle:a system for finding application leaks with black box differential testing [C ] // Proceedings of the 15th ACM Conference on Computer and Communications Security . New York:ACM Press , 2008 : 279 - 288 .

CONTINELLA A , FRATANTONIO Y , LINDORFER M , et al . Obfuscation-resilient privacy leak detection for mobile Apps through differential analysis [C ] // Network and Distributed System Security Symposium . Virginia:the Internet Society , 2017 : 1 - 15 .

LIU Y , LIAO L , SONG T J S C I S . Static tainting extraction approach based on information flow graph for personally identifiable information [J ] . Science China Information Sciences , 2020 , 63 ( 3 ): 1 - 17 .

ZHANG F , HE W , CHEN Y , et al . Thwarting Wi-Fi side-channel analysis through traffic demultiplexing [J ] . IEEE Transactions on Wireless Communications , 2014 , 13 ( 1 ): 86 - 98 .

ATKINSON J S , MITCHELL J E , RIO M , et al . Your Wi-Fi is leaking:what do your mobile Apps gossip about you? [J ] . Future Generation Computer Systems-the International Journal of Escience , 2018 , 80 : 546 - 557 .

CHENG Z , CHEN X , ZHANG Y , et al . Detecting information theft based on mobile network flows for android users [C ] // 2017 International Conference on Networking,Architecture,and Storage (NAS) . Piscataway:IEEE Press , 2017 : 1 - 10 .

ACETO G , CIUONZO D , MONTIERI A , et al . Mobile encrypted traffic classification using deep learning:experimental evaluation,lessons learned,and challenges [J ] . IEEE Transactions on Network and Service Management , 2019 , 16 ( 2 ): 445 - 458 .

LIU J , FU Y , MING J , et al . Effective and real-time in-App activity analysis in encrypted internet traffic streams [C ] // Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining . New York:ACM Press , 2017 : 335 - 344 .

FU Y , XIONG H , LU X , et al . Service usage classification with encrypted internet traffic in mobile messaging Apps [J ] . IEEE Transactions on Mobile Computing , 2016 , 15 ( 11 ): 2851 - 2864 .

ZHANG Q , XU M , ZHENG N , et al . Identifying WeChat message types without using traditional traffic [J ] . Information , 2020 , 11 ( 1 ): 18 .

PAPADOGIANNAKI E , HALEVIDIS C , AKRITIDIS P , et al . OTTer:a scalable high-resolution encrypted traffic identification engine [C ] // International Symposium on Research in Attacks,Intrusions,and Defenses . Berlin:Springer , 2018 : 315 - 334 .

FU Y , LIU J , LI X , et al . Service usage analysis in mobile messaging apps:a multi-label multi-view perspective [C ] // 2016 IEEE 16th International Conference on Data Mining . Piscataway:IEEE Press , 2016 : 877 - 882 .

FU Y J , LIU J M , LI X L , et al . A multi-label multi-view learning framework for in-App service usage analysis [J ] . ACM Transactions on Intelligent Systems and Technology , 2018 , 9 ( 4 ): 40 .

PARK K , KIM H . Encryption is not enough:inferring user activities on Kakaotalk with traffic analysis [C ] // Workshop on Information Security Applications . Berlin:Springer , 2015 : 254 - 265 .

CONTI M , MANCINI L V , SPOLAOR R , et al . Analyzing android encrypted network traffic to identify user actions [J ] . IEEE Transactions on Information Forensics and Security , 2016 , 11 ( 1 ): 114 - 125 .

SALTAFORMAGGIO B , CHOI H , JOHNSON K , et al . Eavesdropping on fine-grained user activities within smartphone Apps over encrypted network traffic [C ] // 10th USENIX Workshop on Offensive Technologies . Berkeley:USENIX Association , 2016 : 69 - 78 .

SAPIO A , LIAO Y , BALDI M , et al . Per-user policy enforcement on mobile Apps through network functions virtualization [C ] // Proceedings of the 9th ACM workshop on Mobility in the evolving internet architecture . New York:ACM Press , 2014 : 37 - 42 .

