Your clicks reveal your secrets: a novel user-device linking method through network and visual data

Guo, Naixuan; Luo, Junzhou; Ling, Zhen; Yang, Ming; Wu, Wenjia; Fu, Xinwen

doi:10.1007/s11042-018-6815-6

Cited by 4 publications

(1 citation statement)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We find that the messages are transmitted in the gate servers' flow one by one as the user sends them sequentially. As mentioned in [9,10], one message consists of a series of successive packets with short time interval and similar packet number in one application. In addition, since network traffic is encrypted between clients and gate servers, we cannot derive the plaintext of messages from the network traffic.…”

Section: Observation Of Im Application Network Trafficmentioning

confidence: 99%

A Novel IM Sync Message-Based Cross-Device Tracking

Guo

Luo

Ling

et al. 2020

Security and Communication Networks

Self Cite

View full text Add to dashboard Cite

Cybercrime is significantly growing as the development of internet technology. To mitigate this issue, the law enforcement adopts network surveillance technology to track a suspect and derive the online profile. However, the traditional network surveillance using the single-device tracking method can only acquire part of a suspect’s online activities. With the emergence of different types of devices (e.g., personal computers, mobile phones, and smart wearable devices) in the mobile edge computing (MEC) environment, one suspect can employ multiple devices to launch a cybercrime. In this paper, we investigate a novel cross-device tracking approach which is able to correlate one suspect’s different devices so as to help the law enforcement monitor a suspect’s online activities more comprehensively. Our approach is based on the network traffic analysis of instant messaging (IM) applications, which are typical commercial service providers (CSPs) in the MEC environment. We notice a new habit of using IM applications, that is, one individual logs in the same account on multiple devices. This habit brings about devices’ receiving sync messages, which can be utilized to correlate devices. We choose five popular apps (i.e., WhatsApp, Facebook Messenger, WeChat, QQ, and Skype) to prove our approach’s effectiveness. The experimental results show that our approach can identify IM messages with high F1-scores (e.g., QQ’s PC message is 0.966, and QQ’s phone message is 0.924) and achieve an average correlating accuracy of 89.58% of five apps in an 8-people experiment, with the fastest correlation speed achieved in 100 s.

show abstract

Section: Observation Of Im Application Network Trafficmentioning

confidence: 99%