國立虎尾科技大學 |

Context-enhanced mobile device authorization and authentication.

Record Type:	Language materials, manuscript : Monograph/item
Title/Author:	Context-enhanced mobile device authorization and authentication./
Author:	Shrestha, Babins.
Description:	1 online resource (185 pages)
Notes:	Source: Dissertation Abstracts International, Volume: 77-12(E), Section: B.
Contained By:	Dissertation Abstracts International77-12B(E).
Subject:	Computer science. -
Online resource:	click for full text (PQDT)
ISBN:	9781369046755

Context-enhanced mobile device authorization and authentication.
Shrestha, Babins.

Context-enhanced mobile device authorization and authentication. - 1 online resource (185 pages)

Source: Dissertation Abstracts International, Volume: 77-12(E), Section: B.

Thesis (Ph.D.)

Includes bibliographical references

Mobile devices (e.g., smartphones and tablets) are pervasive today, continuously opening up immense opportunities for everyday users. Their burgeoning popularity, however, brings forth various security and privacy threats. One well-established threat is of mobile malware (a form of insider attack) - malicious apps that may surreptitiously misuse the sensitive resources and services available on the device. Other threats relate to unauthorized access of the device (outsider attacks) by a malicious entity in close physical proximity to the device, or having (temporary or permanent) physical possession of the device. The traditional defensive mechanisms, such as existing anti-virus software, distance-bounding protocols or passwords, are not sufficient to defeat these threats.

Electronic reproduction.
Ann Arbor, Mich. :
ProQuest,
2018

Mode of access: World Wide Web

ISBN: 9781369046755Subjects--Topical Terms:

573171
Computer science.
Index Terms--Genre/Form:

554714
Electronic books.

Context-enhanced mobile device authorization and authentication.
LDR:04585ntm a2200373Ki 4500 001 909446
005 20180426100011.5
006 m o u
007 cr mn||||a|a||
008 190606s2016 xx obm 000 0 eng d
020 $a 9781369046755
035 $a (MiAaPQ)AAI10149575
035 $a (MiAaPQ)uab:11934
035 $a AAI10149575
040 $a MiAaPQ $b eng $c MiAaPQ
099 $a TUL $f hyy $c available through World Wide Web
100 1 $a Shrestha, Babins. $3 1180240
245 1 0 $a Context-enhanced mobile device authorization and authentication.
264 0 $c 2016
300 $a 1 online resource (185 pages)
336 $a text $b txt $2 rdacontent
337 $a computer $b c $2 rdamedia
338 $a online resource $b cr $2 rdacarrier
500 $a Source: Dissertation Abstracts International, Volume: 77-12(E), Section: B.
500 $a Adviser: Nitesh Saxena.
502 $a Thesis (Ph.D.) $c The University of Alabama at Birmingham $d 2016.
504 $a Includes bibliographical references
520 $a Mobile devices (e.g., smartphones and tablets) are pervasive today, continuously opening up immense opportunities for everyday users. Their burgeoning popularity, however, brings forth various security and privacy threats. One well-established threat is of mobile malware (a form of insider attack) - malicious apps that may surreptitiously misuse the sensitive resources and services available on the device. Other threats relate to unauthorized access of the device (outsider attacks) by a malicious entity in close physical proximity to the device, or having (temporary or permanent) physical possession of the device. The traditional defensive mechanisms, such as existing anti-virus software, distance-bounding protocols or passwords, are not sufficient to defeat these threats.
520 $a This dissertation work explores the notion of "context"---a potentially unique signature of a benign usage scenario---to address insider-outsider attacks against mobile devices without undermining the overall usability of these devices. Our proposed defense system automatically detects the presence of a valid context using the information acquired by device's many on-board sensors; the absence of such a context being indicative of malicious usage. Depending upon the application scenario, we elicit the context provided, explicitly or transparently, by the device user (e.g., a hand gesture or body movement), or captured from the device's ambient environmental attributes (e.g., audio, temperature or altitude). When applicable, we use machine learning techniques and sensor fusion approaches towards designing a highly robust contextual mobile security system.
520 $a To be specific, this dissertation work comprises four parts: (1) enhancing mobile app authorization using implicit/explicit context, (2) enhancing user authentication using transparent implicit context, (3) enhancing co-presence detection using environmental context, and (4) strengthening the contextual security adversarial models and evaluating the context detection systems against such strong models.
520 $a In the first part, we present the design, implementation and evaluation of our contextual security mechanisms to defeat mobile malware attacks against prominent phone resources/services, namely, phone calls, camera and NFC payments. We use explicit as well as implicit context to detect user-friendly explicit gestures or transparent gesture so as to ascertain if the app requesting the permission to a sensitive resource is legitimate (and not malicious). In the second part, we present the design, implementation and evaluation of schemes to authenticate users transparently in the case of mobile (NFC) payments and zero-interaction authentication systems. In the third part, we present the design, implementation and evaluation of our co-presence detection system using different environmental context to thwart outsider "relay attacks" against mobile zero-interaction authentication systems and mobile payment systems. In the fourth part, we stretch the limits of the contextual security threat model to incorporate adversaries who may be capable of actively manipulating the context or underlying sensor data (internally or externally). Further, we present our insights to defend against such strong adversaries.
533 $a Electronic reproduction. $b Ann Arbor, Mich. : $c ProQuest, $d 2018
538 $a Mode of access: World Wide Web
650 4 $a Computer science. $3 573171
655 7 $a Electronic books. $2 local $3 554714
690 $a 0984
710 2 $a ProQuest Information and Learning Co. $3 1178819
710 2 $a The University of Alabama at Birmingham. $b Computer and Information Sciences. $3 1180241
773 0 $t Dissertation Abstracts International $g 77-12B(E).
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=10149575 $z click for full text (PQDT)