# International Conferences: MobiCom 2015, Paris

 International Conferences: Mobile Computing and Networking 2015  Paris

The 21st Annual International Conference on Mobile Computing and Networking (MobiCom ’15) was held September 7–11, 2015 in Paris, France. MobiCom is a forum for research in mobile systems and wireless networks. The technical program this year featured papers on energy, sensing, security, wireless access, applications, localization, Internet of Things, mobile cloud, measurement, and analysis. The ones cited here focus on Science of Security.

Teng Wei, Shu Wang, Anfu Zhou, Xinyu Zhang; “Acoustic Eavesdropping through Wireless Vibrometry,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 130–141. doi:10.1145/2789168.2790119
Abstract: Loudspeakers are widely used in conferencing and infotainment systems. Private information leakage from loudspeaker sound is often assumed to be preventable using sound-proof isolators like walls. In this paper, we explore a new acoustic eavesdropping attack that can subvert such protectors using radio devices. Our basic idea lies in an acoustic-radio transformation (ART) algorithm, which recovers loudspeaker sound by inspecting the subtle disturbance it causes to the radio signals generated by an adversary or by its co-located WiFi transmitter. ART builds on a modeling framework that distills key factors to determine the recovered audio quality. It incorporates diversity mechanisms and noise suppression algorithms that can boost the eavesdropping quality. We implement the ART eavesdropper on a software-radio platform and conduct experiments to verify its feasibility and threat level. When targeted at vanilla PC or smartphone loudspeakers, the attacker can successfully recover high-quality audio even when blocked by sound-proof walls. On the other hand, we propose several pragmatic countermeasures that can effectively reduce the attacker’s audio recovery quality by orders of magnitude.
Keywords: acoustic eavesdropping, acoustic-radio transformation, wifi devices (ID#: 15-6893)
URL: http://doi.acm.org/10.1145/2789168.2790119

Jian Liu, Yan Wang, Gorkem Kar, Yingying Chen, Jie Yang, Marco Gruteser; “Snooping Keystrokes with mm-level Audio Ranging on a Single Phone,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 142–154. doi:10.1145/2789168.2790122
Abstract: This paper explores the limits of audio ranging on mobile devices in the context of a keystroke snooping scenario. Acoustic keystroke snooping is challenging because it requires distinguishing and labeling sounds generated by tens of keys in very close proximity. Existing work on acoustic keystroke recognition relies on training with labeled data, linguistic context, or multiple phones placed around a keyboard — requirements that limit usefulness in an adversarial context. In this work, we show that mobile audio hardware advances can be exploited to discriminate mm-level position differences and that this makes it feasible to locate the origin of keystrokes from only a single phone behind the keyboard. The technique clusters keystrokes using time-difference of arrival measurements as well as acoustic features to identify multiple strokes of the same key. It then computes the origin of these sounds precise enough to identify and label each key. By locating keystrokes this technique avoids the need for labeled training data or linguistic context. Experiments with three types of keyboards and off-the-shelf smartphones demonstrate scenarios where our system can recover $94\%$ of keystrokes, which to our knowledge, is the first single-device technique that enables acoustic snooping of passwords.
Keywords: audio ranging, keystroke snooping, single phone, time difference of arrival (TDoA) (ID#: 15-6894)
URL: http://doi.acm.org/10.1145/2789168.2790122

He Wang, Ted Tsung-Te Lai, Romit Roy Choudhury; “MoLe: Motion Leaks Through Smartwatch Sensors,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 155–166. doi:10.1145/2789168.2790121
Abstract: Imagine a user typing on a laptop keyboard while wearing a smart watch. This paper asks whether motion sensors from the watch can leak information about what the user is typing. While its not surprising that some information will be leaked, the question is how much? We find that when motion signal processing is combined with patterns in English language, the leakage is substantial. Reported results show that when a user types a word $W$, it is possible to shortlist a median of 24 words, such that $W$ is in this shortlist. When the word is longer than $6$ characters, the median shortlist drops to $10$. Of course, such leaks happen without requiring any training from the user, and also under the (obvious) condition that the watch is only on the left hand. We believe this is surprising and merits awareness, especially in light of various continuous sensing apps that are emerging in the app market. Moreover, we discover additional “leaks” that can further reduce the shortlist — we leave these exploitations to future work.
Keywords: Bayesian inference, accelerometer, gesture, gyroscope, malware, motion leaks, security, side-channel attacks, smartwatch (ID#: 15-6895)
URL: http://doi.acm.org/10.1145/2789168.2790121

