The Dark Side(-Channel) of Mobile Devices: A Survey on Network Traffic Analysis

In recent years, mobile devices (e.g., smartphones and tablets) have met an increasing commercial success and have become a fundamental element of the everyday life for billions of people all around the world. Mobile devices are used not only for traditional communication activities (e.g., voice calls and messages) but also for more advanced tasks made possible by an enormous amount of multi-purpose applications (e.g., finance, gaming, and shopping). As a result, those devices generate a significant network traffic (a consistent part of the overall Internet traffic). For this reason, the research community has been investigating security and privacy issues that are related to the network traffic generated by mobile devices, which could be analyzed to obtain information useful for a variety of goals (ranging from device security and network optimization, to fine-grained user profiling). In this paper, we review the works that contributed to the state of the art of network traffic analysis targeting mobile devices. In particular, we present a systematic classification of the works in the literature according to three criteria: (i) the goal of the analysis; (ii) the point where the network traffic is captured; and (iii) the targeted mobile platforms. In this survey, we consider points of capturing such as Wi-Fi Access Points, software simulation, and inside real mobile devices or emulators. For the surveyed works, we review and compare analysis techniques, validation methods, and achieved results. We also discuss possible countermeasures, challenges and possible directions for future research on mobile traffic analysis and other emerging domains (e.g., Internet of Things). We believe our survey will be a reference work for researchers and practitioners in this research field.Comment: 55 page

Regulating and Securing the Interfaces Across Mobile Apps, OS and Users

Over the past decade, we have seen a swift move towards a mobile-centered world. This thriving mobile ecosystem builds upon the interplay of three important parties: the mobile user, OS, and app. These parties interact via designated interfaces many of which are newly invented for, or introduced to the mobile platform. Nevertheless, as these new ways of interactions arise in the mobile ecosystem, what is enabled by these communication interfaces often violates the expectations of the communicating parties. This makes the foundation of the mobile ecosystem untrustworthy, causing significant security and privacy hazards. This dissertation aims to fill this gap by: 1) securing the conversations between trusted parties, 2) regulating the interactions between partially trusted parties, and 3) protecting the communications between untrusted parties. We first deal with the case of mobile OS and app, and analyze the Inter-Process Communication (IPC) protocol (Android Binder in particular) between these two untrusted parties. We found that the Android OS is frequently making unrealistic assumptions on the validity (sanity) of transactions from apps, thus creating significant security hazards. We analyzed the root cause of this emerging attack surface and protected this interface by developing an effective, precautionary testing framework and a runtime diagnostic tool. Then, we study the deficiency of how a mobile user interacts with an app that he can only partially trust. In the current mobile ecosystem, information about the same user in different apps can be easily shared and aggregated, which clearly violates the conditional trust mobile user has on each app. This issue is addressed by providing two complementary options: an OS-level extension that allows the user to track and control, during runtime, the potential flow of his information across apps; and a user-level solution that allows the users to maintain multiple isolated profiles for each app. Finally, we elaborate on how to secure the voice interaction channel between two trusted parties, mobile user and OS. The open nature of the voice channel makes applications that depend on voice interactions, such as voice assistants, difficult to secure and exposed to various attacks. We solve this problem by proposing the first system, called VAuth, that provides continuous and usable authentication for voice commands, designed as a wearable security token. It collects the body-surface vibrations of a user via an accelerometer and continuously matches them to the voice commands received by the voice assistant. This way, VAuth guarantees that the voice assistant executes only the commands that originate from the voice of the owner. Overall, this thesis examined the privacy and security issues across various interfaces in the mobile ecosystem, analyzed the trust relationship between different parties and proposed practical solutions. It also documented the experience learned from tackling these problems, and can serve as a reference in dealing with similar issues in other domains.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/137033/1/huanfeng_1.pd

