User Action Identification Of Mobile Payment Application Based On Network Traffic

In recent years,mobile payment apps have been widely-adopted,which brings great convenience to people's lives.At the same time,a large number of questions of privacy information disclosure also have been emerged.From the point of view of attackers,this paper considers a possible fashion of user privacy disclosure that infer the types of user behavior by analyzing the encrypted network traffic generated by mobile payment applications.The current researches of behavior identification mainly focused on communication behavior(such as chat,picture-sharing or video-sharing and etc).The existing methods can not accurately identify the financial transaction behaviors(such as transfer,sending red packets and etc)in mobile payment applications that people rely on increasingly.Furthermore,most of researchers are still using the manual way to collect the network traffic,which is an extraordinarily difficult and time-consuming process.In order to solve the above problems,based on the traffic analysis,this paper mainly conducts research on user behaviors in mobile payment application.It studies a method of behavior identification in mobile payment applications which based on automatic traffic collection and traffic analysis.The method through utilizing the fuzzy testing tool to realizes the automatic flow collection.After that,the statistical features of user behavior identification in mobile payment applications are extracted.And using Bayesian method to identify the unknown traffic.Experimental results showed that this method can realize the effective identification of user behavior in mobile payment applications,especially for the most common application of Alipay,the identification accuracy is 87%,which is about 8% higher than the method of Yan et al.Targeting at the question of the low accuracy of user behavior identification in some specific mobile payment applications,an optimization model of behavior identification based on the combination of noise processing and ensemble learning algorithm is proposed.Firstly,the background traffic and the confusion flow are dealt with noise separately,and then different ensemble learning methods are used to model them respectively.Finally,the two methods are combined to optimize the identification model.Experimental results showed that both of the accuracy and the F1-Score of this method are more than 90% for the tasks of behavior identification in different mobile payment applications.In order to restore a complete real attack scenario,a hierarchical identification simulation system of mobile payment traffic is designed.In this system,the analysis and identification of mobile payment application network traffic is realized in a hierarchical way.Firstly,the mobile payment application is identified from the confused encrypted traffic.After that,the types of specific behavior(Such as sending text,picture or transfer money and etc)are classified.Finally,from a more fine-grained perspective,the types of user's phased behavior are identified(Such as each operation step of transfer payment behavior).The experimental results showed that the proposed hierarchical identification simulation system is effective and extensive in the real attack scenarios.