ZKSENSE: a Privacy-Preserving Mechanism for Bot Detection in Mobile Devices

by   Panagiotis Papadopoulos, et al.

CAPTCHA systems have been widely deployed to identify and block fraudulent bot traffic. However, current solutions, such as Google's reCAPTCHA, often either (i) require additional user actions (e.g., users solving mathematical or image-based puzzles), or (ii) need to send the attestation data back to the server (e.g., user behavioral data, device fingerprints, etc.), thus raising significant privacy concerns. To address both of the above, in this paper we present ZKSENSE: the first zero knowledge proof-based bot detection system, specifically designed for mobile devices. Our approach is completely transparent to the users and does not reveal any sensitive sensor data to the service provider. To achieve this, ZKSENSE studies the mobile device's motion sensor outputs during user actions and assess their humanness locally with the use of an ML-based classifier trained by using sensor data from public sources and data collected from a small set of volunteers. We implement a proof of concept of our system as an Android service to demonstrate its feasibility and effectiveness. In our evaluation we show that ZKSENSE detects bots without degrading the end-user experience or jeopardizing their privacy, with 91 (i) when the device is resting (e.g., on a table), (ii) when there is artificial movement from the device's vibration, and (iii) when the device is docked on a swinging cradle.



There are no comments yet.


page 5

page 7


A Tool for Conducting User Studies on Mobile Devices

With the ever-growing interest in the area of mobile information retriev...

Mitigating Location Privacy Attacks on Mobile Devices using Dynamic App Sandboxing

We present the design, implementation and evaluation of a system, called...

FastICARL: Fast Incremental Classifier and Representation Learning with Efficient Budget Allocation in Audio Sensing Applications

Various incremental learning (IL) approaches have been proposed to help ...

SoniControl - A Mobile Ultrasonic Firewall

The exchange of data between mobile devices in the near-ultrasonic frequ...

Fusion of Mobile Device Signal Data Attributes Enables Multi-Protocol Entity Resolution and Enhanced Large-Scale Tracking

Use of persistent identifiers in wireless communication protocols is a k...

Differentiated context-aware hook placement for different owners' smartphones

A hook is a piece of code. It checks user privacy policy before some sen...

Privacy Preserving Release of Mobile Sensor Data

Sensors embedded in mobile smart devices can monitor users' activity wit...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.