权益分类	功能权益	普通用户	{{item.name}}会员
{{category.name}}	{{benefitItem.name}}

SaTC: CORE: Small: Collaborative: A Multi-Layer Learning Approach to Mobile Traffic Filtering

SaTC：核心：小型：协作：移动流量过滤的多层学习方法

基本信息

批准号：
2102347
负责人：
Zubair Shafiq
金额：
$ 22.75万
依托单位：
University of California-Davis
依托单位国家：
美国
项目类别：
Standard Grant
财政年份：
2020
资助国家：
美国
起止时间：
2020-08-07 至 2022-09-30
项目状态：
已结题

来源：
https://www.nsf.gov/awardsearch/showAward?AWD_ID=2102347&HistoricalAwards=false
关键词：
SaTC CORE Small Collaborative Multi

项目摘要

The mobile ecosystem has become an attractive target for various types of abuses. For instance, many mobile applications leak sensitive user information, such as email addresses and location, which is a privacy issue. Second, attackers routinely disguise malware in seemingly legitimate mobile apps to launch attacks, which poses security threats. Third, many mobile apps and sites push intrusive und undesirable ads, such as auto-play and pop-ups, which harm usability. The objective of this project is to defend against these abuses in the mobile ecosystem through real-time on-device filtering of network traffic on a mobile device.The project performs multi-layer network traffic analysis with help of machine learning. It extracts features and train learning models to produce filtering rules, which can be applied on the device. Filtering on the mobile device is particularly challenging due to limited resources, lack of visibility into packet payload, and potential collateral damage on the affected apps. The filtering approach used is envisioned as universal (i.e., applicable across all apps), automated (compared to the current practice of manually maintained privacy related data), adaptive (to the ever-changing threats), and user-centric (i.e., customized per user) while leveraging collaboration among users. The general framework will be validate in three case studies against the following abuse scenarios in the mobile ecosystem: (i) intrusive ads (ii) privacy leaks (iii) malvertising. This project is excepted to enhance the usability, privacy, and security of the mobile ecosystem and will inform policies and practices on mobile data transparency.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

移动生态系统已成为各种滥用行为的有吸引力的目标。例如，许多移动应用程序会泄露敏感的用户信息，例如电子邮件地址和位置，这是一个隐私问题。其次，攻击者经常在看似合法的移动应用程序中伪装恶意软件来发起攻击，这构成了安全威胁。第三，许多移动应用程序和网站都会推送侵入性和不良广告，例如自动播放和弹出窗口，这会损害可用性。该项目的目标是通过对移动设备上的网络流量进行实时设备过滤来防御移动生态系统中的这些滥用行为。该项目在机器学习的帮助下执行多层网络流量分析。它提取特征并训练学习模型以生成可以在设备上应用的过滤规则。由于资源有限、缺乏对数据包有效负载的可见性以及受影响应用程序的潜在附带损害，移动设备上的过滤尤其具有挑战性。所使用的过滤方法被设想为通用的（即适用于所有应用程序）、自动化的（与当前手动维护隐私相关数据的做法相比）、自适应的（针对不断变化的威胁）和以用户为中心的（即为每个用户定制），同时利用用户之间的协作。总体框架将在三个案例研究中针对移动生态系统中的以下滥用场景进行验证：(i) 侵入性广告 (ii) 隐私泄露 (iii) 恶意广告。该项目旨在增强移动生态系统的可用性、隐私和安全性，并将为移动数据透明度的政策和实践提供信息。该奖项反映了 NSF 的法定使命，并通过使用基金会的智力价值和更广泛的影响审查标准进行评估，被认为值得支持。