Smartphone Identification via Passive Traffic Fingerprinting: A Sequence-to-Sequence Learning Approach

Passive cyber-security attacks do not require any modification of the data stream generated by the victim, nor the creation of a false statement; in particular, those attacks based on statistical analysis aim at acquiring sensible information by just analyzing traffic patterns. Our work sits on the conjecture that the PDCCH, which is transmitted in clear text, may be effectively used to statistically characterize the traffic generated by a smartphone in standby mode. Through this statistical signature, the attacker may then infer whether an unknown traffic pattern is generated by the victim user's terminal, guessing if the victim is in a certain geographical area, and in turn gaining the ability to track the victim's movements and/or to profile their habits. In this work, we propose a data collection and processing framework that successfully obtains such signatures. User data patterns (transport block sizes and communications direction) are retrieved by analyzing the mobile network scheduling. Hence, a sequence-to-sequence learning framework to extract smartphone signatures from passive traffic is put forward, and is experimentally validated using a dataset of 40 user traces, successfully identifying up to 90 percent of the users.