Jingjing Ren
David Choffnes
ABSTRACT
It is well known that apps running on mobile devices extensively track and leak users' personally identifiable information (PII); however, these users have little visibility into PII leaked through the network traffic generated by their devices, and have poor control over how, when and where that traffic is sent and handled by third parties. In this paper, we present the design, implementation, and evaluation of ReCon: a cross-platform system that reveals PII leaks and gives users control over them without requiring any special privileges or custom OSes. ReCon leverages machine learning to reveal potential PII leaks by inspecting network traffic, and provides a visualization tool to empower users with the ability to control these leaks via blocking or substitution of PII. We evaluate ReCon's effectiveness with measurements from controlled experiments using leaks from the 100 most popular iOS, Android, and Windows Phone apps, and via an IRB-approved user study with 92 participants. We show that ReCon is accurate, efficient, and identifies a wider range of PII than previous approaches.
- Ad blocking with ad server hostnames and ip addresses. http://pgl.yoyo.org/adservers/.Google Scholar
- App Annie App Store Stats. http://www.appannie.com/.Google Scholar
- AppsApk.com. http://www.appsapk.com/.Google Scholar
- AwaZza. http://www.awazza.com/web/.Google Scholar
- Bro: a System for Detecting Network Intruders in Real-Time. https://www.bro.org.Google Scholar
- Epocrates upgrade message. https://www.epocrates.com/support/upgrade/message-full.Google Scholar
- Lightbeam for Firefox. http://www.mozilla.org/en-US/lightbeam/.Google Scholar
- Meddle IRB consent form. https://docs.google.com/forms/d/1Y-xNg7cJxRnlTjH_56KUcKB_6naTfRLqQlcZmHtn5IY/viewform.Google Scholar
- SSLsplit - transparent and scalable SSL/TLS interception. http://www.roe.ch/SSLsplit.Google Scholar
- Tcpdump. http://www.tcpdump.org/.Google Scholar
- UI/Application Exerciser Monkey. https://developer.android.com/tools/help/monkey.html.Google Scholar
- Y. Agarwal and M. Hall. ProtectMyPrivacy: Detecting and Mitigating Privacy Leaks on iOS Devices Using Crowdsourcing. In Proc. of MobiSys, 2013. Google ScholarDigital Library
- S. Arzt, S. Rasthofer, C. Fritz, E. Bodden, A. Bartel, J. Klein, Y. Le Traon, D. Octeau, and P. McDaniel. FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps. In Proc. of PLDI, 2014. Google ScholarDigital Library
- T. Azim and I. Neamtiu. Targeted and Depth-first Exploration for Systematic Testing of Android Apps. In Proc. of OOPSLA, 2013. Google ScholarDigital Library
- R. Balebako, J. Jung, W. Lu, L. F. Cranor, and C. Nguyen. "Little Brothers Watching You:" Raising Awareness of Data Leaks on Smartphones. In Proc. of SOUPS, 2013. Google ScholarDigital Library
- J. Bell and G. Kaiser. Phosphor: Illuminating Dynamic Data Flow in Commodity JVMs. In Proc. of OOPSLA, 2014. Google ScholarDigital Library
- T. Book and D. S. Wallach. A Case of Collusion: A Study of the Interface Between Ad Libraries and Their Apps. In Proc. of ACM SPSM, 2013. Google ScholarDigital Library
- Y. Cao, Y. Fratantonio, A. Bianchi, M. Egele, C. Kruegel, G. Vigna, and Y. Chen. EdgeMiner: Automatically Detecting Implicit Control Flow Transitions through the Android Framework. In Proc. of NDSS, 2015.Google ScholarCross Ref
- X. Chen and S. Zhu. DroidJust: Automated Functionality-aware Privacy Leakage Analysis for Android Applications. In Proc. of WiSec, 2015. Google ScholarDigital Library
- S. R. Choudhary, A. Gorla, and A. Orso. Automated Test Input Generation for Android: Are We There Yet? In Proc. of the IEEE/ACM International Conference on Automated Software Engineering (ASE), 2015.Google ScholarDigital Library
- S. Consolvo, J. Jung, B. Greenstein, P. Powledge, G. Maganis, and D. Avrahami. The Wi-Fi Privacy Ticker: Improving Awareness & Control of Personal Information Exposure on Wi-Fi. In Proc. of UbiComp, 2010. Google ScholarDigital Library
- J. Crussell, R. Stevens, and H. Chen. MAdFraud: Investigating Ad Fraud in Android Applications. In Proc. of MobiSys, pages 123--134. ACM, 2014. Google ScholarDigital Library
- M. Egele, C. Kruegel, E. Kirda, and G. Vigna. PiOS: Detecting Privacy Leaks in iOS Applications. In Proc. of NDSS, 2011.Google Scholar
