{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,10]],"date-time":"2026-01-10T03:55:45Z","timestamp":1768017345846,"version":"3.49.0"},"publisher-location":"Berlin, Heidelberg","reference-count":44,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783662549698","type":"print"},{"value":"9783662549704","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-662-54970-4_22","type":"book-chapter","created":{"date-parts":[[2017,5,16]],"date-time":"2017-05-16T02:02:55Z","timestamp":1494900175000},"page":"367-384","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":11,"title":["Leaky Birds: Exploiting Mobile Application Traffic for Surveillance"],"prefix":"10.1007","author":[{"given":"Eline","family":"Vanrykel","sequence":"first","affiliation":[]},{"given":"Gunes","family":"Acar","sequence":"additional","affiliation":[]},{"given":"Michael","family":"Herrmann","sequence":"additional","affiliation":[]},{"given":"Claudia","family":"Diaz","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,5,17]]},"reference":[{"key":"22_CR1","unstructured":"APK Downloader [Latest] Download Directly \u2014 Chrome Extension v3 (Evozi Official). http:\/\/apps.evozi.com\/apk-downloader\/"},{"key":"22_CR2","unstructured":"Cross Reference: \/external\/kernel-headers\/original\/asm-arm\/param.h. http:\/\/androidxref.com\/4.1.2\/xref\/external\/kernel-headers\/original\/asm-arm\/param.h#18"},{"key":"22_CR3","unstructured":"dpkt 1.8.6.2: Python Package Index. https:\/\/pypi.python.org\/pypi\/dpkt"},{"key":"22_CR4","unstructured":"dtmilano\/AndroidViewClient. https:\/\/github.com\/dtmilano\/AndroidViewClient\/"},{"key":"22_CR5","unstructured":"dumpcap - The Wireshark Network Analyzer 1.12.2. https:\/\/www.wireshark.org\/docs\/man-pages\/dumpcap.html"},{"key":"22_CR6","unstructured":"GCHQ taps fibre-optic cables for secret access to world\u2019s communications. http:\/\/www.theguardian.com\/uk\/2013\/jun\/21\/gchq-cables-secret-world-communications-nsa"},{"key":"22_CR7","unstructured":"Nmap Network Scanning - Remote OS Detection - Usage and Examples. http:\/\/nmap.org\/book\/osdetect-usage.html"},{"key":"22_CR8","unstructured":"NSA Prism program taps in to user data of Apple, Google and others. http:\/\/www.theguardian.com\/world\/2013\/jun\/06\/us-tech-giants-nsa-data"},{"key":"22_CR9","unstructured":"Smartphones: So many apps, so much time. http:\/\/www.nielsen.com\/us\/en\/insights\/news\/2014\/smartphones-so-many-apps-so-much-time.html"},{"key":"22_CR10","unstructured":"SystemClock \u2014 Android Developers. http:\/\/developer.android.com\/reference\/android\/os\/SystemClock.html"},{"key":"22_CR11","unstructured":"Identifying App Installations \u2014 Android Developers Blog (2011). http:\/\/android-developers.blogspot.be\/2011\/03\/identifying-app-installations.html"},{"key":"22_CR12","unstructured":"\u2018Tor Stinks\u2019 presentation (2013). http:\/\/www.theguardian.com\/world\/interactive\/2013\/oct\/04\/tor-stinks-nsa-presentation-document"},{"key":"22_CR13","unstructured":"About Adblock Plus for Android (2015). https:\/\/adblockplus.org\/android-about"},{"key":"22_CR14","unstructured":"Disconnect Malvertising for Android (2015). https:\/\/disconnect.me\/mobile\/disconnect-malvertising\/sideload"},{"key":"22_CR15","unstructured":"Manpage of TCPDUMP (2015). http:\/\/www.tcpdump.org\/tcpdump_man.html"},{"key":"22_CR16","unstructured":"Mobile apps doubleheader: BADASS Angry Birds (2015). http:\/\/www.spiegel.de\/media\/media-35670.pdf"},{"key":"22_CR17","unstructured":"Selenium - Web Browser Automation (2015). http:\/\/docs.seleniumhq.org\/"},{"key":"22_CR18","unstructured":"UI\/Application Exerciser Monkey \u2014 Android Developers (2015). http:\/\/developer.android.com\/tools\/help\/monkey.html"},{"key":"22_CR19","doi-asserted-by":"crossref","unstructured":"Acar, G., Eubank, C., Englehardt, S.: The web never forgets: persistent tracking mechanisms in the wild. