# Robust Smartphone App Identification Via Encrypted Network Traffic   Analysis

**Authors:** Vincent F. Taylor, Riccardo Spolaor, Mauro conti, Ivan, Martinovic

arXiv: 1704.06099 · 2017-04-21

## TL;DR

This paper demonstrates that encrypted network traffic analysis can effectively fingerprint and identify smartphone apps with high accuracy, even over time and across devices, raising privacy concerns.

## Contribution

It introduces a machine learning-based framework for app fingerprinting from encrypted traffic and explores its robustness over time, devices, and app versions.

## Key findings

- Achieved up to 96% accuracy in app identification after six months.
- App fingerprints persist across different devices and app versions.
- Strategies developed to mitigate ambiguous traffic effects.

## Abstract

The apps installed on a smartphone can reveal much information about a user, such as their medical conditions, sexual orientation, or religious beliefs. Additionally, the presence or absence of particular apps on a smartphone can inform an adversary who is intent on attacking the device. In this paper, we show that a passive eavesdropper can feasibly identify smartphone apps by fingerprinting the network traffic that they send. Although SSL/TLS hides the payload of packets, side-channel data such as packet size and direction is still leaked from encrypted connections. We use machine learning techniques to identify smartphone apps from this side-channel data. In addition to merely fingerprinting and identifying smartphone apps, we investigate how app fingerprints change over time, across devices and across different versions of apps. Additionally, we introduce strategies that enable our app classification system to identify and mitigate the effect of ambiguous traffic, i.e., traffic in common among apps such as advertisement traffic. We fully implemented a framework to fingerprint apps and ran a thorough set of experiments to assess its performance. We fingerprinted 110 of the most popular apps in the Google Play Store and were able to identify them six months later with up to 96% accuracy. Additionally, we show that app fingerprints persist to varying extents across devices and app versions.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1704.06099/full.md

## Figures

13 figures with captions in the complete paper: https://tomesphere.com/paper/1704.06099/full.md

## References

30 references — full list in the complete paper: https://tomesphere.com/paper/1704.06099/full.md

---
Source: https://tomesphere.com/paper/1704.06099