Abstract

Intimate partner violence (IPV) is a form of abuse in romantic relationships, more frequently, against the female partner. IPV can vary in severity and frequency, ranging from emotional abuse or stalking to recurring and severe violent episodes over a long period.
Easy access to Stalkerware apps helps foster such behaviors by allowing non-tech-savvy individuals to spy on their victims.
These apps offer features for discreetly monitoring and remotely controlling compromised mobile devices, thereby infringing the victim's privacy and the security of their data.
In this work, we investigate methods for gathering evidence about an abuser and the Stalkerware they employ on a victim's device. We develop a semi-automated tool intended for use by investigators, helping them to analyze Android phones for potential threats in cases of IPV Stalkerware. As a first step towards this goal, we perform an experimental privacy and security study to investigate currently available Stalkerware apps.
We specifically study the vectors through which vulnerabilities found in Stalkerware apps could be exploited by investigators.
We then design and implement a tool called WARNE, leveraging the identified flaws to facilitate the information and evidence collection process. Our tool generates reports containing all available information about potential Stalkerware present on a victim's device.
To ensure a better usability of WARNE, we also come up with report parsing mechanisms involving generative AI, especially Large Language Models (LLMs). This genre of Natural Language Processing models is suited for large text analysis and information extraction.