Location Leakage from Network Access Patterns

Speaker/Bio

Trishita was a Trustee Scholar at Boston University pursuing a Bachelors in Computer Engineering; she graduated Summa Cum Laude in May 2019 . She has been a part of NISLab, where she has worked with Prof. Ari Trachtenberg on various aspects of Cyber Security. Her current research involves cache-based side-channel attacks, finding malicious uses of new HTTP headers (undergraduate thesis), and attacks on the Network Time Protocol (NTP). Her previous work included exploiting network side-channels on Android, creating a distributed web miner for Ethereum, and detecting anomalies to identify compromised VMs in the cloud. She will be continuing her security research as a Computer Science PhD candidate at Cornell University, starting fall of 2019.

Abstract

We evaluate the power of simple networks side-channels to encroach upon user location privacy on Android devices. Specifically, we show that an unprivileged application or third party may infer several elements of a user's location from a different location-privileged application (such as Google Maps) by inspecting blackbox network metadata alone (i.e., traffic statistics such as transmission time and size of packets). We do this with relatively simple learning and classification methods and basic network statistics. For most Android phones currently on the market, process-level network traffic statistics are accessible at fine detail without permission control, although, we demonstrate that even device-level statistics available on the newest devices are sufficient for some of our inferences. In effect, it may be possible for any application running on these phones or collocated on a local network to identify privacy-revealing elements of a user's location, such as places of worship, point-of-care medical establishments, or political activity.

Reference