ReCon: Revealing and Controlling PII Leaks in Mobile Network Traffic

Abstract : It is well known that apps running on mobile devices extensively track and leak users' personally identifiable information (PII); however, these users have little visibility into PII leaked through the network traffic generated by their devices, and have poor control over how, when and where that traffic is sent and handled by third parties. In this paper, we present the design, implementation, and evaluation of ReCon: a cross-platform system that reveals PII leaks and gives users control over them without requiring any special privileges or custom OSes. ReCon leverages machine learning to reveal potential PII leaks by inspecting network traffic, and provides a visualization tool to empower users with the ability to control these leaks via blocking or substitution of PII. We evaluate ReCon's effectiveness with measurements from controlled experiments using leaks from the 100 most popular iOS, Android, and Windows Phone apps, and via an IRB-approved user study with 92 participants. We show that ReCon is accurate, efficient, and identifies a wider range of PII than previous approaches.
Type de document :
Communication dans un congrès
Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services, Jun 2016, Singapore, Singapore. ACM, MobiSys '16, pp.361 - 374, 2016, 〈10.1145/2906388.2906392〉
Liste complète des métadonnées

Littérature citée [49 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01386899
Contributeur : Arnaud Legout <>
Soumis le : lundi 24 octobre 2016 - 18:10:51
Dernière modification le : jeudi 11 janvier 2018 - 16:48:48

Fichier

recon-mobisys2016.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Collections

Citation

Jingjing Ren, Ashwin Rao, Martina Lindorfer, Arnaud Legout, David Choffnes. ReCon: Revealing and Controlling PII Leaks in Mobile Network Traffic. Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services, Jun 2016, Singapore, Singapore. ACM, MobiSys '16, pp.361 - 374, 2016, 〈10.1145/2906388.2906392〉. 〈hal-01386899〉

Partager

Métriques

Consultations de la notice

220

Téléchargements de fichiers

188