TY - GEN
T1 - Trusted detection of sensitive activities on mobile phones using power consumption measurements
AU - Guri, Mordechai
AU - Kedma, Gabi
AU - Zadov, Boris
AU - Elovici, Yuval
N1 - Publisher Copyright:
© 2014 IEEE.
PY - 2014/12/4
Y1 - 2014/12/4
N2 - The unprecedented popularity of modern mobile phones has made them a lucrative target for skillful and motivated offenders. A typical mobile phone is packed with sensors, which can be turned on silently by a malicious program, providing invaluable information to the attacker. Detecting such hidden activities through software monitors can be blindfolded and bypassed by rootkits and by anti-forensic methods applied by the malicious program. Moreover, detecting power consumption by software running on the mobile phone is susceptible to similar evasive techniques. Consequently, software based detection of hidden malicious activities, particularly the silent activation of sensors, cannot be considered as trusted. In this paper we present a method which detects hidden activities using external measurement of power consumption. The classification model is acquired using machine-learning multi-label classification algorithms. Our method overcomes the inherent weaknesses of software-based monitors, and provides a trusted solution. We describe the measurement setup, and provide detailed evaluation results of the algorithms used. The results obtained so far support the feasibility of our method.
AB - The unprecedented popularity of modern mobile phones has made them a lucrative target for skillful and motivated offenders. A typical mobile phone is packed with sensors, which can be turned on silently by a malicious program, providing invaluable information to the attacker. Detecting such hidden activities through software monitors can be blindfolded and bypassed by rootkits and by anti-forensic methods applied by the malicious program. Moreover, detecting power consumption by software running on the mobile phone is susceptible to similar evasive techniques. Consequently, software based detection of hidden malicious activities, particularly the silent activation of sensors, cannot be considered as trusted. In this paper we present a method which detects hidden activities using external measurement of power consumption. The classification model is acquired using machine-learning multi-label classification algorithms. Our method overcomes the inherent weaknesses of software-based monitors, and provides a trusted solution. We describe the measurement setup, and provide detailed evaluation results of the algorithms used. The results obtained so far support the feasibility of our method.
KW - Machine learning
KW - Mobile phone security
KW - Multi-label classification
KW - Trusted measurement
UR - http://www.scopus.com/inward/record.url?scp=84920270640&partnerID=8YFLogxK
U2 - 10.1109/JISIC.2014.30
DO - 10.1109/JISIC.2014.30
M3 - Conference contribution
AN - SCOPUS:84920270640
T3 - Proceedings - 2014 IEEE Joint Intelligence and Security Informatics Conference, JISIC 2014
SP - 145
EP - 151
BT - Proceedings - 2014 IEEE Joint Intelligence and Security Informatics Conference, JISIC 2014
PB - Institute of Electrical and Electronics Engineers
T2 - 2014 IEEE Joint Intelligence and Security Informatics Conference, JISIC 2014
Y2 - 24 September 2014 through 26 September 2014
ER -