1 research outputs found
Analysis of Location Data Leakage in the Internet Traffic of Android-based Mobile Devices
In recent years we have witnessed a shift towards personalized, context-based
applications and services for mobile device users. A key component of many of
these services is the ability to infer the current location and predict the
future location of users based on location sensors embedded in the devices.
Such knowledge enables service providers to present relevant and timely offers
to their users and better manage traffic congestion control, thus increasing
customer satisfaction and engagement. However, such services suffer from
location data leakage which has become one of today's most concerning privacy
issues for smartphone users. In this paper we focus specifically on location
data that is exposed by Android applications via Internet network traffic in
plaintext (i.e., without encryption) without the user's awareness. We present
an empirical evaluation, involving the network traffic of real mobile device
users, aimed at: (1) measuring the extent of location data leakage in the
Internet traffic of Android-based smartphone devices; and (2) understanding the
value of this data by inferring users' points of interests (POIs). This was
achieved by analyzing the Internet traffic recorded from the smartphones of a
group of 71 participants for an average period of 37 days. We also propose a
procedure for mining and filtering location data from raw network traffic and
utilize geolocation clustering methods to infer users' POIs. The key findings
of this research center on the extent of this phenomenon in terms of both
ubiquity and severity; we found that over 85\% of devices of users are leaking
location data, and the exposure rate of users' POIs, derived from the
relatively sparse leakage indicators, is around 61%.Comment: 11 pages, 10 figure