Related papers: Event-Driven Implicit Authentication for Mobile Ac…
Personal sensory data is used by context-aware mobile applications to provide utility. However, the same data can also be used by an adversary to make sensitive inferences about a user thereby violating her privacy. We present DEEProtect, a…
Although the traditional physical password, fingerprint unlocking and facial features have improved the security to a certain extent, they have the characteristics of passive authentication and easiness to be stolen. The existing behavioral…
As mobile phones have evolved into `smartphones', with complex operating systems running third- party software, they have become increasingly vulnerable to malicious applications (malware). We introduce a new design for mitigating malware…
Secure communication mechanisms in Wireless Sensor Networks (WSNs) have been widely deployed to ensure confidentiality, authenticity and integrity of the nodes and data. Recently many WSNs applications rely on trusted communication to…
Android employs a permission framework that empowers users to either accept or deny sharing their private data (for example, location) with an app. However, many apps tend to crash when they are denied permission, leaving users no choice…
In this paper, we proposed an identification and data encrypt key manage protocol that can be used in some security system based on such secure devices as secure USB memories or RFIDs, which are widely used for identifying persons or other…
Advances in smart devices has witnessed major developments in many mobile applications such as Android applications. These smart devices normally interconnect to the internet using wireless technology and applications using the TFTP…
Trusted Execution Environments (TEEs) such as ARM TrustZone are widely used in IoT and embedded devices to protect sensitive code and data. However, most existing defenses focus on secure boot or REE-side monitoring and provide little…
The impressive growth of smartphone devices in combination with the rising ubiquity of using mobile platforms for sensitive applications such as Internet banking, have triggered a rapid increase in mobile malware. In recent literature, many…
Abuse of zero-permission sensors on-board mobile and wearable devices to infer users' personal context and information is a well-known privacy threat that has received significant attention. Efforts towards protection mechanisms that…
The conventional device authentication of wireless networks usually relies on a security server and centralized process, leading to long latency and risk of single-point of failure. While these challenges might be mitigated by collaborative…
Authentication schemes using tokens or biometric modalities have been proposed to ameliorate the security strength on mobile devices. However, the existing approaches are obtrusive since the user is required to perform explicit gestures in…
Android utilizes a security mechanism that requires apps to request permission for accessing sensitive user data, e.g., contacts and SMSs, or certain system features, e.g., camera and Internet access. However, Android apps tend to be…
Smartphone apps often run with full privileges to access the network and sensitive local resources, making it difficult for remote systems to have any trust in the provenance of network connections they receive. Even within the phone,…
While smartphone usage become more and more pervasive, people start also asking to which extent such devices can be maliciously exploited as "tracking devices". The concern is not only related to an adversary taking physical or remote…
Crowd sensing is a new paradigm which leverages the pervasive smartphones to efficiently collect and upload sensing data, enabling numerous novel applications. To achieve good service quality for a crowd sensing application, incentive…
Impostors are attackers who take over a smartphone and gain access to the legitimate user's confidential and private information. This paper proposes a defense-in-depth mechanism to detect impostors quickly with simple Deep Learning…
Embedded devices are omnipresent in modern networks including the ones operating inside critical environments. However, due to their constrained nature, novel mechanisms are required to provide external, and non-intrusive anomaly detection.…
The security of private information is becoming the bedrock of an increasingly digitized society. While the users are flooded with passwords and PINs, these gold-standard explicit authentications are becoming less popular and valuable.…
In this paper, we propose to identify compromised mobile devices from a network administrator's point of view. Intuitively, inadvertent users (and thus their devices) who download apps through untrustworthy markets are often allured to…