Survey of End-to-End Mobile Network Measurement Testbeds, Tools, and Services

Mobile (cellular) networks enable innovation, but can also stifle it and lead to user frustration when network performance falls below expectations. As mobile networks become the predominant method of Internet access, developer, research, network operator, and regulatory communities have taken an increased interest in measuring end-to-end mobile network performance to, among other goals, minimize negative impact on application responsiveness. In this survey we examine current approaches to end-to-end mobile network performance measurement, diagnosis, and application prototyping. We compare available tools and their shortcomings with respect to the needs of researchers, developers, regulators, and the public. We intend for this survey to provide a comprehensive view of currently active efforts and some auspicious directions for future work in mobile network measurement and mobile application performance evaluation.Comment: Submitted to IEEE Communications Surveys and Tutorials. arXiv does not format the URL references correctly. For a correctly formatted version of this paper go to http://www.cs.montana.edu/mwittie/publications/Goel14Survey.pd

The Feasibility of Dynamically Granted Permissions: Aligning Mobile Privacy with User Preferences

Current smartphone operating systems regulate application permissions by prompting users on an ask-on-first-use basis. Prior research has shown that this method is ineffective because it fails to account for context: the circumstances under which an application first requests access to data may be vastly different than the circumstances under which it subsequently requests access. We performed a longitudinal 131-person field study to analyze the contextuality behind user privacy decisions to regulate access to sensitive resources. We built a classifier to make privacy decisions on the user's behalf by detecting when context has changed and, when necessary, inferring privacy preferences based on the user's past decisions and behavior. Our goal is to automatically grant appropriate resource requests without further user intervention, deny inappropriate requests, and only prompt the user when the system is uncertain of the user's preferences. We show that our approach can accurately predict users' privacy decisions 96.8% of the time, which is a four-fold reduction in error rate compared to current systems.Comment: 17 pages, 4 figure

The Limits of Location Privacy in Mobile Devices

Mobile phones are widely adopted by users across the world today. However, the privacy implications of persistent connectivity are not well understood. This dissertation focuses on one important concern of mobile phone users: location privacy. I approach this problem from the perspective of three adversaries that users are exposed to via smartphone apps: the mobile advertiser, the app developer, and the cellular service provider. First, I quantify the proportion of mobile users who use location permissive apps and are able to be tracked through their advertising identifier, and demonstrate a mark and recapture attack that allows continued tracking of users who hide these identifiers. Ninety-five percent of the 1500 devices we tested were susceptible to this attack. We successfully identified 49% of unlabelled impressions from iOS devices, and 59% from Android, with a budget of only $5 per day, per user. Next, I evaluate an attack wherein a remote server discovers a user\u27s traveled path without permission, simply by analyzing the throughput of the connection to the user over time. In these experiments, a remote attacker can distinguish a user\u27s route among four paths within a University campus with 77% accuracy, and among eight paths surrounding the campus with 83% accuracy. I then propose a protocol for anonymous cell phone usage, which obviates the need for users to trust telecoms with their location, and I evaluate its efficacy against a passive location profiling attack used to infer identity. According to these simulations, even one day is enough to identify one device from among over a hundred with greater than 50% accuracy. To mitigate location profiling attacks, users should change these identifiers every ten minutes and remain offline for 30 seconds, to reduce their identifiability by up to 45%. I conclude by summarizing the key issues in mobile location privacy today, immediate steps that can be taken to improve them, and the inherent privacy costs of remaining constantly connected

A multi-site study on walkability, data sharing and privacy perception using mobile sensing data gathered from the mk-sense platform

Walking is a fundamental part of a physically active lifestyle, it is one of everyday activities that positively impacts health and wellbeing. In this paper we describe the challenges and experiences of conducting a sensing campaign in the wild. We make use of mk-sense; a software platform to facilitate the deployment of collaborative sensing campaigns. We elaborate on two cross-cultural studies conducted in four different countries (Mexico, Turkey, Spain, and Switzerland) with a total of 77 participants. We present a detailed description of the data collected from one of the studies aimed at measuring walkability around three different university campuses. The analysis of the data shows that walkability can be assessed using information from the sensors in the smartphones and results from surveys answered by participants. In addition, we analyze issues about data sharing and privacy awareness

