PRIVATE INFORMATION EXPOSURE IN ONLINE SOCIAL NETWORKS WITH IOS, ANDROID AND SYMBIAN MOBILE DEVICES Security and Cooperation in Wireless Networks Laboratory For Communications and Applications1 Mini Project Final Presentation Supervisors: Igor Bilogrevic Mathias Humbert Vassilis Agrafiotis – Communication Systems MA3 1/17
PRIVATE INFORMATION EXPOSURE IN ONLINE SOCIAL NETWORKS WITH IOS, ANDROID AND SYMBIAN MOBILE DEVICES Security and Cooperation in Wireless Networks Laboratory.
Jan 18, 2016
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
PRIVATE INFORMATION EXPOSURE IN ONLINE SOCIAL NETWORKS WITH IOS, ANDROID AND SYMBIAN MOBILE DEVICES
Security and Cooperation in Wireless NetworksLaboratory For Communications and Applications1Mini Project Final PresentationSupervisors: Igor Bilogrevic
Mathias Humbert
Vassilis Agrafiotis – Communication
Systems MA3
1/17
Roadmap
Motivation and Introduction Set Up Methodology Results
Privacy Risk Scale Results Summary
Conclusion and Improvements
2
Motivation
To which extent is Privacy respected within Online Social Networks (OSN) ?
Study by looking for Private information disclosure in mobile OSNs
For some mobile platforms, different social networks require unnecessary personal – private information in order to perform an action.
Simulation and traffic analysis project
3
Introduction
Selection of OSNs to investigate according to their popularity
4
Introduction
Mobile Platforms studied:iOS, Android, Symbian
Access OSN and record traffic from mobile web browser mobile Application if available
5
Set Up6
Set Up7
Methodology
Fake accounts for every OSN created
Set of possible actions defined within each OSN
Manually simulated execution for every OSN
Network traffic captured using WireShark
8
Methodology
Traffic traces analyzed using a Java parser
Specific format information ex. email Coordinate like decimals
Further analysis with manual inspection of traces
9
Methodology
A lot of traces were encrypted In this case, we collected also traffic by
accessing the OSNs through a PC for comparison
During the sniffing stage, we recorded the usage of GPS by noticing the GPS flash indication on the Smartphone
10
Privacy Risk Scale11
Results
In overall no major privacy violation discovered
Most of the traffic was encrypted Thus unable to accurately determine traffic
content Threat: what information is actually sent?
Type of information exchanged between SmartPhone and OSN are platform indepedent
12
13
Results 14
Results15
Results16
Conclusion and Improvements Popular OSNs are taking privacy seriously, but
still place to improveEncrypted traffic may be a 2-headed feature
Extend our study to others OSNs
Use emulator to simulate the execution and the usage of OSNs
TEMA project for Android platform
Record system calls in order to have more evidence about the type of information sent to OSNs servers
17
Related Documents
