Rui Ning,Cong Wang,ChunSheng Xin,Jiang Li,Hongyi Wu

DOI: https://doi.org/10.1016/j.pmcj.2019.101106

IF: 3.848

2020-01-01

Pervasive and Mobile Computing

Abstract:In this paper, we report a newfound vulnerability on smartphones due to the malicious use of unsupervised sensor data. We demonstrate that an attacker can train deep Convolutional Neural Networks (CNN) by using magnetometer or orientation data to effectively infer the Apps and their usage information on a smartphone with an accuracy of over 80%. Furthermore, we show that such attacks can become even worse if sophisticated attackers exploit motion sensors to cluster the magnetometer or orientation data, improving the accuracy to as high as 98%. To mitigate such attacks, we propose a noise injection scheme that can effectively reduce the App sniffing accuracy to only 15% and at the same time has negligible effect on benign Apps.

Hao Pan,Feitong Tan,Wenhao Li,Yi-Chao Chen,Lanqing Yang,Guangtao Xue,Xiaoyu Ji

DOI: https://doi.org/10.1109/secon55815.2022.9918604

2022-01-01

Abstract:This study reveals that on-board hardware modules leak electromagnetic (EM) emissions whenever audio or camera data is accessed, and proposes Magdefender scheme that explores the possibility of using the magnetometer built into mobile devices to detect eavesdropping instances by malicious apps and even the unscrupulous phone vendors. However, the target EM signals generated by accessing multimedia data is weak and tends to be buried beneath other noisy EM signals from apps running in the foreground. It is also subject to the external interference from geomagnetic signals generated by the device movement. To cope with the challenges, we adopt a generative adversarial networks (GAN) based model to facilitate the extraction of target EM signals indicating the occurrence of eavesdropping from the overall magnetometer readings. We also develop a neural network-based classifier with triplet loss embedding to identify the EM signals from the camera and/or microphones. Empirical results demonstrate the efficacy of MagDefenderin recognizing instances of eavesdropping on cameras/microphones data, with average accuracy of 97.3% when applied to the trained devices, and average 91.5% on unseen mobile devices.

Yongjian Fu,Lanqing Yang,Hao Pan,Yi-Chao Chen,Guangtao Xue,Ju Ren

DOI: https://doi.org/10.1109/tmc.2024.3495506

IF: 6.075

2024-01-01

IEEE Transactions on Mobile Computing

Abstract:Various characteristics of mobile applications (apps) and associated in-app services can reveal potentially-sensitive user information; however, privacy concerns have prompted third-party apps to restrict access to data related to mobile app usage. This paper outlines a novel approach to extracting detailed app usage information by analyzing electromagnetic (EM) signals emitted from mobile devices during app-related tasks. The proposed system, MagSpy, recovers user privacy information from magnetometer readings that do not require access permissions. This EM leakage becomes complex when multiple apps are used simultaneously and is subject to interference from geomagnetic signals generated by device movement. To address these challenges, MagSpy employs multiple techniques to extract and identify signals related to app usage. Specifically, the geomagnetic offset signal is canceled using accelerometer and gyroscope sensor data, and a Cascade-LSTM algorithm is used to classify apps and in-app services. MagSpy also uses CWT-based peak detection and a Random Forest classifier to detect PIN inputs. A prototype system was evaluated on over 50 popular mobile apps with 30 devices. Extensive evaluation results demonstrate the efficacy of MagSpy in identifying in-app services (96% accuracy), apps (93.5% accuracy), and extracting PIN input information (96% top-3 accuracy).

