Characterizing Mobile Applications Through Analysis of DNS Traffic

被引：1

作者：

Jimenez-Berenguel, Andrea ^{[1
]}

Moure-Garrido, Marta ^{[1
]}

Garcia-Rubio, Carlos ^{[1
]}

Campo, Celeste ^{[1
]}

机构：

[1] Univ Carlos III Madrid, Dept Telemat Engn, Leganes, Madrid, Spain

来源：

PROCEEDINGS OF THE INT'L ACM SYMPOSIUM ON PERFORMANCE EVALUATION OF WIRELESS AD HOC, SENSOR, & UBIQUITOUS NETWORKS, PE-WASUN 2023 | 2023年

关键词：

Mobile apps characterization; Android apps; User Privacy; DNS traffic; encrypted DNS;

D O I：

10.1145/3616394.3618268

中图分类号：

TN [电子技术、通信技术];

学科分类号：

0809 ;

摘要：

User privacy may remain vulnerable when using encrypted communication protocols, such as HTTPS, if DNS queries are sent in cleartext over UDP port 53 (Do53). In this study, we demonstrate the possibility of characterizing the mobile application a user is using based on its Do53 traffic. By analyzing a dataset of traffic captured from 80 Android mobile apps, we can identify the app being used based on its DNS queries with an accuracy of 88.75%. While modern operating systems, including Android since version 9.0, support encrypted DNS traffic, this feature is not enabled by default and relies on the DNS provider's support. Moreover, even when DNS traffic is encrypted, the DNS service provider still has access to our queries and could potentially extract information from them.

引用

页码：69 / 76

页数：8

共 44 条

[31] Know your Big Data Trade-offs when Classifying Encrypted Mobile Traffic with Deep Learning
Aceto, Giuseppe
Ciuonzo, Domenico
Montieri, Antonio
Persico, Valerio
Pescape, Antonio
PROCEEDINGS OF THE 3RD NETWORK TRAFFIC MEASUREMENT AND ANALYSIS CONFERENCE (TMA 2019), 2019, : 121 - 128
[32] Can Android Applications Be Identified Using Only TCP/IP Headers of Their Launch Time Traffic?
Alan, Hasan Faik
Kaur, Jasleen
PROCEEDINGS OF THE 9TH ACM CONFERENCE ON SECURITY & PRIVACY IN WIRELESS AND MOBILE NETWORKS (WISEC'16), 2016, : 61 - 66
[33] Analysis on password protection in Android applications
Shao Shuai
Dong Guowei
Guo Tao
Yang Tianchang
Shi Chenjie
2014 NINTH INTERNATIONAL CONFERENCE ON P2P, PARALLEL, GRID, CLOUD AND INTERNET COMPUTING (3PGCIC), 2014, : 504 - 507
[34] What You See Is What You Get? It Is Not the Case! Detecting Misleading Icons for Mobile Applications
Li, Linlin
Wang, Ruifeng
Zhan, Xian
Wang, Ying
Gao, Cuiyun
Wang, Sinan
Liu, Yepang
PROCEEDINGS OF THE 32ND ACM SIGSOFT INTERNATIONAL SYMPOSIUM ON SOFTWARE TESTING AND ANALYSIS, ISSTA 2023, 2023, : 538 - 550
[35] An empirical study of web browsers' resistance to traffic analysis and website fingerprinting attacks
Al-Shehari, Taher
Zhioua, Sami
CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS, 2018, 21 (04): : 1917 - 1931
[36] An empirical study of web browsers’ resistance to traffic analysis and website fingerprinting attacks
Taher Al-Shehari
Sami Zhioua
Cluster Computing, 2018, 21 : 1917 - 1931
[37] Forensic Analysis of Dating Applications on Android and iOS Devices
Hutchinson, Shinelle
Shantaram, Neesha
Karabiyik, Umit
2020 IEEE 19TH INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (TRUSTCOM 2020), 2020, : 837 - 848
[38] Children's Exposure to Mobile In-App Advertising: An Analysis of Content Appropriateness
Chen, Ying
Zhu, Sencun
Xu, Heng
Zhou, Yilu
2013 ASE/IEEE INTERNATIONAL CONFERENCE ON SOCIAL COMPUTING (SOCIALCOM), 2013, : 196 - 203
[39] Empirical Security and Privacy Analysis of Mobile Symptom Checking Apps on Google Play
Sentana, I. Wayan Budi
Ikram, Muhammad
Kaafar, Mohamed Ali
Berkovsky, Shlomo
SECRYPT 2021: PROCEEDINGS OF THE 18TH INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY, 2021, : 665 - 673
[40] Investigating Wearable Fitness Applications: Data Privacy and Digital Forensics Analysis on Android
Hutchinson, Shinelle
Mirza, Mohammad Meraj
West, Nicholas
Karabiyik, Umit
Rogers, Marcus K.
Mukherjee, Tathagata
Aggarwal, Sudhir
Chung, Haeyong
Pettus-Davis, Carrie
APPLIED SCIENCES-BASEL, 2022, 12 (19):

← 1 2 3 4 5 →