Matching Items (13)
Filtering by
- All Subjects: Smartphones
- Creators: Ahn, Gail-Joon
- Creators: Johnston, Carol
Description
This thesis addresses the ever increasing threat of botnets in the smartphone domain and focuses on the Android platform and the botnets using Online Social Networks (OSNs) as Command and Control (C&C;) medium. With any botnet, C&C; is one of the components on which the survival of botnet depends. Individual bots use the C&C; channel to receive commands and send the data. This thesis develops active host based approach for identifying the presence of bot based on the anomalies in the usage patterns of the user before and after the bot is installed on the user smartphone and alerting the user to the presence of the bot. A profile is constructed for each user based on the regular web usage patterns (achieved by intercepting the http(s) traffic) and implementing machine learning techniques to continuously learn the user's behavior and changes in the behavior and all the while looking for any anomalies in the user behavior above a threshold which will cause the user to be notified of the anomalous traffic. A prototype bot which uses OSN s as C&C; channel is constructed and used for testing. Users are given smartphones(Nexus 4 and Galaxy Nexus) running Application proxy which intercepts http(s) traffic and relay it to a server which uses the traffic and constructs the model for a particular user and look for any signs of anomalies. This approach lays the groundwork for the future host-based counter measures for smartphone botnets using OSN s as C&C; channel.
ContributorsKilari, Vishnu Teja (Author) / Xue, Guoliang (Thesis advisor) / Ahn, Gail-Joon (Committee member) / Dasgupta, Partha (Committee member) / Arizona State University (Publisher)
Created2013
Description
The widespread adoption of mobile devices gives rise to new opportunities and challenges for authentication mechanisms. Many traditional authentication mechanisms become unsuitable for smart devices. For example, while password is widely used on computers as user identity authentication, inputting password on small smartphone screen is error-prone and not convenient. In the meantime, there are emerging demands for new types of authentication. Proximity authentication is an example, which is not needed for computers but quite necessary for smart devices. These challenges motivate me to study and develop novel authentication mechanisms specific for smart devices.
In this dissertation, I am interested in the special authentication demands of smart devices and about to satisfy the demands. First, I study how the features of smart devices affect user identity authentications. For identity authentication domain, I aim to design a continuous, forge-resistant authentication mechanism that does not interrupt user-device interactions. I propose a mechanism that authenticates user identity based on the user's finger movement patterns. Next, I study a smart-device-specific authentication, proximity authentication, which authenticates whether two devices are in close proximity. For prox- imity authentication domain, I aim to design a user-friendly authentication mechanism that can defend against relay attacks. In addition, I restrict the authenticated distance to the scale of near field, i.e., a few centimeters. My first design utilizes a user's coherent two-finger movement on smart device screen to restrict the distance. To achieve a fully-automated system, I explore acoustic communications and propose a novel near field authentication system.
In this dissertation, I am interested in the special authentication demands of smart devices and about to satisfy the demands. First, I study how the features of smart devices affect user identity authentications. For identity authentication domain, I aim to design a continuous, forge-resistant authentication mechanism that does not interrupt user-device interactions. I propose a mechanism that authenticates user identity based on the user's finger movement patterns. Next, I study a smart-device-specific authentication, proximity authentication, which authenticates whether two devices are in close proximity. For prox- imity authentication domain, I aim to design a user-friendly authentication mechanism that can defend against relay attacks. In addition, I restrict the authenticated distance to the scale of near field, i.e., a few centimeters. My first design utilizes a user's coherent two-finger movement on smart device screen to restrict the distance. To achieve a fully-automated system, I explore acoustic communications and propose a novel near field authentication system.