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (2014)","DOI":"10.1145\/2660267.2660347"},{"key":"22_CR20","doi-asserted-by":"crossref","unstructured":"Balakrishnan, M.: Where\u2019s that phone? Geolocating IP addresses on 3G networks. In: Proceedings of the 9th ACM SIGCOMM Conference on Internet Measurement Conference, pp. 294\u2013300 (2009)","DOI":"10.1145\/1644893.1644928"},{"key":"22_CR21","doi-asserted-by":"crossref","unstructured":"Bellovin, S.M.: A technique for counting NATted hosts. In: Proceedings of the second ACM SIGCOMM Workshop on Internet Measurement - IMW 2002, p. 267 (2002)","DOI":"10.1145\/637241.637243"},{"key":"22_CR22","unstructured":"Black, P.E.: Ratcliff\/Obershelp pattern recognition, December 2004. https:\/\/xlinux.nist.gov\/dads\/\/HTML\/ratcliffObershelp.html"},{"key":"22_CR23","unstructured":"Bursztein, E.: Time has something to tell us about network address translation. In: Proceedings of NordSec (2007)"},{"key":"22_CR24","doi-asserted-by":"crossref","unstructured":"Dai, S., Tongaonkar, A., Wang, X., Nucci, A., Song, D.: NetworkProfiler: towards automatic fingerprinting of Android apps. In: 2013 Proceedings IEEE INFOCOM, pp. 809\u2013817, April 2013","DOI":"10.1109\/INFCOM.2013.6566868"},{"key":"22_CR25","unstructured":"Enck, W., Cox, L.P., Gilbert, P., Mcdaniel, P.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: OSDI 2010 Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation (2010)"},{"key":"22_CR26","doi-asserted-by":"crossref","unstructured":"Englehardt, S., Reisman, D., Eubank, C., Zimmerman, P., Mayer, J., Narayanan, A., Felten, E.W.: Cookies that give you away: the surveillance implications of web tracking. In: Proceedings of the 24th International Conference on World Wide Web, pp. 289\u2013299 (2015)","DOI":"10.1145\/2736277.2741679"},{"key":"22_CR27","doi-asserted-by":"crossref","unstructured":"Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, p. 627 (2011)","DOI":"10.1145\/2046707.2046779"},{"key":"22_CR28","doi-asserted-by":"crossref","unstructured":"Grace, M., Zhou, W., Jiang, X., Sadeghi, A.: Unsafe exposure analysis of mobile in-app advertisements. In: Proceedings of the fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks 067(Section 2) (2012)","DOI":"10.1145\/2185448.2185464"},{"key":"22_CR29","doi-asserted-by":"crossref","unstructured":"Hornyack, P., Han, S., Jung, J., Schechter, S., Wetherall, D.: These aren\u2019t the droids you\u2019re looking for: Retrofitting Android to protect data from imperious applications. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 639\u2013652. ACM (2011)","DOI":"10.1145\/2046707.2046780"},{"key":"22_CR30","doi-asserted-by":"crossref","unstructured":"Jacobson, V., Braden, R., Borman, D., Satyanarayanan, M., Kistler, J., Mummert, L., Ebling, M.: RFC 1323: TCP extensions for high performance (1992)","DOI":"10.17487\/rfc1323"},{"issue":"2","key":"22_CR31","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1109\/TDSC.2005.26","volume":"2","author":"T Kohno","year":"2005","unstructured":"Kohno, T., Broido, A., Claffy, K.C.: Remote physical device fingerprinting. IEEE Trans. Dependable Secure Comput. 2(2), 93\u2013108 (2005)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"22_CR32","unstructured":"Marlinspike, M.: New tricks for defeating SSL in practice. BlackHat DC, February 2009"},{"key":"22_CR33","doi-asserted-by":"crossref","unstructured":"Murdoch, S.J.: Hot or not: revealing hidden services by their clock skew. