Advertisement

Analyzing Locality of Mobile Messaging Traffic using the MATAdOR Framework

  • Quirin Scheitle
  • Matthias Wachs
  • Johannes Zirngibl
  • Georg Carle
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9631)

Abstract

Mobile messaging services have gained a large share in global telecommunications. Unlike conventional services like phone calls, text messages or email, they do not feature a standardized environment enabling a federated and potentially local service architecture. We present an extensive and large-scale analysis of communication patterns for four popular mobile messaging services between 28 countries and analyze the locality of communication and the resulting impact on user privacy. We show that server architectures for mobile messaging services are highly centralized in single countries. This forces messages to drastically deviate from a direct communication path, enabling hosting and transfer countries to potentially intercept and censor traffic. To conduct this work, we developed a measurement framework to analyze traffic of such mobile messaging services. It allows to carry out automated experiments with mobile messaging applications, is transparent to those applications and does not require any modifications to the applications.

Keywords

Mobile messaging Security WhatsApp WeChat Threema TextSecure 

Notes

Acknowledgments

We thank Andreas Loibl for early access to his Measurement Proxy software.

References

  1. 1.
    Brandom, R.: WhatsApp rolls out end-to-end encryption using TextSecure code (2014). https://www.theverge.com/2014/11/18/7239221/whatsapp-rolls-out-end-to-end-encryption-with-textsecure. Accessed 14 September 2015
  2. 2.
    Kakao, D.: 2Q15 earnings report, August 2015. http://www.kakaocorp.com/upload_resources/ir/siljeok/siljeok_20150813080737.pdf. Accessed 23 September 2015
  3. 3.
    Durairajan, R., Barford, P., Sommers, J., Willinger, W.: InterTubes: a study of the US long-haul fiber-optic infrastructure. In: SIGCOMM 2015 (2015)Google Scholar
  4. 4.
    Electronic Frontier Foundation. Secure Messaging Scorecard (2014). https://www.eff.org/secure-messaging-scorecard. Accessed 14 September 2015
  5. 5.
    Facebook. Messenger at f8, March 2015. http://newsroom.fb.com/news/2015/03/messenger-at-f8/. Accessed 17 September 2015
  6. 6.
    Federal Network Agency for Electricity, Gas, Telecommunications Post and Railway. Annual report 2014, p. 81 (2014)Google Scholar
  7. 7.
    Fiadino, P., Schiavone, M., Casas, P.: Vivisecting WhatsApp in cellular networks: servers, flows, and quality of experience. In: Steiner, M., Barlet-Ros, P., Bonaventure, O. (eds.) TMA 2015. LNCS, vol. 9053, pp. 49–63. Springer, Heidelberg (2015)Google Scholar
  8. 8.
    Frosch, T., Mainka, C., et al.: How Secure is TextSecure? Technical report (2014)Google Scholar
  9. 9.
    Golson, J.: Apple fighting the US government over encrypted iMessages (2015). http://www.techrepublic.com/article/apple-fighting-the-us-government-on-turning-over-encrypted-imessages/. Accessed 14 September 2015
  10. 10.
    Huang, Q., Lee, P.P., et al.: Fine-grained dissection of WeChat in cellular networks. IWQoS (2015)Google Scholar
  11. 11.
    Huffaker, B., Fomenkov, M., Claffy, K.: DRoP: DNS-based router positioning. ACM SIGCOMM CCR 44(3), 5–13 (2014)CrossRefGoogle Scholar
  12. 12.
    Koum, J.: Whatsapp - now serving 900,000,000 monthly active users, September 2015. https://www.facebook.com/jan.koum/posts/10153580960970011. Accessed 23 September 2015
  13. 13.
    Line Corporation. LINE Corporation Announces 2015Q2 Earnings, July 2015. http://linecorp.com/en/pr/news/en/2015/1043. Accessed 17 September 2015
  14. 14.
    Marlinspike, M.: A Saudi Arabia telecom’s surveillance pitch (2013). http://www.thoughtcrime.org/blog/saudi-surveillance/. Accessed 14 September 2015
  15. 15.