ContributorsLi, Lingjun (Author) / Xue, Guoliang (Thesis advisor) / Ahn, Gail-Joon (Committee member) / Ye, Jieping (Committee member) / Zhang, Yanchao (Committee member) / Arizona State University (Publisher)
Created2014
Description
Dietary counseling from a registered dietitian has been shown in previous studies to aid in weight loss for those receiving counseling. With the increasing use of smartphone diet/weight loss applications (app), this study sought to investigate if an iPhone diet app providing feedback from a registered dietitian improved weight loss and bio-markers of health. Twenty-four healthy adults who owned iPhones (BMI > 24 kg/m2) completed this trial. Participants were randomly assigned to one of three app groups: the MyDietitian app with daily feedback from a registered dietitian (n=7), the MyDietitian app without feedback (n=7), and the MyPlate feedback control app (n=10). Participants used their respective diet apps daily for 8-weeks while their weight loss, adherence to self-monitoring, blood bio-markers of health, and physical activity were monitored. All of the groups had a significant reduction in waist and hip circumference (p<0.001), a reduction in A1c (p=0.002), an increase in HDL cholesterol levels (p=0.012), and a reduction in calories consumed (p=0.022) over the duration of the trial. Adherence to diet monitoring via the apps did not differ between groups during the study. Body weight did not change during the study for any groups. However, when the participants were divided into low (<50% of days) or high adherence (>50% of days) groups, irrespective of study group, the high adherence group had a significant reduction in weight when compared to the low adherence group (p=0.046). These data suggest that diet apps may be useful tools for self-monitoring and even weight loss, but that the value appears to be the self-monitoring process and not the app specifically.
ContributorsThompson-Felty, Claudia (Author) / Johnston, Carol (Thesis advisor) / Wharton, Christopher (Christopher Mack), 1977- (Committee member) / Levinson, Simin (Committee member) / Arizona State University (Publisher)
Created2014
Description
This thesis proposed a novel approach to establish the trust model in a social network scenario based on users' emails. Email is one of the most important social connections nowadays. By analyzing email exchange activities among users, a social network trust model can be established to judge the trust rate between each two users. The whole trust checking process is divided into two steps: local checking and remote checking. Local checking directly contacts the email server to calculate the trust rate based on user's own email communication history. Remote checking is a distributed computing process to get help from user's social network friends and built the trust rate together. The email-based trust model is built upon a cloud computing framework called MobiCloud. Inside MobiCloud, each user occupies a virtual machine which can directly communicate with others. Based on this feature, the distributed trust model is implemented as a combination of local analysis and remote analysis in the cloud. Experiment results show that the trust evaluation model can give accurate trust rate even in a small scale social network which does not have lots of social connections. With this trust model, the security in both social network services and email communication could be improved.
ContributorsZhong, Yunji (Author) / Huang, Dijiang (Thesis advisor) / Dasgupta, Partha (Committee member) / Syrotiuk, Violet (Committee member) / Arizona State University (Publisher)
Created2011
Description
Dietary self-monitoring has been shown to be a predictor of weight loss success and is a prevalent part of behavioral weight control programs. As more weight loss applications have become available on smartphones, this feasibility study investigated whether the use of a smartphone application, or a smartphone memo feature would improve dietary self-monitoring over the traditional paper-and-pencil method. The study also looked at whether the difference in methods would affect weight loss. Forty-seven adults (BMI 25 to 40 kg/m2) completed an 8-week study focused on tracking the difference in adherence to a self-monitoring protocol and subsequent weight loss. Participants owning iPhones (n=17) used the 'Lose It' application (AP) for diet and exercise tracking and were compared to smartphone participants who recorded dietary intake using a memo (ME) feature (n=15) on their phone and participants using the traditional paper-and-pencil (PA) method (n=15). There was no significant difference in completion rates between groups with an overall completion rate of 85.5%. The overall mean adherence to self-monitoring for the 8-week period was better in the AP group than the PA group (p = .024). No significant difference was found between the AP group and ME group (p = .148), or the ME group and the PA group (p = .457). Weight loss for the 8 week study was significant for all groups (p = .028). There was no significant difference in weight loss between groups. Number of days recorded regardless of group assignment showed a weak correlation to weight loss success (p = .068). Smartphone owners seeking to lose weight should be encouraged by the potential success associated with dietary tracking using a smartphone app as opposed to the traditional paper-and-pencil method.
