ReCon: Revealing and Controlling PII Leaks in Mobile Network Traffic

TL;DR

ReCon is a cross-platform system that detects and controls PII leaks in mobile network traffic, enhancing user visibility and privacy without requiring special privileges or custom OS modifications.

Contribution

ReCon introduces a machine learning-based approach and visualization tools for revealing and controlling PII leaks across multiple mobile platforms without special privileges.

Findings

ReCon accurately detects a wide range of PII leaks.

It is effective across iOS, Android, and Windows Phone.

User study shows improved user control over PII leaks.

Abstract

It is well known that apps running on mobile devices extensively track and leak users' personally identifiable information (PII); however, these users have little visibility into PII leaked through the network traffic generated by their devices, and have poor control over how, when and where that traffic is sent and handled by third parties. In this paper, we present the design, implementation, and evaluation of ReCon: a cross-platform system that reveals PII leaks and gives users control over them without requiring any special privileges or custom OSes. ReCon leverages machine learning to reveal potential PII leaks by inspecting network traffic, and provides a visualization tool to empower users with the ability to control these leaks via blocking or substitution of PII. We evaluate ReCon's effectiveness with measurements from controlled experiments using leaks from the 100 most popular iOS, Android, and Windows Phone apps, and via an IRB-approved user study with 92 participants. We show that ReCon is accurate, efficient, and identifies a wider range of PII than previous approaches.