nach oben

Erschienen in:

01.02.2009

Monitoring Smartphones for Anomaly Detection

verfasst von: Aubrey-Derrick Schmidt, Frank Peters, Florian Lamour, Christian Scheel, Seyit Ahmet Çamtepe, Şahin Albayrak

Erschienen in: Mobile Networks and Applications | Ausgabe 1/2009

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

In this paper we demonstrate how to monitor a smartphone running Symbian operating system and Windows Mobile in order to extract features for anomaly detection. These features are sent to a remote server because running a complex intrusion detection system on this kind of mobile device still is not feasible due to capability and hardware limitations. We give examples on how to compute relevant features and introduce the top ten applications used by mobile phone users based on a study in 2005. The usage of these applications is recorded by a monitoring client and visualized. Additionally, monitoring results of public and self-written malwares are shown. For improving monitoring client performance, Principal Component Analysis was applied which lead to a decrease of about 80% of the amount of monitored features.

Vorheriger Artikel An Activity Recognition System For Mobile Phones

Nächster Artikel Extracting High-Level Information from Location Data: The W4 Diary Example

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

ATZelektronik

Die Fachzeitschrift ATZelektronik bietet für Entwickler und Entscheider in der Automobil- und Zulieferindustrie qualitativ hochwertige und fundierte Informationen aus dem gesamten Spektrum der Pkw- und Nutzfahrzeug-Elektronik.

Lassen Sie sich jetzt unverbindlich 2 kostenlose Ausgabe zusenden.

Jetzt informieren

ATZelectronics worldwide

ATZlectronics worldwide is up-to-speed on new trends and developments in automotive electronics on a scientific level with a high depth of information.

Order your 30-days-trial for free and without any commitment.

Jetzt informieren

Nur mit Berechtigung zugänglich

In the sense of this work, we will use the expressions smartphone, mobile phone and mobile device equivalently.

Global Positioning System.

Global System for Mobile Communications.

Short Message Service.

General Packet Radio Service.

Wideband Code Division Multiple Access.

Freedom of Mobile Multimedia Access.

Universal Mobile Telecommunications System.

Infrared Data Association.

Formerly: Simple Object Access Protocol.

Tested on Version 9.1 S60 3rd.

International Mobile Equipment Identity.

International Mobile Subscriber Identity.

http://code.google.com/android/.

Will be substituted with MP3 (19%) due to UMTS usage and increasing interest for MP3 capabilities on devices.

This class was removed since all values are already represented.

http://www.cs.waikato.ac.nz/ml/weka/.

Abowd GD, Iftode L, Mitchel H (2005) The Smart phone: a first platform for pervasive computing. IEEE Perv Comput 4:18–19CrossRef

Albayrak S, Scheel C, Milosevic D, Müller A (2005) Combining self-organizing map algorithms for robust and scalable intrusion detection. In: Mohammadian M (ed) Proceedings of international conference on computational intelligence for modelling control and automation (CIMCA 2005). IEEE Computer Society, Los Alamitos, pp 123–130CrossRef

Allen J, Christie A, Fithen W, McHugh J, Pickel J, Stoner E (2000) State of the practice of intrusion detection technologies. Technical Report, CMU/SEI-99-TR-028. Carnegie Mellon Software Engeneering Institue, Pittsburgh, PA, pp 15213–3890

Axelsson S (2000) Intrusion detection systems: a survey and taxonomy. Technical Report 99-15. Department of Computer Engineering Chalmers University of Technology Göteborg, Sweden

Buennemeyer TK, Nelson TM, Clagett LM, Dunning JP, Marchany RC, Tront JG (2008) Mobile device profiling and intrusion detection using smart batteries. In: HICSS ’08: Proceedings of the proceedings of the 41st annual Hawaii international conference on system sciences, p 296. IEEE Computer Society, Washington, DC. doi:10.1109/HICSS.2008.319 CrossRef

Bundesverband Informationswirtschaft Telekommunikation und neue Medien e.V.-BITKOM (2006) Mehr Handys als Einwohner in Deutschland. http://www.bitkom.de/41015_40990.aspx

Bulygin Y (2007) Epidemics of mobile worms. In: Proceedings of the 26th IEEE international performance computing and communications conference, IPCCC 2007, New Orleans, 11–13 April 2007. IEEE Computer Society, Los Alamitos, pp 475–478

Canalys (2006) EMEA Q3 2006—Highlight From the Canalys Research. http://www.canalys.com/pr/2006/r2006102.htm. http://www.canalys.com/ (online visited 2007.10.04)

Cheng J, Wong SHY, Yang H, Lu S (2007) Smartsiren: virus detection and alert for smartphones. In: International conference on mobile systems, applications, and services (Mobisys 2007), Puerto Rico, 11–14 June 2007, pp. 258–271

10.

Davis G, Davis N (2004) Battery-based intrusion detection. In: Global telecommunications conference, 2004. GLOBECOM ’04, vol 4. IEEE, Piscataway, pp 2250–2255. doi:10.1109/GLOCOM.2004.1378409

11.

Deegalla S, Bostrom H (2006) Reducing high-dimensional data by principal component analysis vs. random projection for nearest neighbor classification. In: ICMLA ’06: Proceedings of the 5th international conference on machine learning and applications. IEEE Computer Society, Washington, DC, pp 245–250. doi:10.1109/ICMLA.2006.43 CrossRef

12.