- W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. In Proc. of USENIX OSDI, 2010. Google ScholarDigital Library
- C. Gibler, J. Crussell, J. Erickson, and H. Chen. AndroidLeaks: Automatically Detecting Potential Privacy Leaks in Android Applications on a Large Scale. In Proc. of TRUST, 2012. Google ScholarDigital Library
- P. Gill, V. Erramilli, A. Chaintreau, B. Krishnamurthy, D. Papagiannaki, and P. Rodriguez. Follow the Money: Understanding Economics of Online Aggregation and Advertising. In Proc. of IMC, 2013. Google ScholarDigital Library
- M. C. Grace, W. Zhou, X. Jiang, and A.-R. Sadeghi. Unsafe Exposure Analysis of Mobile In-app Advertisements. In Proc. of WiSec, 2012. Google ScholarDigital Library
- M. Hall, E. Frank, G. Holmes, B. Pfahringer, P. Reutemann, and I. H. Witten. The WEKA Data Mining Software: An Update. ACM SIGKDD Explorations Newsletter, 11(1):10--18, 2009. Google ScholarDigital Library
- S. Han, J. Jung, and D. Wetherall. A Study of Third-Party Tracking by Mobile Apps in the Wild. Technical Report UW-CSE-12-03-01, University of Washington, 2012.Google Scholar
- S. Hao, B. Liu, S. Nath, W. G. Halfond, and R. Govindan. PUMA: Programmable UI-automation for Large-scale Dynamic Analysis of Mobile Apps. In Proc. of MobiSys, 2014. Google ScholarDigital Library
- S. Hao, B. Liu, S. Nath, W. G. Halfond, and R. Govindan. PUMA: Programmable UI-Automation for Large-Scale Dynamic Analysis of Mobile Apps. In Proc. of MobiSys, 2014. Google ScholarDigital Library
- Z. Harris. Distributional structure. Word, 10(23):146--162, 1954.Google ScholarCross Ref
- R. Herbster, S. DellaTorre, P. Druschel, and B. Bhattacharjee. Privacy capsules: Preventing information leaks by mobile apps. In Proc. of MobiSys, 2016. Google ScholarDigital Library
- P. Hornyack, S. Han, J. Jung, S. Schechter, and D. Wetherall. "These Aren't the Droids You're Looking For": Retrofitting Android to Protect Data from Imperious Applications. In Proc. of ACM CCS, 2011. Google ScholarDigital Library
- M. Huber, M. Mulazzani, S. Schrittwieser, and E. Weippl. Appinspect: Large-scale Evaluation of Social Networking Apps. In Proc. of ACM COSN, 2013. Google ScholarDigital Library
- S. Jagabathula, L. Subramanian, and A. Venkataraman. Reputation-based worker filtering in crowdsourcing. In Advances in Neural Information Processing Systems, pages 2492--2500, 2014.Google Scholar
- J. Jeon, K. K. Micinski, and J. S. Foster. SymDroid: Symbolic Execution for Dalvik Bytecode. Technical Report CS-TR-5022, University of Maryland, College Park, 2012.Google Scholar
- C. Johnson, III. US Office of Management and Budget Memorandum M-07-16. http://www.whitehouse.gov/sites/default/files/omb/memoranda/fy2007/m07--16.pdf, May 2007.Google Scholar
- J. Kim, Y. Yoon, K. Yi, and J. Shin. SCANDAL: Static Analyzer for Detecting Privacy Leaks in Android Applications. In Proc. of MoST, 2012.Google Scholar
- H. King. No. 1 paid app on iTunes taken down by developer. http://money.cnn.com/2015/09/18/technology/peace-ad-blocking-app-pulled/index.html, September 2015.Google Scholar
- B. Krishnamurthy and C. Wills. Privacy Diffusion on the Web: A Longitudinal Perspective. In Proc. of ACM WWW, 2009. Google ScholarDigital Library
- A. Le, J. Varmarken, S. Langhoff, A. Shuba, M. Gjoka, and A. Markopoulou. AntMonitor: A system for monitoring from mobile devices. In Proc. of Wrokshop on Crowdsourcing and Crowdsharing of Big (Internet) Data, 2015. Google ScholarDigital Library
- I. Leontiadis, C. Efstratiou, M. Picone, and C. Mascolo. Don't kill my ads! Balancing Privacy in an Ad-Supported Mobile Application Market. In Proc. of ACM HotMobile, 2012. Google ScholarDigital Library
- M. Lindorfer, M. Neugschwandtner, L. Weichselbaum, Y. Fratantonio, V. van der Veen, and C. Platzer. Andrubis - 1,000,000 Apps Later: A View on Current Android Malware Behaviors. In Proc. of BADGERS, 2014. Google ScholarDigital Library
- Y. Liu, H. H. Song, I. Bermudez, A. Mislove, M. Baldi, and A. Tongaonkar. Identifying personal information in internet traffic. In Proceedings of the 3rd ACM Conference on Online Social Networks (COSN'15), Palo Alto, CA, November 2015. Google ScholarDigital Library
- L. Lu, Z. Li, Z. Wu, W. Lee, and G. Jiang. CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities. In Proc. of ACM CCS, 2012. Google ScholarDigital Library
