Accession Number:

AD1099580

Title:

RECON: Revealing and Controlling Privacy Leaks from Network Traffic

Descriptive Note:

Technical Report,01 Feb 2017,29 Nov 2019

Corporate Author:

Northeastern University Boston United States

Personal Author(s):

• Choffnes,David

Report Date:

2020-05-20

Pagination or Media Count:

27.0

Abstract:

ReCon enables the auditing of PII leaks, addressing the key challenges of how to identify and control PII leaks when users PII is not known a priori, nor is the set of apps or devices that leak this information. First, to enable auditing through improved transparency, we investigated how to use machine learning to reliably identify PII from network flows of mobile apps. Second, we extended our approach to IoT devices. Since IoT traffic is mostly encrypted, we developed tools and techniques for measuring the privacy exposure based on traffic patterns. We released L-ReCon, software for detecting PII leakage from consumer routers, and MonIoTr, software for collecting and characterizing network traffic for IoT devices.

Descriptors:

• mobile software
• network protocols
• recognition
• mobile operating systems
• computer programs
• internet of things
• mobile application software
• local area networks
• mobile devices
• machine learning
• mobile phones
• smartphones

Subject Categories:

• Military Operations, Strategy and Tactics
• Computer Systems

Distribution Statement:

APPROVED FOR PUBLIC RELEASE