Projects:2021s1-13002 Behavioural Analytics and Adversarial Traffic Generation of Mobile Applications
The near ubiquity of “BYO” mobile devices in both workplaces and academic institutions has led to numerous security and privacy issues relating to installed applications. Applications that are insecure or malicious have potential implications regarding data leakage or criminal activity, and the detection of these “red flag” applications is more important than ever. In particular, being able to classify installed applications via network traffic analysis rather than by needing to inspect devices on an individual basis is a far more practical approach to accomplish this.
Due to encrypted network traffic making up a far higher percentage of all traffic currently, the ability to detect installed applications through network traffic would need to be done using only basic packet information known as the “5-Tuple”. Such raw data features are suitable for analysis via machine learning and neural networks.
Introduction
The aim of this research is to classify mobile applications via analysis of their network traffic using machine learning techniques. Specifically, graph neural networks are used to identify selected popular messaging applications, after analysing the network traffic produced by sending a message within the network.
Subsequent findings regarding the classified connection profiles created by sending and receiving messages, will be used to investigate the potential:
- Network flow correlation using connection profiles of apps (IP feature first)
- If using a GAN to produce more realistic data will result in better training of neural networks
Project team
Project students
- Callan Bubner
- Emily Braggs
- Spencer Brown
Supervisors
- Dr Hong Gunn Chew
- Dr Adriel Cheng (DST)
Advisors
- Kyle Millar