Yushi Cheng,Xiaoyu Ji,Wenyuan Xu,Hao Pan,Zhuangdi Zhu,Chuang-Wen You,Yi-Chao Chen,Lili Qiu

DOI: https://doi.org/10.1145/3321705.3329817

2019-01-01

Abstract:Mobile devices have emerged as the most popular platforms to access information. However, they have also become a major concern of privacy violation and previous researches have demonstrated various approaches to infer user privacy based on mobile devices. In this paper, we study a new side channel of a laptop that could be harvested by a commercial-off-the-shelf (COTS) mobile device, eg, a smartphone. We propose MagAttack, which exploits the electromagnetic (EM) side channel of a laptop to infer user activities, i.e., application launching and application operation. The key insight of MagAttack is that applications are discrepant in essence due to the different compositions of instructions, which can be reflected on the CPU power consumption, and thus the corresponding EM emissions. MagAttack is challenging since that EM signals are noisy due to the dynamics of applications and the limited sampling rate of the built-in magnetometers in COTS mobile devices. We overcome these challenges and convert noisy coarse-grained EM signals to robust fine-grained features. We implement MagAttack on both an iOS and an Android smartphone without any hardware modification, and evaluate its performance with 13 popular applications and 50 top websites in China. The results demonstrate that MagAttack can recognize aforementioned 13 applications with an average accuracy of 98.6%, and figure out the visiting operation among 50 websites with an average accuracy of 84.7%.

Guangtao Xue,Hao Pan,Yi-Chao Chen,Xiaoyu Ji,Jiadi Yu

DOI: https://doi.org/10.1109/tmc.2021.3133481

IF: 6.075

2021-01-01

IEEE Transactions on Mobile Computing

Abstract:Near-field communication (NFC) technology emerges as a vital role with appealing benefits for users to improve mobile device’s functionality. Although today’s most smartphones and smartwatches come with NFC support, other mobile devices (e.g., PC and laptops) and IoT devices that don’t equip with dedicated radio modules cannot take advantage of wide-scale NFC capability. We design and develop MagneComm+ , an NFC-like implementation scheme without dedicated hardware and propose a novel near-field communication protocol that is applicable to almost all mobile devices and IoT devices. The key idea is to utilize the electromagnetic induction (EMI) signal emitted from the computing devices (e.g., CPUs) and captured by magnetometers on mobile devices for communication. We tackle challenges in data encoding/decoding , preamble detection , retransmission and error correction , multi-transmitter , and full-duplex schemes, to efficiently generate and reliably receive EMI signal with the hardware available on devices. We prototype MagneComm+ on both between laptops and smartphones, as well as between two laptops with an external magnetometer. Extensive evaluation results show that our MagneComm+ supports around $10~cm$10cm communication distance with average 110 bps (bit per second) data rate on the normal-speed mode, and maximum 17.28 kbps on the full-speed mode.

Dian Ding,Yi-Chao Chen,Xiaoyu Ji,Guangtao Xue

DOI: https://doi.org/10.1109/secon58729.2023.10287495

2023-01-01

Abstract:Smart devices are proliferating in every aspect of our lives, providing convenience but also exposing us to the risk of information leakage at any moment. Attackers can monitor the user and infer private information such as the personality and preferences by stealing the behavior information. In this paper, we investigated the potential threat of information stealing via the leakage current of laptop and electrodes in wearable devices (e.g. smart watches and bracelets). Specifically, the leakage current in the laptop adapter can flow from the metal casing into the human body and be collected by electrodes in wearable devices when the user is using a laptop with a metal casing (e.g. MacBook). We verified the correlation between leakage current and working states of the laptop, where different operations corresponding to different CPU instructions can generate different leakage currents. Based on this, we propose LeakThief, the system consists of three components, leakage current detection, application operation detection and application recognition. The experiments in real-world environment demonstrated that the proposed system is able to recognize 10 common applications with high accuracy, including launching-based (97.5%) and in-application operation-based recognition (83.8%).

