Physical-layer key generation methods utilize the variations of the communication channel to achieve a secure key agreement between two parties with no prior security association. Their secrecy rate (bit generation rate) depends heavily on the randomness of the channel, which may reduce significantly in a stable environment. Existing methods seek to improve the secrecy rate by injecting artificial noise into the channel. Unfortunately, noise injection cannot alter the underlying channel state, which depends on the multipath environment between the transmitter and receiver. Consequently, these methods are known to leak key bits toward multi-antenna eavesdroppers, which is capable of filtering the noise through the differential of multiple signal receptions. This work demonstrates an improved approach to reinforce physical-layer key generation schemes, e.g., channel randomization. The channel randomization approach leverages a reconfigurable antenna to rapidly change the channel state during transmission, and an angle-of-departure (AoD) based channel estimation algorithm to cancel the changing effects for the intended receiver. The combined result is a communication channel stable in the eyes of the intended receiver but randomly changing from the viewpoint of the eavesdropper. We augmented an existing physical-layer key generation protocol, iJam, with the proposed approach and developed a full-fledged remote instrumentation platform to demonstrate its performance. Our evaluations show that augmentation does not affect the bit error rate (BER) of the intended receiver during key establishment but reduces the eavesdropper's BER to the level of random guessing, regardless of the number of antennas it equips. CCS CONCEPTS • Security and privacy → Key management; Mobile and wireless security.
Mobile apps nowadays are often packaged with third-party ad libraries to monetize user data. Many mobile ad networks exploit these mobile apps to extract sensitive real-time geographical data about the users for location-based targeted advertising. However, the massive collection of sensitive information by the ad networks has raised serious privacy concerns. Unfortunately, the extent and granularity of private data collection of the location-based ad networks remain obscure. In this work, we present a mobile tracking measurement study to characterize the severity and significance of location-based private data collection in mobile ad networks, by using an automated fine-grained data collection instrument running across different geographical areas. We perform extensive threat assessments for different ad networks using 1,100 popular apps running across 10 different cities. This study discovers that the number of locationbased ads tend to be positively correlated with the population density of locations, ad networks' data collection behaviors differ across different locations, and most ad networks are capable of collecting precise location data. Detailed analysis further reveals the significant impact of geolocation on the tracking behavior of targeted ads, and a noteworthy security concern for advertising organizations to aggregate different types of private user data across multiple apps for a better targeted ad experience.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.