Forrest S, Perelson AS, Allen L, Cherukuri R (1994) Self-nonself discrimination in a computer. In: Proceedings of the IEEE symposium on research in security and privacy. IEEE Computer Society, Silver Spring, pp 202–212

13.

Glickman M, Balthrop J, Forrest S (2005) A machine learning evaluation of an artificial immune system. Evol Comput 13(2):179–212 (2005). doi:10.1162/1063656054088503 CrossRef

14.

Gostev A (2006) Mobile malware evolution: An overview, part 1. http://www.viruslist.com/en/analysis?pubid=200119916

15.

Gröber M (2007) Applications for Symbian. http://www.mgroeber.de/epoc.htm (15 Aug 2007)

16.

Hofmeyr S, Forrest S (2000) Architecture for an artificial immune system. Evol Comput J 8(4):443–473. doi:10.1162/106365600568257 CrossRef

17.

Jamaluddin J, Zotou N, Edwards R, Coulton P (2004) Mobile phone vulnerabilities: a new generation of malware. In: Proceedings of the 2004 IEEE international symposium on consumer Electronics. IEEE, Piscataway, pp 199–202CrossRef

18.

Kohonen T (2001) Self-organizing maps. Springer series in information sciences, vol 30, 3rd edn. Springer, Heidelberg. ISBN 3–540–67921–9, ISSN 0720–678X

19.

Lawton G (2002) Open source security: opportunity or oxymoron? Comput 35(3):18–21. doi:10.1109/2.989921 CrossRef

20.

Luther K, Bye R, Alpcan T, Albayrak S, Müller A (2007) A cooperative AIS framework for intrusion detection. In: Proceedings of the IEEE international conference on communications (ICC 2007), Glasgow, 24–28 June 2007

21.

Microsoft Corporation (2007) Windows Mobile. http://www.microsoft.com/germany/windowsmobile/default.mspx. http://www.microsoft.com/ (online visited 2007.10.04)

22.

Miettinen M, Halonen P, Hätönen K (2006) Host-based intrusion detection for advanced mobile devices. In: AINA ’06: proceedings of the 20th international conference on advanced information networking and applications, vol 2 (AINA’06). IEEE Computer Society, Washington, DC, pp. 72–76. doi:http://dx.doi.org/10.1109/AINA.2006.192 CrossRef

23.

Nokia (2007) Nokia E61. http://www.nokia.co.uk/A4221036 (15 Aug 2007)

24.

Oberheide J, Cooke E, Jahanian F (2008) Cloudav: N-version antivirus in the network cloud. In: Proceedings of the 17th USENIX security symposium (Security’08), San Jose, 28 July–1 August 2008

25.

Rhodes BC, Mahaffey JA, Cannady JD (2000) Multiple self-organizing maps for intrusion detection. In: 23rd National information systems security conference—PROCEEDINGS, PAPERS, and SLIDE PRESENTATIONS. http://csrc.nist.gov/nissc/2000/proceedings/2000proceedings.html (2007-04-19)

26.

Roussos G, March AJ, Maglavera S (2005) Enabling pervasive computing with Smart phones. IEEE Perv Comput 4:20–27CrossRef

27.

Spafford E, Zamboni D (2000) Data collection mechanisms for intrusion detection systems. CERIAS Technical Report 2000-08. CERIAS, Purdue University, 1315 Recitation Building, West Lafayette, IN

28.

Symbian Software Limited (2007) Symbian OS—the mobile operating system. http://www.symbian.com (online visited 2007.10.04)

29.

TNS Technology (2005) Consumer trends in mobile applications—a TNS technology briefing for technology decision makers. http://www.tns-global.com/ (online visited 2007.10.04)

Titel: Monitoring Smartphones for Anomaly Detection
verfasst von: Aubrey-Derrick Schmidt
Frank Peters
Florian Lamour
Christian Scheel
Seyit Ahmet Çamtepe
Şahin Albayrak
Publikationsdatum: 01.02.2009
Verlag: Springer US
Erschienen in: Mobile Networks and Applications / Ausgabe 1/2009
Print ISSN: 1383-469X
Elektronische ISSN: 1572-8153
DOI: https://doi.org/10.1007/s11036-008-0113-x

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence_ieS/© Springer Fachmedien Wiesbaden GmbH, Search Icon, Banner Hanser, Bunte Männchen, die Kunden darstelle, werden von einem riesigen Magneten angezogen. /© Oleksiy Mark, Dr. Daniel Schneider/© Fraunhofer IESE, Interview Level Ten PPA Bild/© LevelTen, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell, ATZ-Webinar: Prototypenfreie Entwicklung durch Offline- und Driver-in-the-Loop-HiL-Tests /© (c) VI-grade

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

ATZelektronik

ATZelectronics worldwide

Weitere Artikel der Ausgabe 1/2009

Extracting High-Level Information from Location Data: The W4 Diary Example

Recent Advances in Mobile Middleware for Wireless Systems and Services

Privacy from Promises to Protection

Recoverable Class Loaders for a Fast Restart of Java Applications

An Activity Recognition System For Mobile Phones

Mobility-aware Management of Internet Connectivity in Always Best Served Wireless Scenarios

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.