TONGAONKAR A , DAI S , NUCCI A , et al . Understanding mobile App usage patterns using in-App advertisements [C ] // International Conference on Passive and Active Network Measurement . Berlin:Springer , 2013 : 63 - 72 .

LI K , LI H , ZHU H S , et al . Side-channel information leakage of traffic data in instant messaging [C ] // 2019 IEEE 38th International Performance Computing and Communications Conference . Piscataway:IEEE Press , 2019 :doi.org/ 10.1109/ IPCCC47392.2019.8958775.

DYER K P , COULL S E , RISTENPART T , et al . Peek-a-Boo,I still see you:why efficient traffic analysis countermeasures fail [C ] // 2012 IEEE Symposium on Security and Privacy . Piscataway:IEEE Press , 2012 : 332 - 346 .

HOU C , SHI J , KANG C , et al . Classifying user activities in the encrypted WeChat traffic [C ] // 2018 IEEE 37th International Performance Computing and Communications Conference . Piscataway:IEEE Press , 2018 : 1 - 8 .

PATHMAPERUMA M H , RAHULAMATHAVAN Y , DOGAN S , et al . In-App activity recognition from Wi-Fi encrypted traffic [C ] // Science and Information Conference . Berlin:Springer , 2020 : 685 - 697 .

YAN F , XU M , QIAO T , et al . Identifying WeChat red packets and fund transfers via analyzing encrypted network traffic [C ] // 2018 17th IEEE International Conference On Trust,Security and Privacy in Computing and Communications/ 12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE) . Piscataway:IEEE Press , 2018 : 1426 - 1432 .

WANG Y , ZHENG N , XU M , et al . Hierarchical identifier:application to user privacy eavesdropping on mobile payment App [J ] . Sensors (Basel) ， 2019 :doi.org/10.3390/s19143052.

AIOLLI F , CONTI M , GANGWAL A , et al . Mind your wallet’s privacy:identifying Bitcoin wallet Apps and user’s actions through network traffic analysis [C ] // Proceedings of the 34th ACM/SIGApp Symposium on Applied Computing . New York:ACM Press , 2019 : 1484 - 1491 .

NAIK M , BHATIA A , TIWARI K . I know who you are:a learning framework to profile smartphone users [C ] // 2020 International Conference on Communication Systems ＆ Networks . Piscataway:IEEE Press , 2020 : 555 - 558 .

MOORE A , ZUEV D , CROGAN M . Discriminators for use in flow-based classification [R ] .(2005-08)[2020-07-14 ] .

LI D , LI W , WANG X , et al . ActiveTracker:uncovering the trajectory of App activities over encrypted internet traffic streams [C ] // 2019 16th Annual IEEE International Conference on Sensing,Communication,and Networking . Piscataway:IEEE Press , 2019 : 1 - 9 .

HOU T , WANG T , LU Z , et al . Smart spying via deep learning:inferring your activities from encrypted wireless traffic [C ] // IEEE Global Conference on Signal and Information Processing . Piscataway:IEEE Press , 2019 :doi.org/ 10.1109/GlobalSIP45357.2019.8969428.

ALAN H F , KAUR J . Can Android applications be identified using only TCP/IP headers of their launch time traffic? [C ] // ACM Conference on Security ＆ Privacy in Wireless ＆ Mobile Networks . New York:ACM Press , 2016 : 61 - 66 .

GROLMAN E , FINKELSHTEIN A , PUZIS R , et al . Transfer learning for user action identication in mobile Apps via encrypted trafc analysis [J ] . IEEE Intelligent Systems , 2018 , 33 ( 2 ): 40 - 53 .

WU H , WU Q , CHENG G , et al . Instagram user behavior identification based on multidimensional features [C ] // IEEE INFOCOM 2020-IEEE Conference on Computer Communications Workshops . Piscataway:IEEE Press , 2020 : 1111 - 1116 .

浏览量

862

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于多方计算的安全拜占庭弹性联邦学习

基于改进马尔可夫链的高效域名生成算法

基于加性秘密共享的洗牌协议的设计

基于秘密共享的轻量级隐私保护ViT推理框架

基于函数加密的密文卷积神经网络模型