In Partial Fulfillment of the Requirements for the Degree of Master of Science

Xi Lu

will defend her thesis

Malicious Apps May Explore a Smartphone’s Vulnerability to Detect One’s Activities

Abstract

In order to make apps functional, mobile operating systems, such as Android, allow applications to access some system data without asking for user permission. We demonstrate that by analyzing these system data and some side channel information, it is possible to gain insight into a smartphone user’s behavior, thus putting their privacy at risk. With these real-time privacy information collected, a malicious attacker may launch spear fishing attacks with much higher yield rates. In this thesis, we study a combination of power consumption, network traffic, and memory usage of several commonly used activities, and demonstrated that it is possible to classify a user’s smartphone activities into one of six categories. We designed several experiments to test the classification which resulted in high success rates. We also present the possibility of detecting transitions of smartphone activities.

Date: Thursday, April 20, 2017
Time: 4:00 PM
Place: PGH 550
Advisor: Dr. Stephen Huang

Faculty, students, and the general public are invited.