Ashwin Rao

Demo: ReCon: Revealing and Controlling PII Leaks in Mobile Network Traffic

It is well known that apps running on mobile devices extensively track and leak users personally identifiable information (PII); however, these users have little visibility into PII leaked through the network traffic generated by their devices, and have poor control over how, when and where that traffic is sent and handled by third parties. In this paper, we present the design, implementation, and evaluation of ReCon: a cross-platform system that reveals PII leaks and gives users control over them without requiring any special privileges or custom OSes. ReCon leverages machine learning to reveal potential PII leaks by inspecting network traffic, and provides a visualization tool to empower users with the ability to control these leaks via blocking or substitution of PII. We evaluate ReCons effectiveness with measurements from controlled experiments using leaks from the 100 most popular iOS, Android, and Windows Phone apps, and via an IRB-approved user study with 92 participants. We show that ReCon is accurate, efficient, and identifies a wider range of PII than previous approaches.

State Space Analysis to Refactor the Mobile Core

A state space analysis of the variables used by the network functions that serve the mobile core provides insights on the multiple roles portrayed by each network function. These insights can be leveraged to modularize and subsequently refactor the network functions that are expected to serve the fifth generation mobile networks (5G). In this paper, we group the variables according to their usage in each network function, then we identify the producers and consumers of these variable groups during the various events triggered to serve the mobile devices. We leverage on the producers and consumers of state changes to propose a publish-subscribe control plane in which the producers and consumers of state changes are the publishers and subscribers respectively.

Building Blocks for an Elastic Mobile Core

The mobile core is currently served by gateways having a convoluted control plane and data plane. We abstract and modularize the key functions of these gateways, and separate the control and data plane in nwEPC, an open source implementation of the mobile access network gateways. We use our custom load balancer for the control plane to demonstrate the elasticity offered by our implementation.

A refactoring approach for optimizing mobile networks

Mobile networks are expected to serve a wide range of verticals, however the Long Term Evolution (LTE) network is optimized for basic mobile operator services only. The network functions serving LTE networks are largely implemented as dedicated single function devices that offer poor customization options. This intrinsic inflexibility makes current LTE networks unable to meet the requirements of future mobile networks. For example, LTE networks experience signaling storms because the signals exchanged by the network functions cannot be optimized according to the current usage pattern of mobile services. Modularizing these network functions would enable a refactoring of the LTE network, allowing operators to compose networks that adapt and evolve with the influx of verticals. In this article, we present a new approach for refactoring the network functions serving LTE networks which can be leveraged to compose a modular mobile network optimized for the verticals using its services. As an example, we demonstrate that deploying network functions at the edge significantly reduces the signals exchanged within a mobile network.

Off-the-Shelf Software-defined Wi-Fi Networks

Wi-Fi networks were one of the first use-cases for Software-defined networking (SDN). However, to deploy a software-defined Wi-Fi network today, one has to rely on research prototypes with availability, documentation, hardware requirements, and scalability issues. To alleviate this situation, we demonstrate two simple techniques to bring SDN functionality to existing Wi-Fi networks and discuss their benefits and short-comings. Researchers can use our techniques to convert their existing Wi-Fi testbeds into software defined Wi-Fi testbeds. Our two techniques thus significantly lower the barrier-to-entry for deploying software-defined Wi-Fi networks.

NoSQL stores for coreless mobile networks

The goals of 5G networks — low latency, high bandwidth, and support for fast mobility — are non-trivial and they demand improvements across all involved technology fields. Researchers are therefore exploring approaches that leverage on network function virtualization and software-defined networking for meeting the demands of verticals expected to use 5G networks. One approach which appears promising is the concept of a coreless mobile network where the key network functions are placed at the edge of the network. In this article we focus on management of the user-context state in a coreless mobile network, and posit that these network functions can use a NoSQL data store for maintaining the user-context and other state variables. We first present an overview of promising NoSQL data stores and evaluate their suitability. We then present the results of benchmarking the Apache Geode data store as an example of a state management solution which could serve a coreless mobile network. During our tests we observe that the Apache Geode data store is, subject to its configuration, capable of delivering the data model, consistency, and high availability required by a coreless mobile network.

The 5D approach to control and manage smart spaces

Our homes, offices, and other spaces are expected to evolve into smart spaces served by devices having varying requirements and capabilities. To efficiently control and manage these devices, their controllers needs to be designed using the correct abstraction for the devices. In this paper, we present an abstraction for the devices in smart spaces, and we use this abstraction to present a 5D—deploy, discovery, decision, dissemination, and data—approach to control and manage smart spaces. We also discuss three approaches to design controllers for smart spaces, and highlight how controllers can leverage recent research in distributed systems. We believe that our abstraction for devices, our 5D approach, and our approaches for designing controllers are building blocks for transforming our spaces to smart spaces.

Spying on Android users through targeted ads

Targeted ads are a vital source of revenue for ad networks, and ad networks compile detailed profiles of users for targeting purposes. This wealth of private information can motivate an attacker to spy on a victim by sampling the victims information available at the ad networks. In this paper, we explore the possibility to spy on an Android user by requesting ads targeted at that user. During our controlled experiments, an attacker was able to remotely request and receive mobile ads using a leaked identifier belonging to their victim. The lack of targeted ads from some of the studied ad networks, which we believe to be partly caused by our geographical location, restricts us from drawing strong conclusions on the success of such an attack. However, we believe that our methodology can be used to perform similar experiments to explore the success in spying on Android users through targeted ads.