%0 Conference Paper %1 info3-inproceedings-2022-18 %A Casas, Pedro %A Wehner, Nikolas %A Wassermann, Sarah %A Seufert, Michael %B Global Internet (GI) Symposium %C Paris, France %D 2022 %K myown ucn %T Fingerprinting Webpages and Smartphone Apps from Encrypted Network Traffic with WebScanner %X The wide adoption of end-to-end encryption drastically limits the visibility Internet Service Providers (ISPs) have on the services consumed by their customers. This is particularly challenging for monitoring and analysis of web and apps traffic, which is highly complex and heterogeneous. Loading a web page or app today requires tens of flows to download the various resources located in distributed cloud servers from different content providers. We introduce WebScanner, a webpage and app fingerprinting approach capable to identify all the traffic flows corresponding to individual webpage and app loading sessions within concurrent web pages traffic, enabling highly detailed, per webpage analysis in practical deployments. Different from the state of the art in web and app traffic fingerprinting, and as our most relevant contribution, WebScanner automatically performs the parsing of all the traffic generated by a web visit and its isolation from concurrent traffic, instead of assuming that an external oracle system does so. WebScanner also implements a deep fingerprinting approach to detect user action-dependent traffic from apps, relying on simple machine learning models and strong input features as fingerprints. Extensive evaluation across a large measurement dataset of popular webpages and mobile apps confirms the outstanding performance of WebScanner, identifying the top-500 Alexa websites with precision and recall (P/R) above 95%, isolating their full contents with P/R above 80% for up to 15 concurrent webpages, and detecting specific action-dependent apps traffic with average P/R above 92%.

@inproceedings{info3-inproceedings-2022-18, abstract = {The wide adoption of end-to-end encryption drastically limits the visibility Internet Service Providers (ISPs) have on the services consumed by their customers. This is particularly challenging for monitoring and analysis of web and apps traffic, which is highly complex and heterogeneous. Loading a web page or app today requires tens of flows to download the various resources located in distributed cloud servers from different content providers. We introduce WebScanner, a webpage and app fingerprinting approach capable to identify all the traffic flows corresponding to individual webpage and app loading sessions within concurrent web pages traffic, enabling highly detailed, per webpage analysis in practical deployments. Different from the state of the art in web and app traffic fingerprinting, and as our most relevant contribution, WebScanner automatically performs the parsing of all the traffic generated by a web visit and its isolation from concurrent traffic, instead of assuming that an external oracle system does so. WebScanner also implements a deep fingerprinting approach to detect user action-dependent traffic from apps, relying on simple machine learning models and strong input features as fingerprints. Extensive evaluation across a large measurement dataset of popular webpages and mobile apps confirms the outstanding performance of WebScanner, identifying the top-500 Alexa websites with precision and recall (P/R) above 95%, isolating their full contents with P/R above 80% for up to 15 concurrent webpages, and detecting specific action-dependent apps traffic with average P/R above 92%.}, added-at = {2022-10-13T11:15:19.000+0200}, address = {Paris, France}, author = {Casas, Pedro and Wehner, Nikolas and Wassermann, Sarah and Seufert, Michael}, biburl = {https://www.bibsonomy.org/bibtex/28a7b9054109c6305a8a0a3a03773ea23/uniwue_info3}, booktitle = {Global Internet (GI) Symposium}, interhash = {1c012c7f7f8155ad566e82d3917985db}, intrahash = {8a7b9054109c6305a8a0a3a03773ea23}, keywords = {myown ucn}, month = {11}, timestamp = {2022-10-13T11:15:19.000+0200}, title = {Fingerprinting Webpages and Smartphone Apps from Encrypted Network Traffic with WebScanner}, year = 2022 }