Final Report Summary - ACTIVMOBSEC (Active Behaviour Demands Active Security: New Approaches to Mobile Device Security)
The project “Active Behaviour Demands Active Security: New Approaches to Mobile Device Security (ACTIVMOBSEC)” (PIIF GA 2011 301536) ran from 28/09/2012 to 27/09/2014. This project investigated efficient modelling techniques to establish behaviour profiles on smart phone mobile devices. We hypothesized that behaviour remains stable under day to day use while anomalies will be observed under attack. Our results confirmed this hypothesis.
The project had four objectives:
• O1. Determine the most suitable sources for data modelling.
• O2. Develop scalable algorithms for behaviour modelling.
• O3. Determine suitable system status views for the user to make better informed decisions.
• O4. To provide means for analyzing unknown behaviour. through the use of clustering of collected legitimate and malicious behaviour.
For O1 we developed a sensor collection application, and ran several small data collection studies to find viable sensor outputs from mobile devices. From this work, we collected data from sensors that record activities *on* the phone (application, phone, CPU, and battery use) as well as activities *around* the phone (light, noise, rotation, magnetic field, cell towers, and WiFi access points). For O2 we investigated the use of existing modelling techniques, e.g. based on decision trees, and defined our own spatial and temporal models. We adapted them to measure both discrete and continuous data from sensors from which we (i) built dictionaries of frequent sensor events (e.g. frequent app use at particular locations), and (ii) measured “comfort” for each individual sensor. For O3 we created some innovative ways of not overburdening participants when determining the “ground truth” of the data. We also built a data collection app with a user friendly interface for collecting sensor data, and used this with our data collection and analysis. Objective O4 was carried out during months 16 to 24. For this objective we defined threat models in order to measure the security of implicit authentication, and simultaneously evaluated trade-offs for battery consumption with different techniques for optimizing sensor use.
Our results demonstrate the viability of an implicit authentication solution for mobile devices, and we made key contributions in terms of sensor behaviour models and efficient sensor data collection, and were able to scientifically demonstrate the security and usability of our solutions. As noted above the work resulted in several high-quality publications and received recognition in several press articles (Evening Times and Metro in Feb 2012 at the start of our project, and later with some initial results in BBC News in Feb 2014, and New Scientist and Daily Mail in November 2014).
http://ittgroup.org/all-projects
The project had four objectives:
• O1. Determine the most suitable sources for data modelling.
• O2. Develop scalable algorithms for behaviour modelling.
• O3. Determine suitable system status views for the user to make better informed decisions.
• O4. To provide means for analyzing unknown behaviour. through the use of clustering of collected legitimate and malicious behaviour.
For O1 we developed a sensor collection application, and ran several small data collection studies to find viable sensor outputs from mobile devices. From this work, we collected data from sensors that record activities *on* the phone (application, phone, CPU, and battery use) as well as activities *around* the phone (light, noise, rotation, magnetic field, cell towers, and WiFi access points). For O2 we investigated the use of existing modelling techniques, e.g. based on decision trees, and defined our own spatial and temporal models. We adapted them to measure both discrete and continuous data from sensors from which we (i) built dictionaries of frequent sensor events (e.g. frequent app use at particular locations), and (ii) measured “comfort” for each individual sensor. For O3 we created some innovative ways of not overburdening participants when determining the “ground truth” of the data. We also built a data collection app with a user friendly interface for collecting sensor data, and used this with our data collection and analysis. Objective O4 was carried out during months 16 to 24. For this objective we defined threat models in order to measure the security of implicit authentication, and simultaneously evaluated trade-offs for battery consumption with different techniques for optimizing sensor use.
Our results demonstrate the viability of an implicit authentication solution for mobile devices, and we made key contributions in terms of sensor behaviour models and efficient sensor data collection, and were able to scientifically demonstrate the security and usability of our solutions. As noted above the work resulted in several high-quality publications and received recognition in several press articles (Evening Times and Metro in Feb 2012 at the start of our project, and later with some initial results in BBC News in Feb 2014, and New Scientist and Daily Mail in November 2014).
http://ittgroup.org/all-projects
