MobiSys 2016

The 14th ACM International Conference on Mobile Systems, Applications, and Services (MobiSys 2016) spanned a range of themes and domains, from smart environments to security and privacy. The highlights presented here cover the keynotes, paper sessions, and first Asian Students Symposium on Emerging Technologies

ReCon: Revealing and Controlling PII Leaks in Mobile Network Traffic

It is well known that apps running on mobile devices extensively track and leak users' personally identifiable information (PII); however, these users have little visibility into PII leaked through the network traffic generated by their devices, and have poor control over how, when and where that traffic is sent and handled by third parties. In this paper, we present the design, implementation, and evaluation of ReCon: a cross-platform system that reveals PII leaks and gives users control over them without requiring any special privileges or custom OSes. ReCon leverages machine learning to reveal potential PII leaks by inspecting network traffic, and provides a visualization tool to empower users with the ability to control these leaks via blocking or substitution of PII. We evaluate ReCon's effectiveness with measurements from controlled experiments using leaks from the 100 most popular iOS, Android, and Windows Phone apps, and via an IRB-approved user study with 92 participants. We show that ReCon is accurate, efficient, and identifies a wider range of PII than previous approaches.Comment: Please use MobiSys version when referencing this work: http://dl.acm.org/citation.cfm?id=2906392. 18 pages, recon.meddle.mob

A Robust Zero-Calibration RF-based Localization System for Realistic Environments

Due to the noisy indoor radio propagation channel, Radio Frequency (RF)-based location determination systems usually require a tedious calibration phase to construct an RF fingerprint of the area of interest. This fingerprint varies with the used mobile device, changes of the transmit power of smart access points (APs), and dynamic changes in the environment; requiring re-calibration of the area of interest; which reduces the technology ease of use. In this paper, we present IncVoronoi: a novel system that can provide zero-calibration accurate RF-based indoor localization that works in realistic environments. The basic idea is that the relative relation between the received signal strength from two APs at a certain location reflects the relative distance from this location to the respective APs. Building on this, IncVoronoi incrementally reduces the user ambiguity region based on refining the Voronoi tessellation of the area of interest. IncVoronoi also includes a number of modules to efficiently run in realtime as well as to handle practical deployment issues including the noisy wireless environment, obstacles in the environment, heterogeneous devices hardware, and smart APs. We have deployed IncVoronoi on different Android phones using the iBeacons technology in a university campus. Evaluation of IncVoronoi with a side-by-side comparison with traditional fingerprinting techniques shows that it can achieve a consistent median accuracy of 2.8m under different scenarios with a low beacon density of one beacon every 44m2. Compared to fingerprinting techniques, whose accuracy degrades by at least 156%, this accuracy comes with no training overhead and is robust to the different user devices, different transmit powers, and over temporal changes in the environment. This highlights the promise of IncVoronoi as a next generation indoor localization system.Comment: 9 pages, 13 figures, published in SECON 201

Mobile Systems Research with Drones

Robot vehicle platforms, often called “drones”, offer exciting new opportuni- ties for mobile computing. While many systems respond to device mobility (such as smartphones), drones allow computer systems to actively control device location, allowing them to interact with the physical world in new ways and with new-found scale, efficiency, or precision

XYZ Privacy

Future autonomous vehicles will generate, collect, aggregate and consume significant volumes of data as key gateway devices in emerging Internet of Things scenarios. While vehicles are widely accepted as one of the most challenging mobility contexts in which to achieve effective data communications, less attention has been paid to the privacy of data emerging from these vehicles. The quality and usability of such privatized data will lie at the heart of future safe and efficient transportation solutions. In this paper, we present the XYZ Privacy mechanism. XYZ Privacy is to our knowledge the first such mechanism that enables data creators to submit multiple contradictory responses to a query, whilst preserving utility measured as the absolute error from the actual original data. The functionalities are achieved in both a scalable and secure fashion. For instance, individual location data can be obfuscated while preserving utility, thereby enabling the scheme to transparently integrate with existing systems (e.g. Waze). A new cryptographic primitive Function Secret Sharing is used to achieve non-attributable writes and we show an order of magnitude improvement from the default implementation.Comment: arXiv admin note: text overlap with arXiv:1708.0188