Matching Items (5)
Filtering by
- All Subjects: Information Technology
- Creators: Allenby, Braden
- Creators: Doupe, Adam
- Member of: ASU Electronic Theses and Dissertations
- Status: Published
Description
Android is currently the most widely used mobile operating system. The permission model in Android governs the resource access privileges of applications. The permission model however is amenable to various attacks, including re-delegation attacks, background snooping attacks and disclosure of private information. This thesis is aimed at understanding, analyzing and performing forensics on application behavior. This research sheds light on several security aspects, including the use of inter-process communications (IPC) to perform permission re-delegation attacks.
Android permission system is more of app-driven rather than user controlled, which means it is the applications that specify their permission requirement and the only thing which the user can do is choose not to install a particular application based on the requirements. Given the all or nothing choice, users succumb to pressures and needs to accept permissions requested. This thesis proposes a couple of ways for providing the users finer grained control of application privileges. The same methods can be used to evade the Permission Re-delegation attack.
This thesis also proposes and implements a novel methodology in Android that can be used to control the access privileges of an Android application, taking into consideration the context of the running application. This application-context based permission usage is further used to analyze a set of sample applications. We found the evidence of applications spoofing or divulging user sensitive information such as location information, contact information, phone id and numbers, in the background. Such activities can be used to track users for a variety of privacy-intrusive purposes. We have developed implementations that minimize several forms of privacy leaks that are routinely done by stock applications.
Android permission system is more of app-driven rather than user controlled, which means it is the applications that specify their permission requirement and the only thing which the user can do is choose not to install a particular application based on the requirements. Given the all or nothing choice, users succumb to pressures and needs to accept permissions requested. This thesis proposes a couple of ways for providing the users finer grained control of application privileges. The same methods can be used to evade the Permission Re-delegation attack.
This thesis also proposes and implements a novel methodology in Android that can be used to control the access privileges of an Android application, taking into consideration the context of the running application. This application-context based permission usage is further used to analyze a set of sample applications. We found the evidence of applications spoofing or divulging user sensitive information such as location information, contact information, phone id and numbers, in the background. Such activities can be used to track users for a variety of privacy-intrusive purposes. We have developed implementations that minimize several forms of privacy leaks that are routinely done by stock applications.
ContributorsGollapudi, Narasimha Aditya (Author) / Dasgupta, Partha (Thesis advisor) / Xue, Guoliang (Committee member) / Doupe, Adam (Committee member) / Arizona State University (Publisher)
Created2014
Description
In this dissertation, two interrelated problems of service-based systems (SBS) are addressed: protecting users' data confidentiality from service providers, and managing performance of multiple workflows in SBS. Current SBSs pose serious limitations to protecting users' data confidentiality. Since users' sensitive data is sent in unencrypted forms to remote machines owned and operated by third-party service providers, there are risks of unauthorized use of the users' sensitive data by service providers. Although there are many techniques for protecting users' data from outside attackers, currently there is no effective way to protect users' sensitive data from service providers. In this dissertation, an approach is presented to protecting the confidentiality of users' data from service providers, and ensuring that service providers cannot collect users' confidential data while the data is processed or stored in cloud computing systems. The approach has four major features: (1) separation of software service providers and infrastructure service providers, (2) hiding the information of the owners of data, (3) data obfuscation, and (4) software module decomposition and distributed execution. Since the approach to protecting users' data confidentiality includes software module decomposition and distributed execution, it is very important to effectively allocate the resource of servers in SBS to each of the software module to manage the overall performance of workflows in SBS. An approach is presented to resource allocation for SBS to adaptively allocating the system resources of servers to their software modules in runtime in order to satisfy the performance requirements of multiple workflows in SBS. Experimental results show that the dynamic resource allocation approach can substantially increase the throughput of a SBS and the optimal resource allocation can be found in polynomial time
ContributorsAn, Ho Geun (Author) / Yau, Sik-Sang (Thesis advisor) / Huang, Dijiang (Committee member) / Ahn, Gail-Joon (Committee member) / Santanam, Raghu (Committee member) / Arizona State University (Publisher)
Created2012
Description
The 21st-century professional or knowledge worker spends much of the working day engaging others through electronic communication. The modes of communication available to knowledge workers have rapidly increased due to computerized technology advances: conference and video calls, instant messaging, e-mail, social media, podcasts, audio books, webinars, and much more. Professionals who think for a living express feelings of stress about their ability to respond and fear missing critical tasks or information as they attempt to wade through all the electronic communication that floods their inboxes. Although many electronic communication tools compete for the attention of the contemporary knowledge worker, most professionals use an electronic personal information management (PIM) system, more commonly known as an e-mail application and often the ubiquitous Microsoft Outlook program. The aim of this research was to provide knowledge workers with solutions to manage the influx of electronic communication that arrives daily by studying the workers in their working environment. This dissertation represents a quest to understand the current strategies knowledge workers use to manage their e-mail, and if modification of e-mail management strategies can have an impact on productivity and stress levels for these professionals. Today’s knowledge workers rarely work entirely alone, justifying the importance of also exploring methods to improve electronic communications within teams.
