Andrea Jiménez-Berenguel

@inproceedings{campo012,

title = {Inferring mobile applications usage from DNS traffic},

author = {Celeste Campo-Vázquez and Carlos García-Rubio and Andrea Jimenez-Berenguel and Marta Moure-Garrido and Florina Almenares-Mendoza and Daniel Díaz-Sánchez },

url = {https://www.sciencedirect.com/science/article/pii/S1570870524002129#d1e710},

doi = {https://doi.org/10.1016/j.adhoc.2024.103601},

year  = {2024},

date = {2024-07-19},

urldate = {2024-07-19},

booktitle = {Ad Hoc Networks},

publisher = {Elsevier B.V.},

abstract = {In the digital era, our lives are intrinsically linked to the daily use of mobile applications. As a consequence, we generate and transmit a large amount of personal data that puts our privacy in danger. Despite having encrypted communications, the DNS traffic is usually not encrypted, and it is possible to extract valuable information from the traffic generated by mobile applications. This study focuses on the analysis of the DNS traffic behavior found in mobile application traces, developing a methodology capable of identifying mobile applications based on the domains they query. With this methodology, we were able to identify apps with 98% accuracy. Furthermore, we have validated the effectiveness of the characterization obtained with one dataset by identifying traces from other independent datasets. The evaluation showed that the methodology provides successful results in identifying mobile applications.},

keywords = {},

pubstate = {published},

tppubtype = {inproceedings}

}

@inproceedings{andrea001,

title = {Caracterización de aplicaciones móviles mediante el análisis del tráfico DNS},

author = {Andrea Jimenez-Berenguel and Marta Moure-Garrido and Carlos García-Rubio and Celeste Campo-Vázquez},

url = {https://idus.us.es/handle/11441/159179

https://dialnet.unirioja.es/servlet/articulo?codigo=9633499

https://idus.us.es/bitstream/handle/11441/159179/ActasJNIC24%20%282%20ed%29.pdf?sequence=4&isAllowed=y},

isbn = {978-84-09-62140-8},

year  = {2024},

date = {2024-05-28},

urldate = {2024-05-28},

booktitle = {IX Jornadas Nacionales de Investigación en Ciberseguridad - JNIC 2024},

pages = {506-507},

publisher = {Universidad de Sevilla},

abstract = {La privacidad del usuario sigue siendo vulnerable

cuando se utilizan protocolos de comunicaci´on cifrados, como

HTTPS, cuando las consultas DNS se env´ıan en texto claro a

trav´es del puerto UDP 53 (Do53). En este estudio, demostramos

la posibilidad de caracterizar una aplicaci´on m´ovil que utiliza

un usuario bas´andonos en su tr´afico Do53. Mediante el an´alisis

de un conjunto de datos de tr´afico, formado por 80 aplicaciones

m´oviles Android, podemos identificar la aplicaci´on que se est´a

utilizando bas´andonos en sus consultas DNS con una precisi´on

del 88,75 %. Aunque los sistemas operativos modernos, incluido

Android desde la versi´on 9.0, admiten el tr´afico DNS cifrado,

esta funci´on no est´a activada por defecto y depende del soporte

del proveedor de DNS. Adem´as, incluso cuando el tr´afico DNS

est´a cifrado, el proveedor de servicios DNS sigue teniendo acceso

a nuestras consultas y podr´ıa extraer informaci´on de ellas.},

keywords = {},

pubstate = {published},

tppubtype = {inproceedings}

}