    McMurchy, L.: Skype connection hub ads provide increased scale for marketers, December 2014. http://advertising.microsoft.com/en/blog/29331/skype-connection-hub-ads-provide-increased-scale-for-marketers. Accessed 17 September 2015
  16. 16.
    Mueller, R., Schrittwieser, S., et al.: What’s new with WhatsApp & Co.? Revisiting the security of smartphone messaging applications. In: iiWAS (2014)Google Scholar
  17. 17.
    Open Whisper Systems. Textsecure, now with 10 million more users, December 2013. https://whispersystems.org/blog/cyanogen-integration/. Accessed 23 September 2015
  18. 18.
    Pew Research Center. Mobile messaging and social media 2015 (2015). http://www.pewinternet.org/files/2015/08/Social-Media-Update-2015-FINAL2.pdf. Accessed 14 September 2015
  19. 19.
    PlanetLab Central. User tools. https://www.planet-lab.org/tools. Accessed 17 September 2015
  20. 20.
    Reader, R.: Wickr CEO Nico Sell: behind the glasses, January 2015. http://venturebeat.com/2015/01/13/wickr-ceo-nico-sell-behind-the-glasses/. Accessed 23 September 2015
  21. 21.
    Statista. Number of monthly active viber users, April 2015. http://www.statista.com/statistics/316423/. Accessed 23 September 2015
  22. 22.
    Statista. We are social. (n.d.). most popular global mobile messenger apps as of August 2015. http://www.statista.com/statistics/258749/. Accessed 23 September 2015
  23. 23.
    Statista. Number of monthly active WhatsApp users worldwide. http://www.statista.com/statistics/260819/number-of-monthly-active-whatsapp-users/. Accessed 23 September 2015
  24. 24.
    Tango. 200 million members!, March 2014. http://www.tango.me/blog/200-million-members. Accessed 17 September 2015
  25. 25.
    TechCrunch. Chat app kik hits 200m registered users, January 2015. http://techcrunch.com/2015/01/28/dont-expect-kik-maus/. Accessed 23 September 2015
  26. 26.
    Tencent. 2015Q2 results, August 2015. http://www.tencent.com/en-us/content/ir/news/2015/attachments/20150812.pdf. Accessed 23 September 2015
  27. 27.
    The European Commission. Case No COMP/M.7217 - FACEBOOK/ WHATSAPP (2014). http://ec.europa.eu/competition/mergers/cases/decisions/m7217_20141003_20310_3962132_EN.pdf
  28. 28.
    The Telegram Team. Telegram reaches 1 billion daily messages, December 2014. https://telegram.org/blog/billion. Accessed 17 September 2015
  29. 29.
    Threema. If you value security and privacy, September 2014. https://threema.ch/press-files/1_press_info/Press-Info_Threema_EN.pdf. Accessed 17 September 2015
  30. 30.
    TNS Global. The new social frontier: Instant messaging usage jumpps 12% (2015). http://www.tnsglobal.com/press-release/new-social-frontier-instant-messaging-usage-jumps. Accessed 7 October 2015
  31. 31.
    Vodafone. Law enforcement disclosure report 2015 (2015). https://www.vodafone.com/content/index/about/sustainability/law_enforcement.html. Accessed 14 September 2015
  32. 32.
    Wählisch, M., Schmidt, T.C., de Brün, M., Häberlen, T.: Exposing a nation-centric view on the German internet – A change in perspective on AS-level. In: Taft, N., Ricciato, F. (eds.) PAM 2012. LNCS, vol. 7192, pp. 200–210. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  33. 33.
    Wikipedia. Mobile application testing (2015). https://en.wikipedia.org/wiki/Mobile_application_testing#Some_Mobile_Application_Testing_Tools. Accessed 17 September 2015
  34. 34.
    Zhang, M., Ruan, Y., Pai, V.S., Rexford, J.: How DNS Misnaming Distorts Internet Topology Mapping. In: USENIX (2006)Google Scholar
  35. 35.
    Zirngibl, J.: Security Analysis of Mobile Messaging Traffic with an Automated Test Framework. Bachelor’s thesis, Technische Universität München (2015)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Quirin Scheitle
    • 1
  • Matthias Wachs
    • 1
  • Johannes Zirngibl
    • 1
  • Georg Carle
    • 1
  1. 1.Department of Informatics, Chair for Networking Services and ArchitecturesTechnical University of Munich (TUM)MunichGermany

Personalised recommendations