Dongyao Chen (Shanghai Jiao Tong University), Mert D. Pesé (Clemson University), Kang G. Shin (University of Michigan, Ann Arbor)

ZOOX Best Paper Award Winner ($500 cash prize)!

Driving apps, such as navigation, fuel-price, and road services, have been deployed and used widely. The car-related nature of these services may motivate them to infer the type of their users’ vehicles. We first apply systematic analytics on real-world apps to show that the vehicle-type — seemingly unharmful — information may have serious privacy implications. Next, we demonstrate that attackers can harvest the features of these mobile apps to infer the car-type information in a stealthy way. Specifically, we explore the use of zero-permission mobile motion sensors to extract spectral features for differentiating the engines and body types of vehicles. Based on our experimental results of 17 different cars, we have achieved 82+% and 85+% overall accuracy in identifying three major engine types and four popular body types, respectively.

View More Papers

The Power of Bamboo: On the Post-Compromise Security for...

Tianyang Chen (Huazhong University of Science and Technology), Peng Xu (Huazhong University of Science and Technology), Stjepan Picek (Radboud University), Bo Luo (The University of Kansas), Willy Susilo (University of Wollongong), Hai Jin (Huazhong University of Science and Technology), Kaitai Liang (TU Delft)

Read More

How to Count Bots in Longitudinal Datasets of IP...

Leon Böck (Technische Universität Darmstadt), Dave Levin (University of Maryland), Ramakrishna Padmanabhan (CAIDA), Christian Doerr (Hasso Plattner Institute), Max Mühlhäuser (Technical University of Darmstadt)

Read More