|
Many of today's mobile services build mobile communities of users who share their valuable experiences and data. Examples include traffic incidents (Waze), restaurant reviews (Yelp, FourSquare), anonymous social networks (Whisper, Yik Yak), and even dating (Tinder, Bumble). Unfortunately, new threats can compromise and manipulate these communities, using lightweight software to mimic mobile devices. The resesarchers have shown how attackers can eavesdrop on mobile network traffic, learn their patterns, and write software to emulate mobile devices running the application. This amplifies existing attacks by multiple orders of magnitude, and allows attackers with limited resources to overwhelm mobile communities using millions of emulated devices under their control. These devices are difficult to detect, and completely cripple entire mobile systems, or manipulate them for the attacker's personal gain. Preliminary work showed that such an attack on Waze, Google's crowdsourced traffic navigation application, enabled fine grained GPS-level tracking of large user populations. Similar vulnerabilities apply to Yelp, Tinder, Uber, and others, with consequences ranging from manipulating/censoring content, theft of monetary incentives, to completely crippling the service.
The work described in this proposal seeks a better understanding of the threat of software-emulated devices to mobile communities, and explores systematic defenses against them. The researchers will develop defenses that detect large-scale attacks and limit their impact to that of single misbehaving devices, using three orthogonal approaches: a) a centralized infrastructure-based solution, that uses hidden patterns in aggregate user data to authenticate mobile devices; b) hardware solutions that extracts device-specific sensor data using platform APIs, and compares them to known models of hardware data models; and c) application-level solutions that use unsupervised learning to automatically detect similarity clusters in devices, based on analysis of user behavior (clickstreams) and physical mobility trace.
Continuation of Award #: 1705042
|
SaTC: CORE: Medium: Collaborative: Defending against Compromise and Manipulation of Mobile Communities