Wu Zhou,Yajin Zhou,Michael C. Grace,Xuxian Jiang,Shihong Zou

DOI: https://doi.org/10.1145/2435349.2435377

2013-01-01

Abstract:Mobile applications (or apps) are rapidly growing in number and variety. These apps provide useful features, but also bring certain privacy and security risks. For example, malicious authors may attach destructive payloads to legitimate apps to create so-called "piggybacked" apps and advertise them in various app markets to infect unsuspecting users. To detect them, existing approaches typically employ pair-wise comparison, which unfortunately has limited scalability. In this paper, we present a fast and scalable approach to detect these apps in existing Android markets. Based on the fact that the attached payload is not an integral part of a given app's primary functionality, we propose a module decoupling technique to partition an app's code into primary and non-primary modules. Also, noticing that piggybacked apps share the same primary modules as the original apps, we develop a feature fingerprint technique to extract various semantic features (from primary modules) and convert them into feature vectors. We then construct a metric space and propose a linearithmic search algorithm (with O(n log n) time complexity) to efficiently and scalably detect piggybacked apps. We have implemented a prototype and used it to study 84,767 apps collected from various Android markets in 2011. Our results show that the processing of these apps takes less than nine hours on a single machine. In addition, among these markets, piggybacked apps range from 0.97% to 2.7% (the official Android Market has 1%). Further investigation shows that they are mainly used to steal ad revenue from the original developers and implant malicious payloads (e.g., for remote bot control). These results demonstrate the effectiveness and scalability of our approach.

Jinghui Zhang,Boxi Liang,Hancheng Zhang,Wei Zhang,Zhen Ling,Ming Yang

DOI: https://doi.org/10.1016/j.jisa.2023.103481

IF: 4.96

2023-04-12

Journal of Information Security and Applications

Abstract:Various applications are deployed on mobile smart devices in almost every situations of our life, while in some of these situations sensitive applications are strictly prohibited, such as cameras in cinemas and browsers in examination halls. Real-time recognition of applications running on mobile smart devices is of great significance in these cases. However, most of the existing technologies have the limitation that they require system permissions to obtain the running application list which is banned by mainstream mobile operating systems. Noting that the launch of a certain application will emit a unique pattern of magnetic field, we introduce magnetic field side channel analysis to recognize running applications. However, magnetic field side channel analysis is challenging since it is hard to extract features from magnetic field data without domain experts. Besides, real-time applications identification demands accurate detection of applications launching. To overcome these challenges, we extract robust depth features using autoencoder and implement online application recognition by introducing finite-state machine to identify the application launch window from raw data. The proposed method is evaluated by recognizing 1000 different applications in real environment. The experiment results show that the proposed method is feasible and effective in real-time application identification.

computer science, information systems

Xiaoyu Ji,Yushi Cheng,Wenyuan Xu,Yuehan Chi,Hao Pan,Zhuangdi Zhu,Chuang-Wen You,Yi-Chao Chen,Lili Qiu

DOI: https://doi.org/10.1109/tmc.2021.3092209

IF: 6.075

2021-01-01

IEEE Transactions on Mobile Computing

Abstract:Mobile devices have emerged as the most popular platforms to access information. However, they have also become a major concern of privacy violation and previous researches have demonstrated various approaches to infer user privacy based on mobile devices. In this paper, we study the electromagnetic (EM) emission of a laptop that could be harvested by a commercial-off-the-shelf (COTS) mobile device, e.g., a smartphone. We propose MagAttack, which exploits the electromagnetic side channel of a laptop to guess user activities, i.e., application launching and application operation. The key insight of MagAttack is that applications are discrepant in essence due to the different compositions of instructions, which can be reflected on the CPU power consumption, and thus the corresponding EM emissions. MagAttack is challenging since that EM signals are noisy due to the dynamics of applications and the limited sampling rate of the built-in magnetometers in COTS mobile devices. We overcome these challenges and convert noisy coarse-grained EM signals to robust fine-grained features. We implement MagAttack on both an iOS and an Android smartphone without any hardware modification, and evaluate its performance with 30 popular applications, 30 YouTube videos, and 50 top websites in China. The results demonstrate that MagAttack can recognize aforementioned 30 applications with an average accuracy of 98.6 percent, and identify which video out of the 30 candidates being played with an average accuracy of 97.5 percent and visiting which website among the 50 candidates with an average accuracy of 90.4 percent.