Human-Computer Interaction: Security Aspects

Along with the rapid development of intelligent information age, users are having a growing interaction with smart devices. Such smart devices are interconnected together in the Internet of Things (IoT). The sensors of IoT devices collect information about users' behaviors from the interaction between users and devices. Since users interact with IoT smart devices for the daily communication and social network activities, such interaction generates a huge amount of network traffic. Hence, users' behaviors are playing an important role in the security of IoT smart devices, and the security aspects of Human-Computer Interaction are becoming significant. In this dissertation, we provide a threefold contribution: (1) we review security challenges of HCI-based authentication, and design a tool to detect deceitful users via keystroke dynamics; (2) we present the impact of users' behaviors on network traffic, and propose a framework to manage such network traffic; (3) we illustrate a proposal for energy-constrained IoT smart devices to be resilient against energy attack and efficient in network communication. More in detail, in the first part of this thesis, we investigate how users' behaviors impact on the way they interact with a device. Then we review the work related to security challenges of HCI-based authentication on smartphones, and Brain-Computer Interfaces (BCI). Moreover, we design a tool to assess the truthfulness of the information that users input using a computer keyboard. This tool is based on keystroke dynamics and it relies on machine learning technique to achieve this goal. To the best of our knowledge, this is the first work that associates the typing users' behaviors with the production of deceptive personal information. We reached an overall accuracy of 76% in the classification of a single answer as truthful or deceptive. In the second part of this thesis, we review the analysis of network traffic, especially related to the interaction between mobile devices and users. Since the interaction generates a huge amount of network traffic, we propose an innovative framework, GolfEngine, to manage and control the impact of users behavior on the network relying on Software Defined Networking (SDN) techniques. GolfEngine provides users a tool to build their security applications and offers Graphical User Interface (GUI) for managing and monitoring the network. In particular, GolfEngine provides the function of checking policy conflicts when users design security applications and the mechanism to check data storage redundancy. GolfEngine not only prevents the malicious inputting policies but also it enforces the security about network management of network traffic. The results of our simulation underline that GolfEngine provides an efficient, secure, and robust performance for managing network traffic via SDN. In the third and last part of this dissertation, we analyze the security aspects of battery-equipped IoT devices from the energy consumption perspective. Although most of the energy consumption of IoT devices is due to user interaction, there is still a significant amount of energy consumed by point-to-point communication and IoT network management. In this scenario, an adversary may hijack an IoT device and conduct a Denial of Service attack (DoS) that aims to run out batteries of other devices. Therefore, we propose EnergIoT, a novel method based on energetic policies that prevent such attacks and, at the same time, optimizes the communication between users and IoT devices, and extends the lifetime of the network. EnergIoT relies on a hierarchical clustering approach, based on different duty cycle ratios, to maximize network lifetime of energy-constrained smart devices. The results show that EnergIoT enhances the security and improves the network lifetime by 32%, compared to the earlier used approach, without sacrificing the network performance (i.e., end-to-end delay)

The Counter-testimony of the Maker

The chapter begins with the question of critique, mainly how and why does one critique but more importantly why does no one critique effectively anymore. Such is a sentiment echoed by Bruno Latour in the paper Why has Critique Run out of Steam? He states: “It does not seem to me that we have been as quick, in academia, to prepare ourselves for new threats, new dangers, new tasks, new targets. Are we not like those mechanical toys that endlessly make the same gesture when everything else has changed around them?”(Latour, 2004:225). According to Latour, the absence of principles is to blame. As he puts it, critique has battered through all claims to a ground and the lack of a sure ground argument has backfired. The result is that there isn’t even a sure ground for criticism. Without a ground, it’s hard to differentiate a rigorous critical claim from a conspiracy theory. That’s why conspiracy theory books are best sellers. Latour mourns the death of critique. In its remnants lies a whole industry denying the Apollo program. My claim is that the absence of principles transforms critique into an issue around the strength of evidence and the credibility of the testimony. Effective critique is synonymous with a counter-testimony of a reliable witness. A witness is someone who is present at the time of an event, often a crime, and is able to testify before the law. They are able to give direct evidence in relation to the events. However, they often rely on foggy memories and blurred vision. It is not too difficult for the defence or prosecution to put the reliability or credibility of the witness in doubt. Here is where the role of making comes into play. More often than not, in the post-critical age, a testimony, or counter-testimony, is not simply uttered but is rather constructed. Latour is the first to admit that a critique has to be made. As such the eyewitness is no longer a person but a photograph, a video or other forms of surveillance. Juries are more decisive when they are presented with the facts, the evidence, more often submitted as objects as opposed to a fuzzy testimony of a witness. Critique, or counter-testimony, is a material process enabled by infrastructure. Is a practice-based question of physics, chemistry and the material forms of agency. Given all this this chapter explores further the role of critical making as counter-testimony. From aesthetic practices of forensics, counter-forensics to the role of labs in media archaeology and investigative practices, I will tell the story of makers that present their objects as a counter-narrative to pressing socio-political issues. More importantly, however, I will address the issue of how critical making practices can establish credibility in a world of fakes and loss of belief

