October 20, 2016
Narseo Vallina-Rodriguez
As a society we have come to rely upon our mobile phones for myriad daily tasks. It is striking how little insight we, as mobile users and researchers, have into the operation of our devices, apps and network, into how (or whether) they protect the information we entrust to them, and with whom they share it. The research community (including the speaker) have energetically used a variety of approaches to gain empirical understanding of the mobile device/network ecosystem; however, these techniques have had to make tradeoffs that affect either the scale, scope or granularity of measurements. This talk describes how we leverage ideas from this prior work to design and develop the ICSI Haystack: a user-space mobile traffic measurement platform that is comprehensive and localized to the device so that it overcomes the barriers of previous research efforts. The talk will demonstrate its utility to researchers and average users alike by discussing future research lines and providing three case studies: privacy leak detection, identifying previously unreported third-party tracking and advertising services, and characterizing how mobile apps use TLS in the wild.