computer science, information systems,telecommunications

Zhaoxuan Li,Ziming Zhao,Rui Zhang,Haoyang Lu,Wenhao Li,Fan Zhang,Siqi Lu,Rui Xue

DOI: https://doi.org/10.1016/j.comnet.2024.110563

IF: 5.493

2024-01-01

Computer Networks

Abstract:The continuous emergence of malware has threatened to the Android platform and user privacy. With the evolution of the Android system and malware, it is challenging to design a method that can accurately identify the categories of sophisticated malware, including known and unknown families, as well as their obfuscated variants, given that they may be newly emerging and lack available detection knowledge. Although some methods try to use anomaly detection and zero-shot technology to identify unseen applications, they are limited to binary classification or lack the robustness, stability, universality, and interpretability in multi-class identification. To this end, we first propose a generic meta-features mining algorithm, which can discover the potential relationships between samples belonging to the same category. Then we present metaNet, a novel method leveraging meta-features to identify sophisticated Android malware. Specifically, metaNet is mainly powered by four components: (i) mExtractor is a feature collector to obtain the static and dynamic features. (ii) mProcessor is taking unique meta-features of each category from extracted features. (iii) mLearner is a machine learning suite that leverages features and meta-features to design and train a classifier called HSU-Net. (iv) mEnforcer is a flexible deployer that identifies categories of malware families in the real world. We implement a prototype of metaNet with 15K lines of Python code and compare it with state-of-the-art (SOTA) methods. The results show that it can not only achieve superior performance in terms of known families (99.52% of accuracy) and unknown families (99.31% of accuracy trained with 80% known families) for binary classification, but also perform well in multi-class identification, i.e., 99.05% and 93.45% of accuracy for known and unknown families, respectively. Furthermore, we deploy and evaluate metaNet in the real world. It can identify applications over an acceptable time and memory overheads, i.e., average of 11.8s and 56MB per sample with a size of 8MB. Also, the few-shot detection and feature perturbation experiments reflect its robustness and stability benefiting from meta-features. Finally, we collect the traffic of 112 decentralized applications (DApps) belonging to 16 categories, such as finance and health, and evaluated metaNet in DApp identification. The results illustrate its applicability across various tasks. That is, it can accurately classify 94.6% and 81.36% of DApp flows in all-known and 80%-known DApp scenarios, respectively, outperforming the SOTA methods.

Chao Shen,Shichao Pei,Zhenyu Yang,Xiaohong G. Guan

DOI: https://doi.org/10.1016/j.cose.2015.06.013

IF: 5.105

2015-01-01

Computers & Security

Abstract:Smartphone onboard sensors, such as the accelerometer and gyroscope, have greatly facilitated people’s life, but these sensors may bring potential security and privacy risk. This paper presents an empirical study of analyzing the characteristics of accelerometer and magnetometer data to infer users’ input on Android smartphones. The rationale behind is that the touch input actions in different positions would cause different levels of posture and motion change of the smartphone. In this work, an Android application was run as a background process to monitor data of motion sensors. Accelerometer data were analyzed to detect the occurrence of input actions on touchscreen. Then the magnetometer data were fused with accelerometer data for inferring the positions of user inputs on touchscreen. Through the mapping relationship from input positions and common layouts of keyboard or number pad, one can easily obtain the inputs. Analyses were conducted using data from three types of smartphones and across various operational scenarios. The results indicated that users’ inputs can be accurately inferred from the sensor data, with the accuracies of 100% for input-action detection and 80% for input inference in some cases. Additional experiments on the effect of smartphone screen size, sampling rate, and training data size were provided to further examine the reliability and practicability of our approach. These findings suggest that readings from accelerometer and magnetometer data could be a powerful side channel for inferring user inputs.

