Private Communication Detection via Side-Channel Attacks

Private communication detection (PCD) enables an ordinary network user to discover communication patterns (e.g., call time, length, frequency, and initiator) between two or more private parties. Analysis of communication patterns between private parties has historically been a powerful tool used by intelligence, military, law-enforcement and business organizations because it can reveal the strength of tie between these parties. Ordinary users are assumed to have neither eavesdropping capabilities (e.g., the network may employ strong anonymity measures) nor the legal authority (e.g. no ability to issue a warrant to network providers) to collect private-communication records. We show that PCD is possible by ordinary users merely by sending packets to various network end-nodes and analyzing the responses. Three approaches for PCD are proposed based on a new type of side channels caused by resource contention, and defenses are proposed. The Resource-Saturation PCD exploits the resource contention (e.g., a fixed-size buffer) by sending carefully designed packets and monitoring different responses. Its effectiveness has been demonstrated on three commercial closed-source VoIP phones. The Stochastic PCD shows that timing side channels in the form of probing responses, which are caused by distinct resource-contention responses when different applications run in end nodes, enable effective PCD despite network and proxy-generated noise (e.g., jitter, delays). It was applied to WiFi and Instant Messaging for resource contention in the radio channel and the keyboard, respectively. Similar analysis enables practical Sybil node detection. Finally, the Service-Priority PCD utilizes the fact that 3G/2G mobile communication systems give higher priority to voice service than data service. This allows detection of the busy status of smartphones, and then discovery of their call records by correlating the busy status. This approach was successfully applied to iPhone and Android phones in AT&T's network. An additional, unanticipated finding was that an Internet user could disable a 2G phone's voice service by probing it with short enough intervals (e.g., 1 second). PCD defenses can be traditional side-channel countermeasures or PCD-specific ones, e.g., monitoring and blocking suspicious periodic network traffic

A collaborative framework for android malware detection using DNS & dynamic analysis

Nowadays, with the predominance of smart devices such as smartphones, mobile malware attacks have increasingly proliferated. There is an urgent need of detecting potential malicious behaviors so as to hinder them. Furthermore, Android malware is one of the major security issues and fast growing threats facing the Internet in the mobile arena. At the same time, DNS (Domain Name System) is widely misused by miscreants in order to provide Internet connection within malicious networks. Here, we propose an infrastructure for monitoring the Android applications in a platform-independent manner, introducing hooks in order to trace restricted API calls used at runtime of the application. These traces are collected at a central server were the application behavior filtering, string matching, and visualization takes place. From these traces we can extract malicious URLs and correlate them with DNS service network traffic, enabling us to find presence of malware running at the network level

Analysis of Smartphone Traffic

Smartphone reconnaissance, the first step to launch security attacks on a target smartphone, enables an adversary to tailor attacks by exploiting the known vulnerabilities of the target system. We investigate smartphone OS identification with encrypted traffic in this paper. Four identification algorithms based on the spectralanalysis of the encrypted traffic are proposed. The identification algorithms are designed for high identification accuracy by removing noise frequency components and for high efficiency in terms of computation complexity. We evaluate the identification algorithms with smartphone traffic collected over three months. The experimental results show that the algorithms can identify the smartphone OS accurately. The identification accuracy can reach 100 with only 30 seconds of smartphone traffi

Analysis of Smartphone Traffic

Smartphone reconnaissance, the first step to launch security attacks on a target smartphone, enables an adversary to tailor attacks by exploiting the known vulnerabilities of the target system. We investigate smartphone OS identification with encrypted traffic in this paper. Four identification algorithms based on the spectralanalysis of the encrypted traffic are proposed. The identification algorithms are designed for high identification accuracy by removing noise frequency components and for high efficiency in terms of computation complexity. We evaluate the identification algorithms with smartphone traffic collected over three months. The experimental results show that the algorithms can identify the smartphone OS accurately. The identification accuracy can reach 100 with only 30 seconds of smartphone traffi

Acoustic Sensing: Mobile Applications and Frameworks

Acoustic sensing has attracted significant attention from both academia and industry due to its ubiquity. Since smartphones and many IoT devices are already equipped with microphones and speakers, it requires nearly zero additional deployment cost. Acoustic sensing is also versatile. For example, it can detect obstacles for distracted pedestrians (BumpAlert), remember indoor locations through recorded echoes (EchoTag), and also understand the touch force applied to mobile devices (ForcePhone). In this dissertation, we first propose three acoustic sensing applications, BumpAlert, EchoTag, and ForcePhone, and then introduce a cross-platform sensing framework called LibAS. LibAS is designed to facilitate the development of acoustic sensing applications. For example, LibAS can let developers prototype and validate their sensing ideas and apps on commercial devices without the detailed knowledge of platform-dependent programming. LibAS is shown to require less than 30 lines of code in Matlab to implement the prototype of ForcePhone on Android/iOS/Tizen/Linux devices.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/143971/1/yctung_1.pd

