14-829: Mobile Security

14-829 / 18-638: Mobile Security - Fall 2017

Assignment #2 - Tracking from the Comfort of your Laptop

Due: October 5, 2017

Description: Unlike the previous assignment that asked you to steal the user's data, this assignment asks you to focus on learning about the user's activities, namely by exfiltrating data about the user's location in real time. The tasks are complicated by restricting access to explicit location data. Instead, you'll need to exfiltrate any information you can get about the WiFi networks that the user is connected to or near, then analyze this information offline using any other information available that allows you to map WiFi network data to location data.

  1. Develop an exfiltration app - Write an app that collects relevant data about WiFi networks from the device without being detected or suspected by the user. Since your app cannot rely on location services on the device, you can collect as much information as possible about nearby WiFi APs (e.g., SSID, BSSID, power level) subject to the allowed permissions. Your app should report this information periodically (for example, once per minute) to an email account you control.
    Constraints and Hints:
    • The only permissions allowed (either as manifest or equivalent runtime) are ACCESS_WIFI_STATE, CHANGE_WIFI_STATE, and INTERNET.
    • The user must be unaware of the app's activity or presence, regardless of what it does. You can assume that the user does not check the task manager for apps suspended in the background.
    • The app must exfiltrate data via email without user interaction.
    • The app must continue to send periodic reports, regardless of app or screen state.
    • The app must work on all Android versions v, s.t. 4.0 ≤ v ≤ 7.1.1.
    • You can assume there is an easy way to get your app onto the user's device, so don't worry about that problem.
    Since sending emails without user interaction is non-trivial, we'll provide some helpful code to work around. You can use anything in the README file and these helpful code packages for completion of your tasks: activation.jar, additional.jar, mail.jar, EmailSender.java, and SendEmailTask.java.
  2. Analyze exfiltrated data and map user location - Now that you have a stream of WiFi data from the user device, create a data analysis tool to process the exfiltrated WiFi data and visualize the target user's location history. You'll most likely need to do some manual survey work to be able to map the WiFi measurements to map coordinates. Feel free to use crowdsourced WiFi location databases such as WiGLE.net if you find that to be helpful.
    Constraints and Hints:
    • Estimated location of the user should be plotted to a visual map in an understandable way.
    • Your location estimates don't need to be highly accurate, but they should be meaningful (e.g., room-level accuracy within buildings and on the order of 10s of meters outdoors).
    • You are allowed to collaborate with other students on the manual survey work, but no other tasks.
    • Be sure to create a mechanism for collecting ground truth data (outside the scope of the attack app and corresponding constraints), otherwise you won't know how accurate your results are.
    • When receiving emails from the app, it's helpful to filter them into a separate folder, so you don't spam yourself. :)
Deliverables: Each student will submit a written summary of their efforts for the above tasks. Your report should include:
  • Code snippets to highlight important features of the required tasks,
  • Contents of sample emails generated by the app (e.g., screenshot of received email),
  • Details of how your design meets each of the given constraints,
  • Detailed step-by-step explanations of the relevant aspects of the app and mapping tools that demonstrate your understanding of what the code is doing and why it works the way it does.
The written summary should be formatted as a single-column document using font size 11 or greater, converted to a .pdf document for submission.

Submission Instructions: Each student should submit a .pdf version of their written summary via Canvas, using the format requested above. All students are expected to complete the assignment on their own; discussion about the assignment is allowed and encouraged, but all design, analysis, and writing tasks must be done individually (i.e., talking is allowed, but not sharing anything written) -- with the exception of the manual survey as described above.

Grading: This assignment is worth 30 points: four (4) points for a detailed description of your data collection app, four (4) points for explaining how your app design satisfies the constraints, five (5) points for correctness of exfiltration and freshness of data, five (5) points for sufficiency of the WiFi survey or appropriate tool use, four (4) points for explanation of the mapping capability, four (4) points for verifying accuracy of location estimation relative to ground truth data, and four (4) points for visualization. We reserve the right to take off points for presentation aspects, e.g., incorrect format, poor writing, etc.