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 27\u201336. ACM (2006)","DOI":"10.1145\/1180405.1180410"},{"key":"22_CR34","unstructured":"Soltani, A., Peterson, A., Gellman, B.: NSA uses Google cookies to pinpoint targets for hacking (2013). https:\/\/www.washingtonpost.com\/news\/the-switch\/wp\/2013\/12\/10\/nsa-uses-google-cookies-to-pinpoint-targets-for-hacking\/"},{"key":"22_CR35","unstructured":"Stevens, R., Gibler, C., Crussell, J.: Investigating user privacy in android ad libraries. In: IEEE Mobile Security Technologies (MoST) (2012)"},{"key":"22_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"183","DOI":"10.1007\/978-3-319-11203-9_11","volume-title":"Computer Security - ESORICS 2014","author":"G Suarez-Tangil","year":"2014","unstructured":"Suarez-Tangil, G., Conti, M., Tapiador, J.E., Peris-Lopez, P.: Detecting targeted smartphone malware with behavior-triggering stochastic models. In: Kuty\u0142owski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8712, pp. 183\u2013201. Springer, Cham (2014). doi:10.1007\/978-3-319-11203-9_11"},{"key":"22_CR37","doi-asserted-by":"crossref","unstructured":"Tekeoglu, A., Altiparmak, N., Tosun, A.: Approximating the number of active nodes behind a NAT device. In: 2011 Proceedings of 20th International Conference on Computer Communications and Networks (ICCCN), pp. 1\u20137. IEEE (2011)","DOI":"10.1109\/ICCCN.2011.6006048"},{"key":"22_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1007\/978-3-642-36516-4_7","volume-title":"Passive and Active Measurement","author":"A Tongaonkar","year":"2013","unstructured":"Tongaonkar, A., Dai, S., Nucci, A., Song, D.: Understanding mobile app usage patterns using in-app advertisements. In: Roughan, M., Chang, R. (eds.) PAM 2013. LNCS, vol. 7799, pp. 63\u201372. Springer, Heidelberg (2013). doi:10.1007\/978-3-642-36516-4_7"},{"key":"22_CR39","unstructured":"Vanrykel, E.: Passive network attacks on mobile applications. Master\u2019s thesis, Katholieke Universiteit Leuven (2015)"},{"key":"22_CR40","doi-asserted-by":"crossref","unstructured":"Vanrykel, E., Acar, G., Herrmann, M., Diaz, C.: Exploiting Unencrypted Mobile Application Traffic for Surveillance (Technical report) (2016). https:\/\/securewww.esat.kuleuven.be\/cosic\/publications\/article-2602.pdf","DOI":"10.1007\/978-3-662-54970-4_22"},{"key":"22_CR41","unstructured":"Weinstein, D.: Leaking Android hardware serial number to unprivileged apps (2013). http:\/\/insitusec.blogspot.be\/2013\/01\/leaking-android-hardware-serial-number.html"},{"key":"22_CR42","doi-asserted-by":"crossref","unstructured":"Wicherski, G., Weingarten, F., Meyer, U.: IP agnostic real-time traffic filtering and host identification using TCP timestamps. In: 2013 IEEE 38th Conference on Local Computer Networks (LCN), pp. 647\u2013654. IEEE (2013)","DOI":"10.1109\/LCN.2013.6761302"},{"key":"22_CR43","doi-asserted-by":"crossref","unstructured":"Xia, N., Song, H.H., Liao, Y., Iliofotou, M.: Mosaic: quantifying privacy leakage in mobile networks. In: SIGCOMM 2013, Proceedings of the ACM SIGCOMM 2013 Conference on SIGCOMM (ii), pp. 279\u2013290 (2013)","DOI":"10.1145\/2486001.2486008"},{"key":"22_CR44","unstructured":"Zander, S., Murdoch, S.J.: An improved clock-skew measurement technique for revealing hidden services. In: USENIX Security Symposium, pp. 211\u2013226 (2008)"}],"container-title":["Lecture Notes in Computer Science","Financial Cryptography and Data Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-662-54970-4_22","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,4,2]],"date-time":"2024-04-02T16:47:31Z","timestamp":1712076451000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-662-54970-4_22"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783662549698","9783662549704"],"references-count":44,"URL":"https:\/\/doi.org\/10.1007\/978-3-662-54970-4_22","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"17 May 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"FC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Financial Cryptography and Data Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Christ Church","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Barbados","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2016","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 February 2016","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 February 2016","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"fc2016","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/fc16.ifca.ai\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}