Smartphone User Fingerprinting on Wireless Traffic
- URL: http://arxiv.org/abs/2511.03229v1
- Date: Wed, 05 Nov 2025 06:36:16 GMT
- Title: Smartphone User Fingerprinting on Wireless Traffic
- Authors: Yong Huang, Zhibo Dong, Xiaoguang Yang, Dalong Zhang, Qingxian Wang, Zhihua Wang,
- Abstract summary: We propose U-Print, a novel attack system that can passively recognize smartphone apps, actions, and users from over-the-air MAC-layer frames.<n>U-Print achieves an overall accuracy of 98.4% and an F1 score of 0.983 for user inference.
- Score: 6.908883602224336
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Due to the openness of the wireless medium, smartphone users are susceptible to user privacy attacks, where user privacy information is inferred from encrypted Wi-Fi wireless traffic. Existing attacks are limited to recognizing mobile apps and their actions and cannot infer the smartphone user identity, a fundamental part of user privacy. To overcome this limitation, we propose U-Print, a novel attack system that can passively recognize smartphone apps, actions, and users from over-the-air MAC-layer frames. We observe that smartphone users usually prefer different add-on apps and in-app actions, yielding different changing patterns in Wi-Fi traffic. U-Print first extracts multi-level traffic features and exploits customized temporal convolutional networks to recognize smartphone apps and actions, thus producing users' behavior sequences. Then, it leverages the silhouette coefficient method to determine the number of users and applies the k-means clustering to profile and identify smartphone users. We implement U-Print using a laptop with a Kali dual-band wireless network card and evaluate it in three real-world environments. U-Print achieves an overall accuracy of 98.4% and an F1 score of 0.983 for user inference. Moreover, it can correctly recognize up to 96% of apps and actions in the closed world and more than 86% in the open world.
Related papers
- DNS Query Forgery: A Client-Side Defense Against Mobile App Traffic Profiling [0.7619637511583491]
Mobile applications generate DNS queries that can reveal user behavioral patterns even when communications are encrypted.<n>This paper presents a privacy enhancement framework based on query forgery to protect users against profiling attempts.
arXiv Detail & Related papers (2025-05-14T13:25:19Z) - Fingerprinting and Tracing Shadows: The Development and Impact of Browser Fingerprinting on Digital Privacy [55.2480439325792]
Browser fingerprinting is a growing technique for identifying and tracking users online without traditional methods like cookies.
This paper gives an overview by examining the various fingerprinting techniques and analyzes the entropy and uniqueness of the collected data.
arXiv Detail & Related papers (2024-11-18T20:32:31Z) - Eavesdropping Mobile Apps and Actions through Wireless Traffic in the Open World [4.055413037442821]
Existing traffic analysis attacks mainly target TCP/IP layers or are limited to the closed-world assumption.
We propose MACPrint, a novel system that infers mobile apps and in-app actions based on WiFi MAC layer traffic in the open-world setting.
The experimental results show that MAC-Print can achieve an accuracy of over 96% for recognizing apps and actions in the closed-world setting, and obtains an accuracy of over 86% in the open-world setting.
arXiv Detail & Related papers (2024-08-14T03:03:05Z) - Keep your Identity Small: Privacy-preserving Client-side Fingerprinting [0.0]
Device fingerprinting is a widely used technique that allows a third party to identify a particular device.
One of its most widespread uses is to identify users visiting different websites and thus build their browsing history.
This constitutes a specific type of web tracking that poses a threat to users' privacy.
We propose Privacy-preserving Client-side Fingerprinting (PCF), a new method that allows device fingerprinting on the web, while blocks the possibility of performing web tracking.
arXiv Detail & Related papers (2023-09-14T09:45:29Z) - SqueezerFaceNet: Reducing a Small Face Recognition CNN Even More Via
Filter Pruning [55.84746218227712]
We develop SqueezerFaceNet, a light face recognition network which less than 1M parameters.
We show that it can be further reduced (up to 40%) without an appreciable loss in performance.
arXiv Detail & Related papers (2023-07-20T08:38:50Z) - mPSAuth: Privacy-Preserving and Scalable Authentication for Mobile Web
Applications [0.0]
mPSAuth is an approach for continuously tracking various data sources reflecting user behavior and estimating the likelihood of the current user being legitimate.
We show that mPSAuth can provide high accuracy with low encryption and communication overhead, while the effort for the inference is increased to a tolerable extent.
arXiv Detail & Related papers (2022-10-07T12:49:34Z) - Cross-Network Social User Embedding with Hybrid Differential Privacy
Guarantees [81.6471440778355]
We propose a Cross-network Social User Embedding framework, namely DP-CroSUE, to learn the comprehensive representations of users in a privacy-preserving way.
In particular, for each heterogeneous social network, we first introduce a hybrid differential privacy notion to capture the variation of privacy expectations for heterogeneous data types.
To further enhance user embeddings, a novel cross-network GCN embedding model is designed to transfer knowledge across networks through those aligned users.
arXiv Detail & Related papers (2022-09-04T06:22:37Z) - Privacy-Preserving Face Recognition with Learnable Privacy Budgets in
Frequency Domain [77.8858706250075]
This paper proposes a privacy-preserving face recognition method using differential privacy in the frequency domain.
Our method performs very well with several classical face recognition test sets.
arXiv Detail & Related papers (2022-07-15T07:15:36Z) - Locally Authenticated Privacy-preserving Voice Input [10.82818142802482]
Service providers must authenticate their users, although individuals may wish to maintain privacy.
Preserving privacy while performing authentication is challenging, particularly where adversaries can use biometric data to train transformation tools.
We introduce a secure, flexible privacy-preserving system to capture and store an on-device fingerprint of the users' raw signals.
arXiv Detail & Related papers (2022-05-27T14:56:01Z) - Mobile Behavioral Biometrics for Passive Authentication [65.94403066225384]
This work carries out a comparative analysis of unimodal and multimodal behavioral biometric traits.
Experiments are performed over HuMIdb, one of the largest and most comprehensive freely available mobile user interaction databases.
In our experiments, the most discriminative background sensor is the magnetometer, whereas among touch tasks the best results are achieved with keystroke.
arXiv Detail & Related papers (2022-03-14T17:05:59Z) - Decentralized Privacy-Preserving Proximity Tracing [50.27258414960402]
DP3T provides a technological foundation to help slow the spread of SARS-CoV-2.
System aims to minimise privacy and security risks for individuals and communities.
arXiv Detail & Related papers (2020-05-25T12:32:02Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.