A Recommendation System for Predicting Privacy Leaks in Mobile Traffic

Today’s smart phones have access to personal stored data, including personally identifiable information (PII) that can be used to uniquely identify users. It is well-known that a wide range of mobile applications transmit this data to remote servers, including their own servers, third-party advertisers, and trackers, which clearly poses a threat to user privacy. The present study’s goal is to detect PII in packets transmitted out of a mobile device, referred to as “privacy leaks”. This study build on prior work that developed systems for intercepting each network packet and inspecting it to detect PII, typically using deep-packet inspection (DPI) and/or machine learning techniques. This thesis, develop a lightweight mechanism that can predict if an outgoing packet contains any PII, based on minimal information, namely (i) the application name (package name) that generated the packet and (ii) the second-level destination domain. The problem is formulated as a recommendation system combining baseline and neighborhood predictors that exploit the similarity of mobile app behavior and PII leak types. Two different datasets of popular apps are used to get insights into privacy leak patterns. It is shown that the present framework can successfully detect 89% and 84% of PII in network packets on average while achieving F1 score as high as 0.97 and 0.91 in both datasets.