Vincent F. Taylor,Riccardo Spolaor,Mauro Conti,Ivan Martinovic

DOI: https://doi.org/10.1109/tifs.2017.2737970

IF: 7.231

2018-01-01

IEEE Transactions on Information Forensics and Security

Abstract:The apps installed on a smartphone can reveal much information about a user, such as their medical conditions, sexual orientation, or religious beliefs. In addition, the presence or absence of particular apps on a smartphone can inform an adversary, who is intent on attacking the device. In this paper, we show that a passive eavesdropper can feasibly identify smartphone apps by fingerprinting the network traffic that they send. Although SSL/TLS hides the payload of packets, side-channel data, such as packet size and direction is still leaked from encrypted connections. We use machine learning techniques to identify smartphone apps from this side-channel data. In addition to merely fingerprinting and identifying smartphone apps, we investigate how app fingerprints change over time, across devices, and across different versions of apps. In addition, we introduce strategies that enable our app classification system to identify and mitigate the effect of ambiguous traffic, i.e., traffic in common among apps, such as advertisement traffic. We fully implemented a framework to fingerprint apps and ran a thorough set of experiments to assess its performance. We fingerprinted 110 of the most popular apps in the Google Play Store and were able to identify them six months later with up to 96% accuracy. Additionally, we show that app fingerprints persist to varying extents across devices and app versions.

computer science, theory & methods,engineering, electrical & electronic

Jaemin Choi,Insu Kim,Hyosu Kim

DOI: https://doi.org/10.1109/access.2024.3474915

IF: 3.9

2024-10-19

IEEE Access

Abstract:Since the release of MagSafe, which allows magnetic attachment of accessories to smartphones, many vendors have introduced various kinds of MagSafe accessories, including wireless chargers, wallets, car mounts, and coolers. In light of this trend, we introduce MagID, a novel interface to connect physical accessories with software functionalities. For example, when an accessory (e.g., a car mount) is attached, it automatically invokes a specific application (e.g., a navigation app) or performs a certain task that corresponds to the accessory. The main idea of MagID for supporting this functional connection is to identify when and which accessories are attached to or detached from a smartphone. More specifically, based on our observations that MagSafe accessories have different magnetic properties from each other, we design a magnetic sensing-based accessory identification method and further improve its robustness with the combined use of non-magnetic features, e.g., accelerometer, gyroscope, and battery state readings. Our extensive experiments with a prototype implementation of MagID demonstrate that MagID can identify MagSafe accessories with high accuracy on any MagSafe-enabled smartphone and even in noisy environments, while not compromising usability.

computer science, information systems,telecommunications,engineering, electrical & electronic

Jianlin Xu,Yifan Yu,Zhen Chen,Bin Cao,Wenyu Dong,Yu Guo,Junwei Cao

DOI: https://doi.org/10.1109/tst.2013.6574680

2013-01-01

Tsinghua Science & Technology

Abstract:With the explosive increase in mobile apps, more and more threats migrate from traditional PC client to mobile device. Compared with traditional Win+Intel alliance in PC, Android+ARM alliance dominates in Mobile Internet, the apps replace the PC client software as the major target of malicious usage. In this paper, to improve the security status of current mobile apps, we propose a methodology to evaluate mobile apps based on cloud computing platform and data mining. We also present a prototype system named MobSafe to identify the mobile app's virulence or benignancy. Compared with traditional method, such as permission pattern based method, MobSafe combines the dynamic and static analysis methods to comprehensively evaluate an Android app. In the implementation, we adopt Android Security Evaluation Framework (ASEF) and Static Android Analysis Framework (SAAF), the two representative dynamic and static analysis methods, to evaluate the Android apps and estimate the total time needed to evaluate all the apps stored in one mobile app market. Based on the real trace from a commercial mobile app market called AppChina, we can collect the statistics of the number of active Android apps, the average number apps installed in one Android device, and the expanding ratio of mobile apps. As mobile app market serves as the main line of defence against mobile malwares, our evaluation results show that it is practical to use cloud computing platform and data mining to verify all stored apps routinely to filter out malware apps from mobile app markets. As the future work, MobSafe can extensively use machine learning to conduct automotive forensic analysis of mobile apps based on the generated multifaceted data in this stage.

