A technique for counting natted hosts
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Profiling internet backbone traffic: behavior models and applications
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
On Inferring Application Protocol Behaviors in Encrypted Network Traffic
The Journal of Machine Learning Research
Network intrusion detection: evasion, traffic normalization, and end-to-end protocol semantics
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Traffic analysis of mobile broadband networks
WICON '07 Proceedings of the 3rd international conference on Wireless internet
Application-based TCP hijacking
Proceedings of the Second European Workshop on System Security
Internet traffic classification demystified: myths, caveats, and the best practices
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
Review: Passive internet measurement: Overview and guidelines based on experiences
Computer Communications
Early recognition of encrypted applications
PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
IpMorph: fingerprinting spoofing unification
Journal in Computer Virology
Website fingerprinting and identification using ordered feature sequences
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
A first look at mobile hand-held device traffic
PAM'10 Proceedings of the 11th international conference on Passive and active measurement
Inferring users' online activities through traffic analysis
Proceedings of the fourth ACM conference on Wireless network security
A hybrid approach to operating system discovery based on diagnosis
International Journal of Network Management
Application presence fingerprinting for NAT-Aware router
KES'06 Proceedings of the 10th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part II
A survey of techniques for internet traffic classification using machine learning
IEEE Communications Surveys & Tutorials
A Survey on Internet Traffic Identification
IEEE Communications Surveys & Tutorials
Passive remote source NAT detection using behavior statistics derived from netflow
AIMS'13 Proceedings of the 7th IFIP WG 6.6 international conference on Autonomous Infrastructure, Management, and Security: emerging management mechanisms for the future internet - Volume 7943
Towards passive DNS software fingerprinting
Proceedings of the 9th Asian Internet Engineering Conference
Hi-index | 0.00 |
The rapidly increasing data usage and overload in mobile broadband networks has driven mobile network providers to actively detect and bill customers who tether tablets and laptops to their mobile phone for mobile Internet access. However, users may not be willing to pay additional fees only because they use their bandwidth dierently, and may consider tethering detection as violation of their privacy. Furthermore, accurate tethering detection is becoming harder for providers as many modern smartphones are under full control of the user, running customized, complex software and applications similar to desktop systems. In this work, we analyze the network characteristics available to network providers to detect tethering customers. We present and categorize possible detection mechanisms and derive cost factors based on how well the approach scales with large customer bases. For those characteristics that appear most reasonable and practical to deploy by large providers, we present elimination or obfuscation mechanisms and substantiate our design with a prototype Android App.