AntMonitor Advances Mobile Data Transparency

February 8, 2017 / By Anna Lynn Spitzer

Irvine, February 8, 2017 — Mobile devices are today’s technology of choice, generating the majority of internet traffic. They’re ubiquitous tools for those working, socializing, communicating, shopping and more. But they also harbor a treasure trove of personal data, which, unbeknownst to users, can leak information to a host of unauthorized recipients.
A research group led by Athina Markopoulou, Samueli School associate professor of electrical engineering and computer science, is working to plug those leaks by letting users know when they happen and where the information is bound. The team is developing AntMonitor, a mobile app that can perform real-time detection and prevention of private information leaked from devices to the network.

“It’s useful to understand where your data are going,” Markopoulou says. “If half of my data plan is going to ad servers … that’s something I would like to know. If information like my location, my email address, my phone number or device ID are going to trackers, that’s important to know, too.”

She uses a chilling example: “If your phone is sending your credit card number to an unknown server in another country every day from midnight- 2 a.m., you’d be able to stop it.”

AntMonitor analyzes the packets going into and out of mobile devices, discerning where they’re coming from and where they’re heading. But, Markopoulou emphasizes, this powerful tool does not need to read or collect the content of the packets; packet headers (such as origins and destinations) convey useful information as well.
When it senses something unusual, AntMonitor can alert the user to take action. Users can personalize the app to define privacy criteria using filters. If preselected data begin leaking from the phone, AntMonitor will notify the user.

It also can learn routines. “If the app notifies me that my phone is contacting a new server, I can tell it to block those packets. Or, if it’s something I’ve authorized, the app will remember and won’t ask me again. Over time, it learns what’s normal and what’s not,” says Markopoulou.

Users also could gain control of the economics associated with personal data. Companies that make money from users browsing the internet could be held accountable and perhaps even forced to share profit. “If it becomes explicit to us that a company makes a certain amount of money each month from us [browsing the internet] maybe we can get some of that back,” Markopoulou says. “It’s good to put users in control of where their data are going and how they are monetized.”

In addition to being available as a downloadable app, AntMonitor is offered as a software development kit (SDK) that third party app developers can integrate into their products. Telecommunications companies, mobile software and analytics companies, as well as universities have expressed interest in the technology. Their goals can be a bit different, though – and could involve market research, user behavior statistics and other data collection that can seem at odds with privacy goals.

“I’m trying to navigate that challenge now,” Markopoulou admits. “If a developer or a marketing company uses our software, it should be their responsibility to disclose to their customers what they will collect.”

The app uses a VPN (virtual private network) to intercept incoming and outgoing packets. This means traffic is not being redirected to a middle server, just observed and analyzed on the device.

While other groups are engaged in related research, Markopoulou says AntMonitor’s preliminary testing reveals several advantages. “It significantly outperforms comparable approaches with regard to throughput and energy,” she says, adding that it uses up to 12 times less energy, doesn’t drain the device’s battery and achieves speeds up to eight times those of existing mobile approaches.

Currently in beta testing, AntMonitor is funded by a two-year $300,000 National Science Foundation EAGER grant and a $50,000 prize from the Data Transparency Lab (DTL). DTL, a nonprofit consortium that seeks to advance online data privacy and transparency, received 54 submissions in a recent funding competition and selected AntMonitor as one of six winners this year.

Future work on the technology includes crowdsourcing – collecting data from those who agree to participate in order to further refine the capabilities. “The more data we get from end users, the more powerful learning algorithms we can build,” says Markopoulou. Large amounts of data also can help establish global patterns. “If I can see a particular app causing a specific problem … or some malware developing, maybe I can help others before it gets to them.”

The dilemma, she says, is how much data to collect. “If I collect too little I can’t be useful, but if I collect too much it can be viewed as intrusive.”

Efforts to improve the app’s learning ability are also in progress. “I’d like Antmonitor to be an assistant that could give recommendations: this app is okay, but that app is leaking your data,” she explains.

Lastly, the team seeks to make the app more user friendly for the average person. “The technology’s there. Now we have to make it useful for people in a more digestible way so they will want to use it.” As part of this effort, they recently joined forces with a local mobile software company to develop a “gamified” version of the app. The effort involves integrating reports collected from AntMonitor into a Minecraft-like game, to make it more appealing to users so they will actively participate and provide input.

Given the breadth and personal nature of mobile data, improving the handling and sharing of information can have significant societal impact, Markopoulou says. “This project will advance our understanding of patterns in mobile network activity, and will enhance performance, security and privacy of mobile devices.”