Multi-platform system identifies PII leaks on mobile devices
Fri 30 Oct 2015
A system has been devised to reveal PII (Personal Identifiable Information) leaks on mobile devices.
The innovation is called ReCon, a cross-platform system that shows PII leaks by inspecting network traffic. It also allows users to control the leaks via a visualisation tool. Such PII includes location, contact information, usernames and passwords.
ReCon picks out user identifiers which are used in tracking, geolocation leaks, unsafe password transmissions and personal information such as name, address, gender and relationship status. The information gleaned is then made available to the user through a private web page: the user can then say whether these leaks should be blocked or modified.
Initial tests were carried out on to determine the levels of PII leakage from Android, iPhone and Windows Phone devices. Manual tests were run on the 100 most popular free apps from the stores for these phones (Google Play, iOS App Store and Windows Phone Store). In addition, automated tests were run on 850 of the top 1000 Android apps from Android market AppsApk.com.
To capture the privacy leaks, Meddle was used – Meddle provides visibility into network traffic through redirection (all device traffic is sent to a proxy server by using native support for virtual private network tunnels).
The results of these tests found that of the top 100 apps, 16 of these were available on all three operating systems, and out of these 16, 11 apps leaked PII in plaintext on at least one OS. Two apps leaked PII on all three OSes, five leaked PII in one OS and four leaked PII in two of the three OSes. Tests also found that 6 iOS apps, two Android apps and one Windows app sent PII to trackers over an SSL (Secure Sockets Layer), a protocol that provides a secure channel between two machines operating over the internet or an internal network.
The tests concluded that popular iOS apps leaked location data more often than other OSes while Android and Windows apps were more likely to leak the identifiers of the device. User identifiers and credentials were leaked across all platforms. Altogether, the chief issue with current OSes is that they don’t provide enough visibility of PII leaks – nor do they provide enough ways to control the leaks. The end result of this is that amounts of potentially sensitive information is being transferred from these devices and the user can’t do anything about it.
However, ReCon can combat this problem. The tool can detect such PII leaks, show how the user information is being shared with sites, and allows the user to change the information that’s been shared. In setting up ReCon, four key goals were listed: To accurately identify PII in network flows; To improve the awareness of this problem by presenting the data to users; To improve classification of sensitive PII based on user feedback; and to allow users the opportunity to change these flaws by modifying or removing PII. To achieve the first three aims, ReCon uses network trace analysis, machine learning and user feedback. And to achieve the last aim, users are provided with an interface to block or modify PII shared over the network. ReCon allows the user to instruct the system to substitute the PII with either replacement text or a blank space for future flows. The user can also specify blocking or replacement of PII based on the PII category, domain or app – thus protecting users’ PII for future network activity.
The ReCon system offers a number of benefits. It only needs access to network traffic to identify and modify the leaks, and so admits various deployment models – for example, in home devices, in the cloud, in an ISP or on a mobile device.
ReCon identifies more PII than static and dynamic information-flow analysis techniques. It has learned from the results of these approaches to improve the coverage of the PII leaks. Altogether, it offers an efficient and accurate identification of substantial amounts of PII leaks.