Jinsung Kim,Younghoon Ban,Eunbyeol Ko,Haehyun Cho,Jeong Hyun Yi

DOI: https://doi.org/10.1007/s10207-022-00579-6

2022-02-09

International Journal of Information Security

Abstract:Abstract A lot of malicious applications appears every day, threatening numerous users. Therefore, a surge of studies have been conducted to protect users from newly emerging malware by using machine learning algorithms. Albeit existing machine or deep learning-based Android malware detection approaches achieve high accuracy by using a combination of multiple features, it is not possible to employ them on our mobile devices due to the high cost for using them. In this paper, we propose MAPAS , a malware detection system, that achieves high accuracy and adaptable usages of computing resources. MAPAS analyzes behaviors of malicious applications based on API call graphs of them by using convolution neural networks (CNN). However, MAPAS does not use a classifier model generated by CNN, it only utilizes CNN for discovering common features of API call graphs of malware. For efficiently detecting malware, MAPAS employs a lightweight classifier that calculates a similarity between API call graphs used for malicious activities and API call graphs of applications that are going to be classified. To demonstrate the effectiveness and efficiency of MAPAS , we implement a prototype and thoroughly evaluate it. And, we compare MAPAS with a state-of-the-art Android malware detection approach, MaMaDroid. Our evaluation results demonstrate that MAPAS can classify applications 145.8% faster and uses memory around ten times lower than MaMaDroid. Also, MAPAS achieves higher accuracy (91.27%) than MaMaDroid (84.99%) for detecting unknown malware. In addition, MAPAS can generally detect any type of malware with high accuracy.

computer science, information systems, theory & methods, software engineering

Huiqi Liu,Xiang-Yang Li,Lan Zhang,Yaochen Xie,Zhenan Wu,Qian Dai,Ge Chen,Chunxiao Wan

DOI: https://doi.org/10.1109/tnet.2019.2933269

2019-01-01

IEEE/ACM Transactions on Networking

Abstract:With the proliferation of mobile devices and various sensors (e.g., GPS, magnetometer, accelerometers, gyroscopes) equipped, richer services, e.g. location based services, are provided to users. A series of methods have been proposed to protect the users' privacy, especially the trajectory privacy. Hardware fingerprinting has been demonstrated to be a surprising and effective source for identifying/authenticating devices. In this work, we show that a few data samples collected from the motion sensors are enough to uniquely identify the source mobile device, i.e., the raw motion sensor data serves as a fingerprint of the mobile device. Specifically, we first analytically understand the fingerprinting capacity using features extracted from hardware data. To capture the essential device feature automatically, we design a multi-LSTM neural network to fingerprint mobile device sensor in real-life uses, instead of using handcrafted features by existing work. Using data collected over 6 months, for arbitrary user movements, our fingerprinting model achieves 93 % F -score given one second data, while the state-of-the-art work achieves 79% F-score. Given ten seconds randomly sampled data, our model can achieve 98.8% accuracy. We also propose a novel generative model to modify the original sensor data and yield anonymized data with little fingerprint information while retain good data utility.

Sai Vishwanath Venkatesh,Prasanna D. Kumaran,Joish J Bosco,Pravin R. Kumaar,Vineeth Vijayaraghavan

DOI: https://doi.org/10.48550/arXiv.2102.06511

2021-02-12

Cryptography and Security

Abstract:Smartphones contain information that is more sensitive and personal than those found on computers and laptops. With an increase in the versatility of smartphone functionality, more data has become vulnerable and exposed to attackers. Successful mobile malware attacks could steal a user's location, photos, or even banking information. Due to a lack of post-attack strategies firms also risk going out of business due to data theft. Thus, there is a need besides just detecting malware intrusion in smartphones but to also identify the data that has been stolen to assess, aid in recovery and prevent future attacks. In this paper, we propose an accessible, non-intrusive machine learning solution to not only detect malware intrusion but also identify the type of data stolen for any app under supervision. We do this with Android usage data obtained by utilising publicly available data collection framework- SherLock. We test the performance of our architecture for multiple users on real-world data collected using the same framework. Our architecture exhibits less than 9% inaccuracy in detecting malware and can classify with 83% certainty on the type of data that is being stolen.