Privacy Leakage through Sensory Data on Smart Devices

Mobile devices are becoming more and more indispensable in people’s daily life. They bring variety of conveniences. However, many privacy issues also arise along with the ubiquitous usage of smart devices. Nowadays, people rely on smart devices for business and work, thus much sensitive information is released. Although smart device manufactures spend much effort to provide system level strategies for privacy preservation, lots of studies have shown that these strategies are far from perfect. In this dissertation, many privacy risks are explored. Smart devices are becoming more and more powerful as more and more sensors are embedded into smart devices. In this thesis, the relationship between sensory data and a user’s location information is analyzed first. A novel inference model and a corresponding algorithm are proposed to infer a user’s location information solely based on sensory data. The proposed approach is validated towards real-world sensory data. Another privacy issue investigated in this thesis is the inference of user behaviors based on sensory data. From extensive experiment results, it is observed that there is a strong correlation between sensory data and the tap position on a smart device’s screen. A sensory data collection app is developed to collect sensory data from more than 100 volunteers. A conventional neural network based method is proposed to infer a user’s input on a smart phone. The proposed inference model and algorithm are compared with several previous methods through extensive experiments. The results show that our method has much better accuracy. Furthermore, based on this inference model, several possible ways to steal private information are illustrated

Unblind Your Apps: Predicting Natural-Language Labels for Mobile GUI Components by Deep Learning

According to the World Health Organization(WHO), it is estimated that approximately 1.3 billion people live with some forms of vision impairment globally, of whom 36 million are blind. Due to their disability, engaging these minority into the society is a challenging problem. The recent rise of smart mobile phones provides a new solution by enabling blind users' convenient access to the information and service for understanding the world. Users with vision impairment can adopt the screen reader embedded in the mobile operating systems to read the content of each screen within the app, and use gestures to interact with the phone. However, the prerequisite of using screen readers is that developers have to add natural-language labels to the image-based components when they are developing the app. Unfortunately, more than 77% apps have issues of missing labels, according to our analysis of 10,408 Android apps. Most of these issues are caused by developers' lack of awareness and knowledge in considering the minority. And even if developers want to add the labels to UI components, they may not come up with concise and clear description as most of them are of no visual issues. To overcome these challenges, we develop a deep-learning based model, called LabelDroid, to automatically predict the labels of image-based buttons by learning from large-scale commercial apps in Google Play. The experimental results show that our model can make accurate predictions and the generated labels are of higher quality than that from real Android developers.Comment: Accepted to 42nd International Conference on Software Engineerin

An interactive interface for nursing robots.

Physical Human-Robot Interaction (pHRI) is inevitable for a human user while working with assistive robots. There are various aspects of pHRI, such as choosing the interface, type of control schemes implemented and the modes of interaction. The research work presented in this thesis concentrates on a health-care assistive robot called Adaptive Robot Nursing Assistant (ARNA). An assistive robot in a health-care environment has to be able to perform routine tasks and be aware of the surrounding environment at the same time. In order to operate the robot, a teleoperation based interaction would be tedious for some patients as it would require a high level of concentration and can cause cognitive fatigue. It would also require a learning curve for the user in order to teleoperate the robot efficiently. The research work involves the development of a proposed Human-Machine Interface (HMI) framework which integrates the decision-making module, interaction module, and a tablet interface module. The HMI framework integrates a traded control based interaction which allows the robot to take decisions on planning and executing a task while the user only has to specify the task through a tablet interface. According to the preliminary experiments conducted as a part of this thesis, the traded control based approach allows a novice user to operate the robot with the same efficiency as an expert user. Past researchers have shown that during a conversation with a speech interface, a user would feel disengaged if the answers received from the interface are not in the context of the conversation. The research work in this thesis explores the different possibilities of implementing a speech interface that would be able to reply to any conversational queries from the user. A speech interface was developed by creating a semantic space out of Wikipedia database using Latent Semantic Analysis (LSA). This allowed the speech interface to have a wide knowledge-base and be able to maintain a conversation in the same context as intended by the user. This interface was developed as a web-service and was deployed on two different robots to exhibit its portability and the ease of implementation with any other robot. In the work presented, a tablet application was developed which integrates speech interface and an onscreen button interface to execute tasks through ARNA robot. This tablet interface application can access video feed and sensor data from robots, assist the user with decision making during pick and place operations, monitor the user health over time, and provide conversational dialogue during sitting sessions. In this thesis, we present the software and hardware framework that enable a patient sitter HMI, and together with experimental results with a small number of users that demonstrate that the concept is sound and scalable

UbiEar: Bringing location-independent sound awareness to the hard-of-hearing people with smartphones

Non-speech sound-awareness is important to improve the quality of life for the deaf and hard-of-hearing (DHH) people. DHH people, especially the young, are not always satisfied with their hearing aids. According to the interviews with 60 young hard-of-hearing students, a ubiquitous sound-awareness tool for emergency and social events that works in diverse environments is desired. In this paper, we design UbiEar, a smartphone-based acoustic event sensing and notification system. Core techniques in UbiEar are a light-weight deep convolution neural network to enable location-independent acoustic event recognition on commodity smartphons, and a set of mechanisms for prompt and energy-efficient acoustic sensing. We conducted both controlled experiments and user studies with 86 DHH students and showed that UbiEar can assist the young DHH students in awareness of important acoustic events in their daily life.</jats:p