We live in a technological age where information can be accessed easily at our fingertips. One of every three people in the world today possesses and uses a smartphone. These devices have given us the ability to access the furthest corners of the world. However, accessibility seems to be a two-way street. With smartphone apps becoming more widespread by the day, the privacy and security risks that emanate from their traffic tracking have been on the rise. Attackers can target users' personal and usage information on these apps to conceive malicious attacks, such as false job opportunities or dishonestly recommended disease treatment.
Keeping in mind that information security in organisations is generally focussed on confidentiality, integrity, and availability – otherwise known as the CIA triad – it is crucial to include the subjects of privacy and ethics in there, as well. Traffic features, such as traffic size, communication patterns, and data transmission, may reveal critical private information, resulting in security breaches. Despite the fact that encryption technologies are utilized in wireless connection networks, like WEP, WPA, and WPA2 for Wi-Fi; UEA2 and UIA2 for 4G, to prevent illegal access to their traffic, mobile communication traffic still suffers from privacy protection flaws. What is needed is to create a smokescreen of some kind, clouding the traffic data in order to lower the risk of wiretapping and malevolent identification of Internet traffic.
Professors Ali Chehab, Imad Elhajj, and Ayman Kayssi, as well as PhD student Louma Chaddad at the Maroun Semaan Faculty of Engineering and Architecture (MSFEA) of the American University of Beirut (AUB), have studied this issue closely. In a recent study as part of MSFEA's ongoing research program on cybersecurity and privacy, Chehab's team proposed a novel technique, under the name of AdaptiveMutate, which prevents the leak of private information. Its purpose is to obstruct any statistical analysis of app traffic that may result in security violations. Their technique was so effective that it reduced the accuracy of information classification from over 91 percent to a mere 7 percent. In other words, they have successfully made it more than thirteen times harder for attackers to identify information from app traffic.
What AdaptiveMutate does is that it obscures traffic information, such as data packet lengths and inter-arrival time information. It is programmed to achieve maximum efficiency by pairing the most divergent apps to one another. As a result, intruders would have a hard time distinguishing between the actual data and the distorted data. Furthermore, for optimal obfuscation, this state-of-the-art technique can select, in an adaptive manner, the most appropriate traffic feature to mutate; thus, the name AdaptiveMutate.In a region facing a multitude of challenges, such an innovation could help minimise many risks, both on the individual wellbeing level and the national security level. This is crucial as serious consequences could arise from cybersecurity breaches, especially in economic growth and social security. Indeed, future advancements will expand upon this technique, but this could prove to be a vital factor in the battle against malicious cyber-attacks.