Network Traffic Filtering against Advertising and Tracking

Research Description

In this project, we collect and analyze network traffic generated by devices at the edge of the network (including mobile devices, smartTV platforms, web browsers and IoT devices), and we seek to understand and eventually defend against advertising and tracking services (a.k.a. “ATS”). We extract features from multiple layers (at least from the network and often from applications as well) and we train machine learning models that can used for real-time detection and blocking of advertising and tracking, anomaly detection, and other purposes. Here is the NSF Abstract. Below is a description of our research activities per type of end-device/platform.

Network Traffic from Mobile Devices. [webpage]

The goal of this research thrust is to analyze the network traffic generated by mobile apps on mobile devices, and to train classifiers for the real-time detection and blocking of ads, tracking and personal information exposure. More information, code and datasets can be found on the NoMoAds webpage.

A. Shuba, A. Markopoulou, Z. Shafiq, “NoMoAds:Effective and Efficient Cross-App Mobile Ad-Blocking”, the Andreas Pfitzmann best student paper award, in the Privacy Enhancing Technologies Symposium (PETS) 2018, Issue 4, July 2018, Barcelona, Spain.[ Video | Code | Dataset ]
A. Shuba, A. Markopoulou, “NoMoATS: Towards Automatic Detection of Mobile Tracking“, Proceedings of Privacy Enhancing Technologies Symposium (PETS/PoPETS) 2020, Issue 2, pp.45-66, May 2020, Montreal, Canada. [ Video | Code | Dataset ]
Evita Bakopoulou, Anastasia Shuba, Athina Markopoulou, “Exposures Exposed: A Measurement and User Study to Assess Mobile Data Privacy in Context”, in arxiv.org/abs/2008.08973 , August 2020.

Network Traffic from SmartTVs. [webpage]

In this research thrust, we collect and analyze network traffic generated by apps running on a number of smartTV platforms, and we seek to understand the smartTV ad&tracking ecosystem. More information, code and datasets can be found on the SmartTV webpage.

J. Varmarken, H. Le, A. Shuba, A. Markopoulou, Z. Shafiq, “The TV is Smart and Full of Trackers: Measuring Smart TV Advertising and Tracking“, Proceedings of Privacy Enhancing Technologies Symposium (PETS/PoPETS) 2020, Issue 2, pp. 129-154, May 2020. [Video | Dataset | Tools: Rokustic, Firetastic ]

Network Traffic from SmartHome IoT Devices. [webpage]

In this research thrust, we collect and analyze the network traffic generated by a large number of SmartHome/IoT devices. We seek to fingerprint devices and commands, we well as to develop tools for anomaly detection. More information, code and datasets can be found on the PingPong webpage.

R. Trimananda, J. Varmarken, A. Markopoulou, B. Demsky, “Packet-Level Signatures for Smart Home Devices“, Proceedings of Network and Distributed System Security Symposium (NDSS) 2020. February 2020, San Diego, CA. (acceptance rate ~18%) [slides] [dataset] [software]

Network Traffic from Browsers.[webpage]

In this research thrust, we seek to provide new tools for the users to protect themselves against advertisers and trackers. In our prior NoMoAds and NoMoATS works, we monitored and filtered network traffic from mobile apps to advertising and tracking domains. Here extract features not only from the network layer (HTTP requests) but also from the browser (e.g., DOM and page source). We also look beyond ad-blocking into ad-circumvention. More information, code and datasets can be found on the CV-Inspector webpage.

H. Le, A. Markopoulou, Z. Shafiq, “CV-Inspector: Towards Automating Detection of Adblock Circumvention”, to appear in The Network and Distributed System Security Symposium (NDSS) 2021. February 2021. [preprint, Slides, Adblocker Dev Summit 2020 Talk]

Network Traffic from VR Devices.[webpage]

In this research thrust, we collect and analyze the network traffic generated by VR devices. In particular, we collect and analyze network traffic generated by apps running on the Oculus platform, the leading platform in the VR space. We seek to provide the first comprehensive analysis of personal data exposed by VR apps and the platform itself, from a combined networking and privacy policy perspective. More information, code and datasets can be found on the OVRseen webpage.

R. Trimananda, H. Le, H. Cui, J. T. Ho, A. Shuba, A. Markopoulou, “OVRSeen: Auditing Network Traffic and Privacy Policies in Oculus VR”, Proceedings of the 31st USENIX Conference on Security Symposium (SEC) 2022. August 2022, Boston, USA. [ Paper | USENIX page | Release Page | Datasets | Github | Artifact Appendix | ArXiv (extended version) ]

Team

PI: Athina Markopoulou, EECS Dept.
Collaborator: Prof. Zubair Shafiq at UC Davis.
Hieu Le, grad student, PhD student in EECS.
Janus Varmarken, grad student, PhD in Networked Systems.
Jad Al Aaraj, grad student, PhD student in EECS.
Rahmadi Trimananda, postdoc in EECS, UCI.
Janice Ho: undergraduate research

Past Members

Anastasia Shuba, PhD Thesis “Mobile Data Transparency and Control”, EECS, UCI 2019; currently with Broadcom, Los Angeles.
Qingchuan Yang, Yiyu Qian: undergraduate research

Acknowledgements: This material is based upon work supported by the National Science Foundation under Grant No. 1815666: ” SaTC: CORE: Small: Collaborative: A Multi-Layer Learning Approach to Mobile Traffic Filtering”, Oct. 1, 2018-Sept. 31, 2021.

Disclaimer: Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.

Point of Contact: please contact the PI, A. Markopoulou.

Last Updated: Jan. 3rd, 2020