RECON: Revealing and Controlling Privacy Leaks from Network Traffic

Abstract

ReCon enables the auditing of PII leaks, addressing the key challenges of how to identify and control PII leaks when users PII is not known a priori, nor is the set of apps or devices that leak this information. First, to enable auditing through improved transparency, we investigated how to use machine learning to reliably identify PII from network flows of mobile apps. Second, we extended our approach to IoT devices. Since IoT traffic is mostly encrypted, we developed tools and techniques for measuring the privacy exposure based on traffic patterns. We released L-ReCon, software for detecting PII leakage from consumer routers, and Mon(IoT)r, software for collecting and characterizing network traffic for IoT devices.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
May 20, 2020
Accession Number
AD1099580

Entities

People

  • David Choffnes

Organizations

  • Northeastern University

Tags

Communities of Interest

  • Autonomy
  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Air Force
  • Air Force Research Laboratories
  • Computer Programming
  • Computer Programs
  • Consumers
  • Department Of Homeland Security
  • Institutional Review Board
  • Internet Of Things
  • Local Area Networks
  • Machine Learning
  • Mobile Application Software
  • Mobile Devices
  • Mobile Operating Systems
  • Mobile Phones
  • Network Protocols
  • Operating Systems
  • Smartphones

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Distributed Systems and Data Platform Development

Technology Areas

  • 5G
  • 5G - Internet of Things
  • AI & ML