DeepAI AI Chat
Log In Sign Up

ZKSENSE: a Privacy-Preserving Mechanism for Bot Detection in Mobile Devices

by   Panagiotis Papadopoulos, et al.

CAPTCHA systems have been widely deployed to identify and block fraudulent bot traffic. However, current solutions, such as Google's reCAPTCHA, often either (i) require additional user actions (e.g., users solving mathematical or image-based puzzles), or (ii) need to send the attestation data back to the server (e.g., user behavioral data, device fingerprints, etc.), thus raising significant privacy concerns. To address both of the above, in this paper we present ZKSENSE: the first zero knowledge proof-based bot detection system, specifically designed for mobile devices. Our approach is completely transparent to the users and does not reveal any sensitive sensor data to the service provider. To achieve this, ZKSENSE studies the mobile device's motion sensor outputs during user actions and assess their humanness locally with the use of an ML-based classifier trained by using sensor data from public sources and data collected from a small set of volunteers. We implement a proof of concept of our system as an Android service to demonstrate its feasibility and effectiveness. In our evaluation we show that ZKSENSE detects bots without degrading the end-user experience or jeopardizing their privacy, with 91 (i) when the device is resting (e.g., on a table), (ii) when there is artificial movement from the device's vibration, and (iii) when the device is docked on a swinging cradle.


page 5

page 7


A Tool for Conducting User Studies on Mobile Devices

With the ever-growing interest in the area of mobile information retriev...

Mitigating Location Privacy Attacks on Mobile Devices using Dynamic App Sandboxing

We present the design, implementation and evaluation of a system, called...

Device-centric Federated Analytics At Ease

Nowadays, high-volume and privacy-sensitive data are generated by mobile...

SoniControl - A Mobile Ultrasonic Firewall

The exchange of data between mobile devices in the near-ultrasonic frequ...

Differentiated context-aware hook placement for different owners' smartphones

A hook is a piece of code. It checks user privacy policy before some sen...