- A. Machiry, R. Tahiliani, and M. Naik. Dynodroid: An Input Generation System for Android Apps. In Proc. of the Joint Meeting on Foundations of Software Engineering (ESEC/FSE), 2013. Google ScholarDigital Library
- D. Naylor, K. Schomp, M. Varvello, I. Leontiadis, J. Blackburn, D. R. López, K. Papagiannaki, P. Rodriguez Rodriguez, and P. Steenkiste. Multi-context TLS (mcTLS): Enabling secure in-network functionality in TLS. In Proc. of ACM SIGCOMM, 2015. Google ScholarDigital Library
- A. Rao, A. M. Kakhki, A. Razaghpanah, A. Tang, S. Wang, J. Sherry, P. Gill, A. Krishnamurthy, A. Legout, A. Mislove, and D. Choffnes. Using the Middle to Meddle with Mobile. Technical report, Northeastern University, 2013.Google Scholar
- V. Rastogi, Z. Qu, J. McClurg, Y. Cao, Y. Chen, W. Zhu, and W. Chen. Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android (to appear). In Proc. of SecureComm, 2015.Google ScholarCross Ref
- A. Razaghpanah, N. Vallina-Rodriguez, S. Sundaresan, C. Kreibich, P. Gill, M. Allman, and V. Paxson. Haystack: In Situ Mobile Traffic Analysis in User Space. arXiv preprint arXiv:1510.01419, 2015.Google Scholar
- J. Ren, A. Rao, M. Lindorfer, A. Legout, and D. R. Choffnes. ReCon: Revealing and controlling privacy leaks in mobile network traffic. CoRR, abs/1507.00255, 2015.Google Scholar
- F. Roesner, T. Kohno, and D. Wetherall. Detecting and Defending Against Third-Party Tracking on the Web. Proc. of USENIX NSDI, 2012. Google ScholarDigital Library
- Sandvine. Global Internet Phenomena Report. https://www.sandvine.com/downloads/general/global-internet-phenomena/2014/1h-2014-global-internet- phenomena-report.pdf, 1H 2014.Google Scholar
- J. Sherry, C. Lan, R. A. Popa, and S. Ratnasamy. BlindBox: Deep packet inspection over encrypted traffic. In Proc. of ACM SIGCOMM, 2015. Google ScholarDigital Library
- Y. Song and U. Hengartner. PrivacyGuard: A VPN-based Platform to Detect Information Leakage on Android Devices (to appear). In Proc. of ACM SPSM, 2015. Google ScholarDigital Library
- The Wall Street Journal. What They Know - Mobile. http://blogs.wsj.com/wtk-mobile/, December 2010.Google Scholar
- N. Vallina-Rodriguez, J. Shah, A. Finamore, H. Haddadi, Y. Grunenberger, K. Papagiannaki, and J. Crowcroft. Breaking for Commercials: Characterizing Mobile Advertising. In Proc. of IMC, 2012. Google ScholarDigital Library
- M. Xia, L. Gong, Y. Lyu, Z. Qi, and X. Liu. Effective Real-time Android Application Auditing. In IEEE Symposium on Security and Privacy, 2015. Google ScholarDigital Library
- N. Xia, H. H. Song, Y. Liao, M. Iliofotou, A. Nucci, Z.-L. Zhang, and A. Kuzmanovic. Mosaic: Quantifying Privacy Leakage in Mobile Networks. In Proc. of ACM SIGCOMM, 2013. Google ScholarDigital Library
- L. K. Yan and H. Yin. DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis. In Proc. of USENIX Security, 2012. Google ScholarDigital Library
- Z. Yang, M. Yang, Y. Zhang, G. Gu, P. Ning, and X. S. Wang. AppIntent: Analyzing Sensitive Data Transmission in Android for Privacy Leakage Detection. In Proc. of ACM CCS, 2013. Google ScholarDigital Library
- Y. Zhang, M. Yang, B. Xu, Z. Yang, G. Gu, P. Ning, X. S. Wang, and B. Zang. Vetting undesirable behaviors in Android apps with permission use analysis. In Proc. of ACM CCS, 2013. Google ScholarDigital Library
- Y. Zhauniarovich, M. Ahmad, O. Gadyatskaya, B. Crispo, and F. Massacci. StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications. In Proc. of ACM CODASPY, 2015. Google ScholarDigital Library
Index Terms
- ReCon: Revealing and Controlling PII Leaks in Mobile Network Traffic
Recommendations
An Explorative Study of the Mobile App Ecosystem from App Developers' Perspective
WWW '17: Proceedings of the 26th International Conference on World Wide WebWith the prevalence of smartphones, app markets such as Apple App Store and Google Play has become the center stage in the mobile app ecosystem, with millions of apps developed by tens of thousands of app developers in each major market. This paper ...
A lightweight user tracking method for app providers
CF '16: Proceedings of the ACM International Conference on Computing FrontiersSince 2013, Google and Apple no longer allow app providers to use the persistent device identifiers (Android ID and UDID) for user tracking on mobile devices. Other tracking options provoke either severe privacy concerns, need additional hardware or are ...
Comments