Gianmarco Baldini,Gary Steri,Raimondo Giuliani,Vladimir Kyovtorov

DOI: https://doi.org/10.48550/arXiv.1701.07676

2017-01-26

Abstract:Mobile phones identification through their built in components has been demonstrated in literature for various types of sensors including the camera, microphones and accelerometers. The identification is performed by the exploitation of the small but significant differences in the electronic circuits generated during the production process. Thus, these differences become an intrinsic property of the electronic components, which can be detected and become an unique fingerprint of the component and of the mobile phone. In this paper, we investigate the identification of mobile phones through their builtin magnetometers, which has not been reported in literature yet. Magnetometers are stimulated with different waveforms using a solenoid connected to a computer s audio board. The identification is performed analyzing the digital output of the magnetometer through the use of statistical features and the Support Vector Machine (SVM) machine learning algorithm. We prove that this technique can distinguish different models and brands with very high accuracy but it can only distinguish phones of the same model with limited accuracy.

Cryptography and Security

Ding Li,Wenzhong Li,Xiaoliang Wang,Cam-Tu Nguyen,Sanglu Lu

DOI: https://doi.org/10.1016/j.comnet.2020.107372

IF: 5.493

2020-01-01

Computer Networks

Abstract:Despite the increasing popularity of mobile applications and the widespread adoption of encryption techniques, mobile devices are still susceptible to security and privacy risks. In this paper, we propose ActiveTracker, a new type of sniffing attack that can reveal the fine-grained trajectory of userâs mobile app usage from a sniffed encrypted Internet traffic stream. It firstly adopts a sliding window based approach to divide the encrypted traffic stream into a sequence of segments corresponding to different app activities. Then each traffic segment is represented by a normalized temporal-spacial traffic matrix and a traffic spectrum vector. Based on the normalized representation, a deep neural network (DNN) model which consists of an app filter and an activity classifier is developed to extract comprehensive features from the input and uncover the crucial app usage trajectory conducted by the user. By extensive experiments on real-world app usage traffic collected from volunteers and on our synthetic traffic data, we show that the proposed approach achieves up to 79.65% accuracy in recognizing app trajectory over encrypted traffic streams.

Hongwei Xie,Tao Gu,Xianping Tao,Haibo Ye,Jian Lv

DOI: https://doi.org/10.1145/2632048.2632057

2014-01-01

Abstract:Using magnetic field data as fingerprints for localization in indoor environment has become popular in recent years. Particle filter is often used to improve accuracy. However, most of existing particle filter based approaches either are heavily affected by motion estimation errors, which makes the system unreliable, or impose strong restrictions on smartphone such as fixed phone orientation, which is not practical for real-life use. In this paper, we present an indoor localization system named MaLoc, built on our proposed augmented particle filter. We create several innovations on the motion model, the measurement model and the resampling model to enhance the traditional particle filter. To minimize errors in motion estimation and improve the robustness of particle filter, we augment the particle filter with a dynamic step length estimation algorithm and a heuristic particle resampling algorithm. We use a hybrid measurement model which combines a new magnetic fingerprinting model and the existing magnitude fingerprinting model to improve the system performance and avoid calibrating different smartphone magnetometers. In addition, we present a novel localization quality estimation method and a localization failure detection method to address the "Kidnapped Robot Problem" and improve the overall usability. Our experimental studies show that MaLoc achieves a localization accuracy of 1 similar to 2.8m on average in a large building.