Anastasia Shuba, Anh Le, Minas Gjoka, Janus Varmarken, Simon Langhoff, Athina Markopoulou; “AntMonitor: A System for Mobile Traffic Monitoring and Real-Time Prevention of Privacy Leaks,” MobiCom '15 Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 170–172. doi:10.1145/2789168.2789170
Abstract: Mobile devices play an essential role in the Internet today, and there is an increasing interest in using them as a vantage point for network measurement from the edge. At the same time, these devices store personal, sensitive information, and there is a growing number of applications that leak it. We propose AntMonitor—the first system of its kind that supports (i) collection of large-scale, semantic-rich network traffic in a way that respects users’ privacy preferences and (ii) detection and prevention of leakage of private information in real time. The first property makes AntMonitor a powerful tool for network researchers who want to collect and analyze large-scale yet fine-grained mobile measurements. The second property can work as an incentive for using AntMonitor and contributing data for analysis. As a proof-of-concept, we have developed a prototype of AntMonitor, deployed it to monitor 9 users for 2 months, and collected and analyzed 20 GB of mobile data from 151 applications. Preliminary results show that fine-grained data collected from AntMonitor could enable application classification with higher accuracy than state-of-the-art approaches. In addition, we demonstrated that AntMonitor could help prevent several apps from leaking private information over unencrypted traffic, including phone numbers, emails, and device identifiers.
Keywords: android security, mobile network monitoring, privacy leakage detection (ID#: 15-6896)
URL: http://doi.acm.org/10.1145/2789168.2789170

Wei Wang, Alex X. Liu, Muhammad Shahzad, Kang Ling, Sanglu Lu; “Understanding and Modeling of WiFi Signal Based Human Activity Recognition,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 65–76. doi:10.1145/2789168.2790093
Abstract: Some pioneer WiFi signal based human activity recognition systems have been proposed. Their key limitation lies in the lack of a model that can quantitatively correlate CSI dynamics and human activities. In this paper, we propose CARM, a CSI based human Activity Recognition and Monitoring system. CARM has two theoretical underpinnings: a CSI-speed model, which quantifies the correlation between CSI value dynamics and human movement speeds, and a CSI-activity model, which quantifies the correlation between the movement speeds of different human body parts and a specific human activity. By these two models, we quantitatively build the correlation between CSI value dynamics and a specific human activity. CARM uses this correlation as the profiling mechanism and recognizes a given activity by matching it to the best-fit profile. We implemented CARM using commercial WiFi devices and evaluated it in several different environments. Our results show that CARM achieves an average accuracy of greater than 96%.
Keywords: activity recognition, channel state information (CSI), wifi (ID#: 15-6897)
URL: http://doi.acm.org/10.1145/2789168.2790093

Kamran Ali, Alex Xiao Liu, Wei Wang, Muhammad Shahzad; “Keystroke Recognition Using WiFi Signals,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 90–102.  doi:10.1145/2789168.2790109
Abstract: Keystroke privacy is critical for ensuring the security of computer systems and the privacy of human users as what being typed could be passwords or privacy sensitive information. In this paper, we show for the first time that WiFi signals can also be exploited to recognize keystrokes. The intuition is that while typing a certain key, the hands and fingers of a user move in a unique formation and direction and thus generate a unique pattern in the time-series of Channel State Information (CSI) values, which we call CSI-waveform for that key. In this paper, we propose a WiFi signal based keystroke recognition system called WiKey. WiKey consists of two Commercial Off-The-Shelf (COTS) WiFi devices, a sender (such as a router) and a receiver (such as a laptop). The sender continuously emits signals and the receiver continuously receives signals. When a human subject types on a keyboard, WiKey recognizes the typed keys based on how the CSI values at the WiFi signal receiver end. We implemented the WiKey system using a TP-Link TL-WR1043ND WiFi router and a Lenovo X200 laptop. WiKey achieves more than 97.5\% detection rate for detecting the keystroke and 96.4% recognition accuracy for classifying single keys. In real-world experiments, WiKey can recognize keystrokes in a continuously typed sentence with an accuracy of 93.5%.
Keywords: channel state information, cots wifi devices, gesture recognition, keystroke recovery, wireless security (ID#: 15-6898)
URL: http://doi.acm.org/10.1145/2789168.2790109

