The mobile ecosystem has become an attractive target for various types of abuses. For instance, many mobile applications leak sensitive user information, such as email addresses and location, which is a privacy issue. Second, attackers routinely disguise malware in seemingly legitimate mobile apps to launch attacks, which poses security threats. Third, many mobile apps and sites push intrusive und undesirable ads, such as auto-play and pop-ups, which harm usability. The objective of this project is to defend against these abuses in the mobile ecosystem through real-time on-device filtering of network traffic on a mobile device.
The project performs multi-layer network traffic analysis with help of machine learning. It extracts features and trains learning models to produce filtering rules, which can be applied on the device. Filtering on the mobile device is particularly challenging due to limited resources, lack of visibility into packet payload, and potential collateral damage on the affected apps. The filtering approach used is envisioned as universal (i.e., applicable across all apps), automated (compared to the current practice of manually maintained privacy related data), adaptive (to the ever-changing threats), and user-centric (i.e., customized per user) while leveraging collaboration among users. The general framework will be validate in three case studies against the following abuse scenarios in the mobile ecosystem: (i) intrusive ads (ii) privacy leaks (iii) malvertising. This project is excepted to enhance the usability, privacy, and security of the mobile ecosystem and will inform policies and practices on mobile data transparency.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
