City University of Hong Kong
DSpace
 

CityU Institutional Repository >
3_CityU Electronic Theses and Dissertations >
ETD - Dept. of Computer Science  >
CS - Doctor of Philosophy  >

Please use this identifier to cite or link to this item: http://hdl.handle.net/2031/6602

Title: Smartphone security in ubiquitous networking environments
Other Titles: Pu shi wang luo huan jing xia de zhi neng shou ji an quan yan jiu
普适網絡環境下的智能手機安全研究
Authors: Xu, Nan ( 徐楠)
Department: Department of Computer Science
Degree: Doctor of Philosophy
Issue Date: 2010
Publisher: City University of Hong Kong
Subjects: Smartphones -- Security measures.
Ubiquitous computing.
Notes: CityU Call Number: TK5103.485 .X84 2010
vii, 112 leaves : ill. 30 cm.
Thesis (Ph.D.)--City University of Hong Kong, 2010.
Includes bibliographical references (leaves 105-112)
Type: thesis
Abstract: Currently researchers mainly focus on new countermeasures against malware, e.g. new malware analysis and detection technologies. With structure and functionality similar to computers, Smartphones also face the threat of the attacks of mobile malware. In terms of personal communication platform, the big market of Smartphones attracts and leaves room for malicious hackers to exploit the vulnerabilities in Smartphones for mischiefs or, even worse, for criminal gains. In terms of mobile social network platform, the ubiquitous networking security vulnerabilities have spread from the Internet to 3G, WiFi, and LTE networks. There is a chain of communication traversing multiple networks, enabling hackers to attack the weakest link - Smartphones, and hence causing significant damages to otherwise well protected networks. In this light, researchers gradually turn to focus on the Smartphones security. In this thesis, we make our contributions from following three aspects. Stealthy Video Capturer - New Video-based Spyware in 3G Smartphones As personal communication platforms, 3G Smartphones have become increasingly pervasive in recent years. Unfortunately they contain much personal and confidential information and are easily compromised. We will first address the privacyrelated Smartphone security, as well as relevant typical applications. We designed and implemented Stealthy Video Capturer (SVC), a new video-based spyware, on real 3G Smartphones. SVC can steal users' private information through secretly recording videos for the third party and transmitting them to that party. To our knowledge, our work is the first one that investigates video-based vulnerabilities in 3G Smartphones. We illustrate two practical applications of SVC, i.e. mobile forensics and child care. We anticipate that our work will draw widespread attention to this issue. 3G Real Time Video-based Mobile Guarder We investigate a novel technique to acquire comprehensive context information of remote Smartphone users, including surrounding environment, location and behaviors, for further information process, e.g. localization and human safeguard. Our system is simply launched by a normal 3G video call and to transmit the captured real time video in 3G connections. The technique makes use of the efficiency of 3G video call and thus zero-configuration for the call initiator. It can achieve the remote user's status on-demand and fast show a general view of the user for the call initiator, besides location based service. Moreover, no costly special devices other than normal 3G Smartphones are needed in our technique. It can also help to revise the inherent limitations of GPS by employing the surrounding environment information provided by captured real time video when lies indoor or dense high building districts. Smartphone Operating System Fingerprinting As mobile social network platform, there is an unavoidable potential threat for infected Smartphones propagating mobile malware to others in the ubiquitous networking environment. Moreover, stimulated by the fast growing popularity of wireless-enabled Smartphones and the inherent vulnerability of Smartphone operating system (OS), we investigate a new fingerprinting technique that identifies the Smartphone OS. The technique is greatly helpful for wireless network administrators to adaptively accommodate the network security policy based on the real time fingerprinting data. Different from existing schemes on Personal Computer (PC) OS fingerprinting, our fingerprinting technique is launched during the WiFi connection period of a Smartphone. The technique makes use of a new reliable metric called channel dwell time, which is the Smartphone's stay time on a certain channel in the normal probing process of Smartphones. Our technique can quickly identify the Smartphone operating system with high accuracy based on channel dwell time without any modification to or specific interaction with the Smartphone. Moreover no costly special apparatuses other than several normal PC or notebooks installed with WiFi cards are needed. Then we implement the technique and conduct extensive experiments with real world popular Smartphone OSes. Our experimental evaluation shows that our technique is applicable to most commercial Smartphones and reaches an average identification accuracy of up to 98.1%. This thesis is organized as follows. Chapter 1 describes the background of the thesis. Chapter 2 introduces the related work. Chapter 3 investigates the video-based vulnerabilities in 3G Smartphones, especially a new video-based spyware on 3G Smartphones. Chapter 4 develops an novel technique to acquire comprehensive context information of remote Smartphone users for further information process, e.g. localization and human safeguard. Chapter 5 exploits a new reliable metric called channel dwell time to quickly identify Smartphone OSes. Chapter 6 concludes this thesis.
Online Catalog Link: http://lib.cityu.edu.hk/record=b4086675
Appears in Collections:CS - Doctor of Philosophy

Files in This Item:

File Description SizeFormat
abstract.html132 BHTMLView/Open
fulltext.html132 BHTMLView/Open

Items in CityU IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

Valid XHTML 1.0!
DSpace Software © 2013 CityU Library - Send feedback to Library Systems
Privacy Policy · Copyright · Disclaimer