Yanzi Zhu, Yibo Zhu, Ben Y. Zhao, Haitao Zheng; “Reusing 60GHz Radios for Mobile Radar Imaging,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 103–116. doi:10.1145/2789168.2790112
Abstract: The future of mobile computing involves autonomous drones, robots and vehicles. To accurately sense their surroundings in a variety of scenarios, these mobile computers require a robust environmental mapping system. One attractive approach is to reuse millimeterwave communication hardware in these devices, e.g. 60GHz networking chipset, and capture signals reflected by the target surface. The devices can also move while collecting reflection signals, creating a large synthetic aperture radar (SAR) for high-precision RF imaging. Our experimental measurements, however, show that this approach provides poor precision in practice, as imaging results are highly sensitive to device positioning errors that translate into phase errors. We address this challenge by proposing a new 60GHz imaging algorithm, {\em RSS Series Analysis}, which images an object using only RSS measurements recorded along the device’s trajectory. In addition to object location, our algorithm can discover a rich set of object surface properties at high precision, including object surface orientation, curvature, boundaries, and surface material. We tested our system on a variety of common household objects (between 5cm–30cm in width). Results show that it achieves high accuracy (cm level) in a variety of dimensions, and is highly robust against noises in device position and trajectory tracking. We believe that this is the first practical mobile imaging system (re)using 60GHz networking devices, and provides a basic primitive towards the construction of detailed environmental mapping systems.
Keywords: 60GHz, RF imaging, environmental mapping, mobile radar (ID#: 15-6899)
URL: http://doi.acm.org/10.1145/2789168.2790112

Davide Pesavento, Giulio Grassi, Giovanni Pau, Paramvir Bahl, Serge Fdida; “Car-Fi: Opportunistic V2I by Exploiting Dual-Access Wi-Fi Networks,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 173–175. doi:10.1145/2789168.2789171
Abstract: The need for Internet access from moving vehicles has been steadily increasing in the past few years. Solutions that rely on cellular connectivity are becoming impractical to deploy due to technical and economic reasons. Car-Fi proposes an approach that leverages existing home Wi-Fi access points configured in dual-access mode, in order to offload all data traffic from the congested and expensive cellular infrastructure to whatever Wi-Fi network is available. Thanks to an improved scanning algorithm and numerous optimizations to the connection setup, Car-Fi makes downloading large amounts of data from a moving car feasible.
Keywords: 802.11, V2I, fast roaming, scanning, vehicular networks (ID#: 15-6900)
URL: http://doi.acm.org/10.1145/2789168.2789171

Gaetan Harter, Roger Pissard-Gibollet, Frederic Saint-Marcel, Guillaume Schreiner, Julien Vandaele; “FIT IoT-LABA: Large Scale Open Experimental IoT Testbed,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 176–178. doi:10.1145/2789168.2789172
Abstract: FIT IoT-LAB’s goal is to provide a very large scale open experimental testbed for the Internet of Things, by deploying more than 2700 experimentation nodes over 6 sites in France. Our demonstration purpose is to illustrate what the IoT-LAB platform offers through small applications involving radio communications and mobile nodes. Thanks to these examples, we will show how to run an experiment in the testbed and some of the tools it provides to help in developing, tuning and monitoring such large-scale applications.
Keywords: internet of things, testbed, wireless sensor network (ID#: 15-6901)
URL: http://doi.acm.org/10.1145/2789168.2789172