Introduction: Ways of Machine Seeing

How do machines, and, in particular, computational technologies, change the way we see the world? This special issue brings together researchers from a wide range of disciplines to explore the entanglement of machines and their ways of seeing from new critical perspectives. This 'editorial' is for a special issue of AI & Society, which includes contributions from: María Jesús Schultz Abarca, Peter Bell, Tobias Blanke, Benjamin Bratton, Claudio Celis Bueno, Kate Crawford, Iain Emsley, Abelardo Gil-Fournier, Daniel Chávez Heras, Vladan Joler, Nicolas Malevé, Lev Manovich, Nicholas Mirzoeff, Perle Møhl, Bruno Moreschi, Fabian Offert, Trevor Paglan, Jussi Parikka, Luciana Parisi, Matteo Pasquinelli, Gabriel Pereira, Carloalberto Treccani, Rebecca Uliasz, and Manuel van der Veen

Expanding Data Imaginaries in Urban Planning:Foregrounding lived experience and community voices in studies of cities with participatory and digital visual methods

“Expanding Data Imaginaries in Urban Planning” synthesizes more than three years of industrial research conducted within Gehl and the Techno–Anthropology Lab at Aalborg University. Through practical experiments with social media images, digital photovoice, and participatory mapmaking, the project explores how visual materials created by citizens can be used within a digital and participatory methodology to reconfigure the empirical ground of data-driven urbanism. Drawing on a data feminist framework, the project uses visual research to elevate community voices and situate urban issues in lived experiences. As a Science and Technology Studies project, the PhD also utilizes its industrial position as an opportunity to study Gehl’s practices up close, unpacking collectively held narratives and visions that form a particular “data imaginary” and contribute to the production and perpetuation of the role of data in urban planning. The dissertation identifies seven epistemological commitments that shape the data imaginary at Gehl and act as discursive closures within their practice. To illustrate how planners might expand on these, the dissertation uses its own data experiments as speculative demonstrations of how to make alternative modes of knowing cities possible through participatory and digital visual methods

New Perspectives in Critical Data Studies

This Open Access book examines the ambivalences of data power. Firstly, the ambivalences between global infrastructures and local invisibilities challenge the grand narrative of the ephemeral nature of a global data infrastructure. They make visible local working and living conditions, and the resources and arrangements required to operate and run them. Secondly, the book examines ambivalences between the state and data justice. It considers data justice in relation to state surveillance and data capitalism, and reflects on the ambivalences between an “entrepreneurial state” and a “welfare state”. Thirdly, the authors discuss ambivalences of everyday practices and collective action, in which civil society groups, communities, and movements try to position the interests of people against the “big players” in the tech industry. The book includes eighteen chapters that provide new and varied perspectives on the role of data and data infrastructures in our increasingly datafied societies

Strategic Latency Unleashed: The Role of Technology in a Revisionist Global Order and the Implications for Special Operations Forces

The article of record may be found at https://cgsr.llnl.govThis work was performed under the auspices of the U.S. Department of Energy by Lawrence Livermore National Laboratory in part under Contract W-7405-Eng-48 and in part under Contract DE-AC52-07NA27344. The views and opinions of the author expressed herein do not necessarily state or reflect those of the United States government or Lawrence Livermore National Security, LLC. ISBN-978-1-952565-07-6 LCCN-2021901137 LLNL-BOOK-818513 TID-59693This work was performed under the auspices of the U.S. Department of Energy by Lawrence Livermore National Laboratory in part under Contract W-7405-Eng-48 and in part under Contract DE-AC52-07NA27344. The views and opinions of the author expressed herein do not necessarily state or reflect those of the United States government or Lawrence Livermore National Security, LLC. ISBN-978-1-952565-07-6 LCCN-2021901137 LLNL-BOOK-818513 TID-5969