Location Privacy Protection in the Mobile Era and Beyond

As interconnected devices become embedded in every aspect of our lives, they accompany many privacy risks. Location privacy is one notable case, consistently recording an individual’s location might lead to his/her tracking, fingerprinting and profiling. An individual’s location privacy can be compromised when tracked by smartphone apps, in indoor spaces, and/or through Internet of Things (IoT) devices. Recent surveys have indicated that users genuinely value their location privacy and would like to exercise control over who collects and processes their location data. They, however, lack the effective and practical tools to protect their location privacy. An effective location privacy protection mechanism requires real understanding of the underlying threats, and a practical one requires as little changes to the existing ecosystems as possible while ensuring psychological acceptability to the users. This thesis addresses this problem by proposing a suite of effective and practical privacy preserving mechanisms that address different aspects of real-world location privacy threats. First, we present LP-Guardian, a comprehensive framework for location privacy protection for Android smartphone users. LP-Guardian overcomes the shortcomings of existing approaches by addressing the tracking, profiling, and fingerprinting threats posed by different mobile apps while maintaining their functionality. LP-Guardian requires modifying the underlying platform of the mobile operating system, but no changes in either the apps or service provider. We then propose LP-Doctor, a light-weight user-level tool which allows Android users to effectively utilize the OS’s location access controls. As opposed to LP-Guardian, LP-Doctor requires no platform changes. It builds on a two year data collection campaign in which we analyzed the location privacy threats posed by 1160 apps for 100 users. For the case of indoor location tracking, we present PR-LBS (Privacy vs. Reward for Location-Based Service), a system that balances the users’ privacy concerns and the benefits of sharing location data in indoor location tracking environments. PR-LBS fits within the existing indoor localization ecosystem whether it is infrastructure-based or device-based. Finally, we target the privacy threats originating from the IoT devices that employ the emerging Bluetooth Low Energy (BLE) protocol through BLE-Guardian. BLE-Guardian is a device agnostic system that prevents user tracking and profiling while securing access to his/her BLE-powered devices. We evaluate BLE-Guardian in real-world scenarios and demonstrate its effectiveness in protecting the user along with its low overhead on the user’s devices.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/138563/1/kmfawaz_1.pd

T3P: Demystifying Low-Earth Orbit Satellite Broadband

The Internet is going through a massive infrastructural revolution with the advent of low-flying satellite networks, 5/6G, WiFi7, and hollow-core fiber deployments. While these networks could unleash enhanced connectivity and new capabilities, it is critical to understand the performance characteristics to efficiently drive applications over them. Low-Earth orbit (LEO) satellite mega-constellations like SpaceX Starlink aim to offer broad coverage and low latencies at the expense of high orbital dynamics leading to continuous latency changes and frequent satellite hand-offs. This paper aims to quantify Starlink's latency and its variations and components using a real testbed spanning multiple latitudes from the North to the South of Europe. We identify tail latencies as a problem. We develop predictors for latency and throughput and show their utility in improving application performance by up to 25%. We also explore how transport protocols can be optimized for LEO networks and show that this can improve throughput by up to 115% (with only a 5% increase in latency). Also, our measurement testbed with a footprint across multiple locations offers unique trigger-based scheduling capabilities that are necessary to quantify the impact of LEO dynamics.Comment: 16 page

LiveLabs: Building An In-Situ Real-Time Mobile Experimentation Testbed

We present LiveLabs, a mobile experimentation testbed that is cur-rently deployed across our university campus with further deploy-ments at a large shopping mall, a commercial airport, and a resort island soon to follow. The key goal of LiveLabs is to allow in-situ real-time experimentation of mobile applications and services that require context-specific triggers with real participants on their actual smart phones. We describe how LiveLabs works, and then explain the novel R&D required to realise it. We end with a de-scription of the current LiveLabs status (> 700 active participants to date) as well as present some key lessons learned. 1