Loïc Baron, Fadwa Boubekeur, Radomir Klacza, Mohammed Yasin Rahman, Ciro Scognamiglio, Nina Kurose, Timur Friedman, Serge Fdida;  “OneLab: Major Computer Networking Testbeds for IoT and Wireless Experimentation,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 199–200. doi:10.1145/2789168.2789180
Abstract: Gathering the required measurements to produce accurate results for mobile communications and wireless networking protocols, technologies and applications, relies on the use of expensive experimental computer networking facilities. Until very recently, large-scale testbed facilities have existed in separate silos, each with its own authentication mechanisms and experiment support tools. There lacked a viable federation model that reconciled the challenges posed by how to provide a single entry point to access heterogeneous and distributed resources, and how to federate these resources that are under the control of multiple authorities. The OneLab experimental facility, which came online in 2014, realizes this model, making a set of world-class testbeds freely available to researchers through a unique credential for each user and a common set of tools. We allow users to deploy innovative experiments across our federated platforms that include the embedded object testbeds of FIT IoT-Lab, the cognitive radio testbed of FIT CorteXlab, the wireless testbeds of NITOS-Lab, and the internet overlay testbed PlanetLab Europe (PLE), which together provide thousands of nodes for experimentation. Also federated under OneLab are the FUSECO Playground, which includes cloud, M2M, SDN, and mobile broadband; w-iLab.t wireless facilities; and the Virtual Wall testbed of wired networks and applications. Our demo describes the resources offered by the OneLab platforms, and illustrates how any member of the MobiCom community can create an account and start using these platforms today to deploy experiments for mobile and wireless testing.
Keywords: experimental facility, heterogeneous testbed federation, myslice, slice-based federation architecture, unique credential (ID#: 15-6902)
URL: http://doi.acm.org/10.1145/2789168.2789180

Georgios Z. Papadopoulos, Antoine Gallais, Guillaume Schreiner, Thomas Noël; “Live Adaptations of Low-power MAC Protocols,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 207–209. doi:10.1145/2789168.2789184
Abstract: This demonstration aims at observing in an interactive manner the impact of modification of preamble and sampling periods at the low-power family of MAC protocols, and thus, illustrating in real-time the energy consumption and delay performance of each node accordingly. To do so, we implemented the ability for users to generate traffic at some remote nodes that are involved in two distinct deployed topologies. Those deployed networks operate with either a statically configured network, by employing X-MAC on top of the Contiki OS, or T-AAD, a lightweight traffic auto-adaptive protocol that allows live and automatic modifications of duty-cycle configurations.
Keywords: MAC layer, bursty traffic, low-power protocols, traffic adaptivity, wireless sensor network (ID#: 15-6903)
URL: http://doi.acm.org/10.1145/2789168.2789184

Matteo Pozza, Claudio Enrico Palazzi, Armir Bujari; “Poster: Mobile Data Offloading Testbed,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 212–214. doi:10.1145/2789168.2795159
Abstract: Recent research has proposed swarming protocols as a possible approach to offload the Internet infrastructure when some content can be shared by several users. However, simulations have been generally used as experimental means. Instead, we present an application platform that allows a rapid development and testing of swarming protocols using off-the-shelf smartphones.
Keywords: data offload, mobile, testbed, wireless (ID#: 15-6904)
URL: http://doi.acm.org/10.1145/2789168.2795159

Yanzhi Dou, Kexiong (Curtis) Zeng, Yaling Yang; “Poster: Privacy-Preserving Server-Driven Dynamic Spectrum Access System,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 218–220. doi:10.1145/2789168.2795161
Abstract: Dynamic spectrum access (DSA) technique has been widely accepted as a crucial solution to mitigate the potential spectrum scarcity problem. As a key form of DSA, government is proposing to release more federal spectrum for sharing with commercial wireless users. However, the flourish of federal-commercial sharing hinges upon how privacy issues are managed. In current DSA proposals, the sensitive operation parameters of both federal incumbent users (IUs) and commercial secondary users (SUs) need to be shared with the dynamic spectrum access system (SAS) to realize efficient spectrum allocation. Since SAS is not necessarily operated by a trusted third party, the current proposals dissatisfy the privacy requirement of both IUs and SUs. To address the privacy issues, this paper presents a privacy-preserving SAS design, which realizes the complex spectrum allocation decision process of DSA through secure computation over ciphertext based on homomorphic encryption, thus none of the IU or SU operation parameters are exposed to SAS.
Keywords: homomorphic encryption, privacy, server-driven dsa (ID#: 15-6905)
URL: http://doi.acm.org/10.1145/2789168.2795161

