Please use this identifier to cite or link to this item: http://hdl.handle.net/10397/99846
PIRA download icon_1.1View/Download Full Text
DC FieldValueLanguage
dc.contributorDepartment of Computingen_US
dc.creatorLi, Jen_US
dc.creatorZhou, Hen_US
dc.creatorWu, Sen_US
dc.creatorLuo, Xen_US
dc.creatorWang, Ten_US
dc.creatorZhan, Xen_US
dc.creatorMa, Xen_US
dc.date.accessioned2023-07-24T01:02:59Z-
dc.date.available2023-07-24T01:02:59Z-
dc.identifier.isbn978-1-939133-31-1en_US
dc.identifier.urihttp://hdl.handle.net/10397/99846-
dc.description31st USENIX Security Symposium, August 10–12, 2022, Boston, MA, USAen_US
dc.language.isoenen_US
dc.rights© Author(s)en_US
dc.rightsThe following publication Li, J., Zhou, H., Wu, S., Luo, X., Wang, T., Zhan, X., & Ma, X. (2022). FOAP : fine-grained open-world android app fingerprinting. In 31st USENIX Security Symposium (USENIX Security 22) (pp. 1579-1596) is available at https://www.usenix.org/conference/usenixsecurity22/presentation/li-jianfengen_US
dc.titleFOAP : fine-grained open-world android app fingerprintingen_US
dc.typeConference Paperen_US
dc.identifier.spage1579en_US
dc.identifier.epage1596en_US
dcterms.abstractDespite the widespread adoption of encrypted communication for mobile apps, adversaries can still identify apps or infer selected user activities of interest from encrypted mobile traffic via app fingerprinting (AF) attacks. However, most existing AF techniques only work under the closed-world assumption, thereby suffering potential precision decline when faced with apps unseen during model training. Moreover, serious privacy leakage often occurs when users conduct some sensitive operations, which are closely associated with specific UI components. Unfortunately, existing AF techniques are too coarse-grained to acquire such fine-grained sensitive information. In this paper, we take the first step to identify method-level fine-grained user action of Android apps in the open-world setting and present a systematic solution, dubbed FOAP, to address the above limitations. First, to effectively reduce false positive risks in the open-world setting, we propose a novel metric, named structural similarity, to adaptively filter out traffic segments irrelevant to the app of interest. Second, FOAP achieves fine-grained user action identification via synthesizing traffic and binary analysis. Specifically, FOAP identifies user actions on specific UI components through inferring entry point methods correlated with them. Extensive evaluations and case studies demonstrate that FOAP is not only reasonably accurate but also practical in fine-grained user activity inference and user privacy analysis.en_US
dcterms.accessRightsopen accessen_US
dcterms.bibliographicCitationIn Proceedings of the 31st USENIX Security Symposium, August 10–12, 2022, Boston, MA, USA, p. 1579-1596en_US
dcterms.issued2022-
dc.relation.conferenceUSENIX Security Symposium [USENIX Security]en_US
dc.description.validate202307 bcwwen_US
dc.description.oaVersion of Recorden_US
dc.identifier.FolderNumbera2291-
dc.identifier.SubFormID47372-
dc.description.fundingSourceSelf-fundeden_US
dc.description.pubStatusPublisheden_US
dc.description.oaCategoryCopyright retained by authoren_US
Appears in Collections:Conference Paper
Files in This Item:
File Description SizeFormat 
sec22-li-jianfeng.pdf1.35 MBAdobe PDFView/Open
Open Access Information
Status open access
File Version Version of Record
Access
View full-text via PolyU eLinks SFX Query
Show simple item record

Page views

129
Citations as of Oct 6, 2025

Downloads

57
Citations as of Oct 6, 2025

Google ScholarTM

Check


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.