ContributorsCounts, Virginia (Author) / Parrish, Kristen (Thesis advisor) / Allenby, Braden (Thesis advisor) / Landis, Amy (Committee member) / Cooke, Nancy J. (Committee member) / Arizona State University (Publisher)
Created2018
Description
The telephone network is used by almost every person in the modern world. With the rise of Internet access to the PSTN, the telephone network today is rife with telephone spam and scams. Spam calls are significant annoyances for telephone users, unlike email spam, spam calls demand immediate attention. They are not only significant annoyances but also result in significant financial losses in the economy. According to complaint data from the FTC, complaints on illegal calls have made record numbers in recent years. Americans lose billions to fraud due to malicious telephone communication, despite various efforts to subdue telephone spam, scam, and robocalls.
In this dissertation, a study of what causes the users to fall victim to telephone scams is presented, and it demonstrates that impersonation is at the heart of the problem. Most solutions today primarily rely on gathering offending caller IDs, however, they do not work effectively when the caller ID has been spoofed. Due to a lack of authentication in the PSTN caller ID transmission scheme, fraudsters can manipulate the caller ID to impersonate a trusted entity and further a variety of scams. To provide a solution to this fundamental problem, a novel architecture and method to authenticate the transmission of the caller ID is proposed. The solution enables the possibility of a security indicator which can provide an early warning to help users stay vigilant against telephone impersonation scams, as well as provide a foundation for existing and future defenses to stop unwanted telephone communication based on the caller ID information.
In this dissertation, a study of what causes the users to fall victim to telephone scams is presented, and it demonstrates that impersonation is at the heart of the problem. Most solutions today primarily rely on gathering offending caller IDs, however, they do not work effectively when the caller ID has been spoofed. Due to a lack of authentication in the PSTN caller ID transmission scheme, fraudsters can manipulate the caller ID to impersonate a trusted entity and further a variety of scams. To provide a solution to this fundamental problem, a novel architecture and method to authenticate the transmission of the caller ID is proposed. The solution enables the possibility of a security indicator which can provide an early warning to help users stay vigilant against telephone impersonation scams, as well as provide a foundation for existing and future defenses to stop unwanted telephone communication based on the caller ID information.
ContributorsTu, Huahong (Author) / Doupe, Adam (Thesis advisor) / Ahn, Gail-Joon (Thesis advisor) / Huang, Dijiang (Committee member) / Zhang, Yanchao (Committee member) / Zhao, Ziming (Committee member) / Arizona State University (Publisher)
Created2017
Description
This document builds a model, the Resilience Engine, of how a given sociotechnical innovation contributes to the resilience of its society, where the failure points of that process might be, and what outcomes, resilient or entropic, can be generated by the uptake of a particular innovation. Closed systems, which tend towards stagnation and collapse, are distinguished from open systems, which through ongoing encounters with external novelty, tend towards enduring resilience. Heterotopia, a space bounded from the dominant order in which novelty is generated and defended, is put forth as the locus of innovation for systemic resilience, defined as the capacity to adapt to environmental changes. The generative aspect of the Resilience Engine lies in a dialectic between a heterotopia and the dominant system across a membrane which permits interaction while maintaining the autonomy of the new space. With a model of how innovation, taken up by agents seeking power outside the dominant order, leads to resilience, and of what generates failures of the Resilience Engine as well as successes, the model is tested against cases drawn from two key virtual worlds of the mid-2000s. The cases presented largely validate the model, but generate a crucial surprise. Within those worlds, 2008-2010 saw an abrupt cultural transformation as the dialectic stage of the Resilience Engine's operation generated victories for the dominant order over promising emergent attributes of virtual heterotopia. At least one emergent practice has been assimilated, generating systemic resilience, that of the conference backchannel. A surprise, however, comes from extensive evidence that one element never problematized in thinking about innovation, the discontent agent, was largely absent from virtual worlds. Rather, what users sought was not greater agency but the comfort of submission over the burdens of self-governance. Thus, aside from minor cases, the outcome of the operation of the Resilience Engine within the virtual worlds studied was the colonization of the heterotopic space for the metropolis along with attempts by agents both external and internal to generate maximum order. Pursuant to the Resilience Engine model, this outcome is a recipe for entropic collapse and for preventing new heterotopias from arising under the current dominant means of production.
ContributorsMcKnight, John Carter (Author) / Miller, Clark (Thesis advisor) / Hayes, Elisabeth (Committee member) / Allenby, Braden (Committee member) / Daer, Alice (Committee member) / Arizona State University (Publisher)
Created2013