Tan Zhang, Aakanksha Chowdhery, Paramvir (Victor) Bahl, Kyle Jamieson, Suman Banerjee; “The Design and Implementation of a Wireless Video Surveillance System,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 426–438. doi:10.1145/2789168.2790123
Abstract: Internet-enabled cameras pervade daily life, generating a huge amount of data, but most of the video they generate is transmitted over wires and analyzed offline with a human in the loop. The ubiquity of cameras limits the amount of video that can be sent to the cloud, especially on wireless networks where capacity is at a premium. In this paper, we present Vigil, a real-time distributed wireless surveillance system that leverages edge computing to support real-time tracking and surveillance in enterprise campuses, retail stores, and across smart cities. Vigil intelligently partitions video processing between edge computing nodes co-located with cameras and the cloud to save wireless capacity, which can then be dedicated to Wi-Fi hotspots, offsetting their cost. Novel video frame prioritization and traffic scheduling algorithms further optimize Vigil’s bandwidth utilization. We have deployed Vigil across three sites in both whitespace and Wi-Fi networks. Depending on the level of activity in the scene, experimental results show that Vigil allows a video surveillance system to support a geographical area of coverage between five and 200 times greater than an approach that simply streams video over the wireless network. For a fixed region of coverage and bandwidth, Vigil outperforms the default equal throughput allocation strategy of Wi-Fi by delivering up to 25% more objects relevant to a user’s query.
Keywords: edge computing, video surveillance, wireless (ID#: 15-6906)
URL: http://doi.acm.org/10.1145/2789168.2790123

Puneet Jain, Justin Manweiler, Romit Roy Choudhury; “Poster: User Location Fingerprinting at Scale,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 260–262. doi:10.1145/2789168.2795175
Abstract: Many emerging mobile computing applications are continuous vision based. The primary challenge these applications face is computation partitioning between the phone and cloud. The indoor location information is one metadata that can help these applications in making this decision. In this extended-abstract, we propose a vision based scheme to uniquely fingerprint an environment which can in turn be used to identify user’s location from the uploaded visual features. Our approach takes into account that the opportunity to identify location is fleeting and the phones are resource constrained — therefore minimal yet sufficient computation needs to be performed to make the offloading decision. Our work aims to achieve near real-time performance while scaling to buildings of arbitrary sizes. The current work is in preliminary stages but holds promise for the future — may apply to many applications in this area.
URL: http://doi.acm.org/10.1145/2789168.2795175

Hossein Shafagh, Anwar Hithnawi, Andreas Droescher, Simon Duquennoy, Wen Hu; “Poster: Towards Encrypted Query Processing for the Internet of Things,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 251–253. doi:10.1145/2789168.2795172
Abstract: The Internet of Things (IoT) is envisioned to digitize the physical world, resulting in a digital representation of our proximate living space. The possibility of inferring privacy violating information from IoT data necessitates adequate security measures regarding data storage and communication. To address these privacy and security concerns, we introduce our system that stores IoT data securely in the Cloud database while still allowing query processing over the encrypted data. We enable this by encrypting IoT data with a set of cryptographic schemes such as order-preserving and partially homomorphic encryptions. To achieve this on resource-limited devices, our system relies on optimized algorithms that accelerate partial homomorphic and order-preserving encryptions by 1 to 2 orders of magnitude. Our early results show the feasibility of our system on low-power devices. We envision our system as an enabler of secure IoT applications.
Keywords: computing on encrypted data, data security, encrypted computing, internet of things, system design (ID#: 15-6908)
URL: http://doi.acm.org/10.1145/2789168.2795172

Mohammad A. Hoque, Kasperi Saarikoski, Eemil Lagerspetz, Julien Mineraud, Sasu Tarkoma; “Poster: VPN Tunnels for Energy Efficient Multimedia Streaming,” MobiCom '15, Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, September 2015, Pages 239–241. doi:10.1145/2789168.2795168
Abstract: Minimizing the energy consumption of mobile devices for wireless network access is important. In this article, we analyze the energy efficiency of a new set of applications which use Virtual Private Network (VPN) tunnels for secure communication. First, we discuss the energy efficiency of a number of VPN applications from a large scale deployment of 500 K devices. We next measure the energy consumption of some of these applications with different use cases. Finally, we demonstrate that a VPN tunnel can be instrumented for enhanced energy efficiency with multimedia streaming applications. Our results indicate energy savings of 40% for this class of applications.
Keywords: energy consumption, multimedia streaming, traffic scheduling, virtual private network (ID#: 15-6909)
URL: http://doi.acm.org/10.1145/2789168.2795168

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.