AntShield: On-Device Detection of Personal Information Exposure
This addresses privacy risks for mobile users by enabling real-time detection of personal data leaks, though it is an incremental step combining on-device monitoring with learning unknown PII.
The paper tackles the problem of detecting personal information exposure on mobile devices by presenting AntShield, an on-device system that monitors network packets in real-time and accurately identifies sensitive data transmission, outperforming existing approaches.
Mobile devices have access to personal, potentially sensitive data, and there is a growing number of applications that transmit this personally identifiable information (PII) over the network. In this paper, we present the AntShield system that performs on-device packet-level monitoring and detects the transmission of such sensitive information accurately and in real-time. A key insight is to distinguish PII that is predefined and is easily available on the device from PII that is unknown a priori but can be automatically detected by classifiers. Our system not only combines, for the first time, the advantages of on-device monitoring with the power of learning unknown PII, but also outperforms either of the two approaches alone. We demonstrate the real-time performance of our prototype as well as the classification performance using a dataset that we collect and analyze from scratch (including new findings in terms of leaks and patterns). AntShield is a first step towards enabling distributed learning of private information exposure.