Transfer Learning for User Action Identification in Mobile Apps via Encrypted Traffic Analysis

Edita Grolman, Andrey Finkelshtein, Rami Puzis, Asaf Shabtai, Gershon Celniker, Ziv Katzir, Liron Rosenfeld

Recent academic studies have demonstrated the possibility of inferring user actions performed in mobile apps by analyzing the resulting encrypted network traffic. Due to the multitude of app versions, mobile operating systems, and device models (collectively referred to in this paper as configurations) previous approaches are not applicable to real life settings. In this work, we ex-tend the ability of these approaches to generalize across different configurations. We treat the different configurations as a case for transfer learning, and adapt the co-training method to sup-port the transfer learning process. Our approach leverages a small number of labeled instances of encrypted traffic from a source configuration, in order to construct a classifier capable of identi-fying a user’s actions in a different (target) configuration which is completely unlabeled. Experi-ments on real datasets collected from different applications on …