Mobile apps are known to be rich sources for gathering privacy-sensitive information about smartphone users.Despite the presence of encryption,passive network adversaries who have access to the network infrastructure ...Mobile apps are known to be rich sources for gathering privacy-sensitive information about smartphone users.Despite the presence of encryption,passive network adversaries who have access to the network infrastructure can eavesdrop on the traffic and therefore fingerprint a user’s app by means of packet-level traffic analysis.Since it is difficult to prevent the adversaries from accessing the network,providing secrecy in hostile environments becomes a serious concern.In this study,we propose AdaptiveMutate,a privacy-leak thwarting technique to defend against the statistical traffic analysis of apps.First,we present a method for the identification of mobile apps using traffic analysis.Further,we propose a confusion system in which we obfuscate packet lengths,and/or inter-arrival time information leaked by the mobile traffic to make it hard for intruders to differentiate between the altered app traffic and the actual one using statistical analysis.Our aim is to shape one class of app traffic to obscure its features with the minimum overhead.Our system strives to dynamically maximize its efficiency by matching each app with the corresponding most dissimilar app.Also,AdaptiveMutate has an adaptive capability that allows it to choose the most suitable feature to mutate,depending on the type of apps analyzed and the classifier used,if known.We evaluate the efficiency of our model by conducting a comprehensive simulation analysis that mutates different apps to each other using AdaptiveMutate.We conclude that our algorithm is most efficient when we mutate a feature of one app to its most dissimilar one in another app.When applying the identification technique,we achieve a classification accuracy of 91.1%.Then,using our obfuscation technique,we are able to reduce this accuracy to 7%.Also,we test our algorithm against a recently published approach for mobile apps classification and we are able to reduce its accuracy from 94.8%to 17.9%.Additionally,we analyze the tradeoff between the shaping cost and traffic privacy protection,specifically,the associated overhead and the feasibility for real-time implementation.展开更多
The Poisson process is a stochastic process that models many real-world phenomena. We present the definition of the Poisson process and discuss some facts as well as some related probability distributions. Finally, we...The Poisson process is a stochastic process that models many real-world phenomena. We present the definition of the Poisson process and discuss some facts as well as some related probability distributions. Finally, we give some new applications of the process.展开更多
Classification of network traffic using port-based or payload-based analysis is becoming increasingly difficult when many applications use dynamic port numbers, masquerading techniques, and encryption to avoid detecti...Classification of network traffic using port-based or payload-based analysis is becoming increasingly difficult when many applications use dynamic port numbers, masquerading techniques, and encryption to avoid detection. In this article, an approach is presented for online traffic classification relying on the observation of the first n packets of a transmission control protocol (TCP) connection. Its key idea is to utilize the properties of the observed first ten packets of a TCP connection and Bayesian network method to build a classifier. This classifier can classify TCP flows dynamically as packets pass through it by deciding whether a TCP flow belongs to a given application. The experimental results show that the proposed approach performs well in online Internet traffic classification and that it is superior to naive Bayesian method.展开更多
文摘Mobile apps are known to be rich sources for gathering privacy-sensitive information about smartphone users.Despite the presence of encryption,passive network adversaries who have access to the network infrastructure can eavesdrop on the traffic and therefore fingerprint a user’s app by means of packet-level traffic analysis.Since it is difficult to prevent the adversaries from accessing the network,providing secrecy in hostile environments becomes a serious concern.In this study,we propose AdaptiveMutate,a privacy-leak thwarting technique to defend against the statistical traffic analysis of apps.First,we present a method for the identification of mobile apps using traffic analysis.Further,we propose a confusion system in which we obfuscate packet lengths,and/or inter-arrival time information leaked by the mobile traffic to make it hard for intruders to differentiate between the altered app traffic and the actual one using statistical analysis.Our aim is to shape one class of app traffic to obscure its features with the minimum overhead.Our system strives to dynamically maximize its efficiency by matching each app with the corresponding most dissimilar app.Also,AdaptiveMutate has an adaptive capability that allows it to choose the most suitable feature to mutate,depending on the type of apps analyzed and the classifier used,if known.We evaluate the efficiency of our model by conducting a comprehensive simulation analysis that mutates different apps to each other using AdaptiveMutate.We conclude that our algorithm is most efficient when we mutate a feature of one app to its most dissimilar one in another app.When applying the identification technique,we achieve a classification accuracy of 91.1%.Then,using our obfuscation technique,we are able to reduce this accuracy to 7%.Also,we test our algorithm against a recently published approach for mobile apps classification and we are able to reduce its accuracy from 94.8%to 17.9%.Additionally,we analyze the tradeoff between the shaping cost and traffic privacy protection,specifically,the associated overhead and the feasibility for real-time implementation.
文摘The Poisson process is a stochastic process that models many real-world phenomena. We present the definition of the Poisson process and discuss some facts as well as some related probability distributions. Finally, we give some new applications of the process.
基金supported by the National Basic Research Program of China(2007CB310705)the Hi-Tech Research and Development Program of China(2007AA01Z255)+2 种基金the National Natural Science Foundation of China(60711140087)PCSIRT(IRT0609)ISTCP(2006DFA 11040) of China
文摘Classification of network traffic using port-based or payload-based analysis is becoming increasingly difficult when many applications use dynamic port numbers, masquerading techniques, and encryption to avoid detection. In this article, an approach is presented for online traffic classification relying on the observation of the first n packets of a transmission control protocol (TCP) connection. Its key idea is to utilize the properties of the observed first ten packets of a TCP connection and Bayesian network method to build a classifier. This classifier can classify TCP flows dynamically as packets pass through it by deciding whether a TCP flow belongs to a given application. The experimental results show that the proposed approach performs well in online Internet traffic classification and that it is superior to naive Bayesian method.