ContributorsCunningham, Barbara (Author) / Wharton, Christopher (Christopher Mack), 1977- (Thesis advisor) / Johnston, Carol (Committee member) / Hall, Richard (Committee member) / Arizona State University (Publisher)
Created2012
Description
The purpose of this study was to gather qualitative data on different and novel methods used to self-monitor diet and exercise during a weight loss study. Participants who used either a traditional paper and pencil method or a smart phone weight loss app for diet and exercise tracking were recruited for focus groups. Focus group discussions centered on the liked and disliked aspects of recording, perceived behavior changes, and suggestions for improved self-monitoring. Focus groups were organized based on the method of self-monitoring. The app group tracked calorie intake and expenditure via the "Lose It" app on their smart phones. The paper & pencil group recorded exercise and food intake in a journal and self-regulated diet based on recommended servings from each food group (or exchange lists). Focus group sessions were audio-recorded, transcribed and coded by the researcher and an independent coder. Results indicated that app participants liked the convenience, affordability, and user-friendly features, but wanted more nutrition advice. App participants liked self-managing their diet, not restricting certain foods or food groups and allowing for indulgences by balancing calories and exercise. Also, they desired an accurate estimation of energy expenditure from an app, based on individual characteristics (i.e., gender and age). Participants who recorded on paper liked the size for a visual layout of food entries, but desired a technology-enhanced method with an auto-calculation of calorie intake and expenditure. They also suggested increased accountability and opportunities for social support would enhance self-monitoring. Overall, an ideal technology-assisted self-monitoring app or program would be free and include an auto-calculation of calorie intake, a gender- and age- specific estimation of calories expended, easy entry of foods from a large database, the ability to enter whole recipes, nutrition information and recommendations, and be available via phone, tablet or computer (based on personal preference).
ContributorsSterner, Danielle (Author) / Wharton, Christopher (Christopher Mack), 1977- (Thesis advisor) / Johnston, Carol (Committee member) / Hall, Richard (Committee member) / Arizona State University (Publisher)
Created2012
Description
ABSTRACT This study evaluated the LoseIt Smart Phone app by Fit Now Inc. for nutritional quality among users during an 8 week behavioral modification weight loss protocol. All participants owned smart phones and were cluster randomized to either a control group using paper and pencil record keeping, a memo group using a memo function on their smart phones, or the LoseIt app group which was composed of the participants who owned iPhones. Thirty one participants completed the study protocol: 10 participants from the LoseIt app group, 10 participants from the memo group, and 11 participants from the paper and pencil group. Food records were analyzed using Food Processor by ESHA and the nutritional quality was scored using the Healthy Eating Index - 2005 (HEI-2005). Scores were compared using One-Way ANOVA with no significant changes in any category across all groups. Non-parametric statistics were then used to determine changes between combined memo and paper and pencil groups and the LoseIt app group as the memo and paper and pencil group received live counseling at biweekly intervals and the LoseIt group did not. No significant difference was found in HEI scores across all categories, however a trend was noted for total HEI score with higher scores among the memo and paper and pencil group participants p=0.091. Conclusion, no significant difference was detected between users of the smart phone app LoseIt and memo and paper and pencil groups. More research is needed to determine the impact of in-person counseling versus user feedback provided with the LoseIt smart phone app.
ContributorsCowan, David Kevin (Author) / Johnston, Carol (Thesis advisor) / Wharton, Christopher (Christopher Mack), 1977- (Committee member) / Mayol-Kreiser, Sandra (Committee member) / Arizona State University (Publisher)
Created2011
Description
Nutrition instruction has become more accessible; it is no longer relegated to the doctor’s office, dietitian briefing, outpatient clinic, or hospital. Now it is available in people’s hands, pockets, and purses via their smartphone. Since nutrition instruction has become more accessible, health professionals and members of the general public are increasingly interested in using smartphone apps to assist with health-related dietary changes. With more and more of the population required to follow certain dietary recommendations and/or monitor specific nutrient intake, commercially available apps may be a useful and cost-effective resource for the public. The purpose of this four-week intervention was to determine if the popular calorie counter app, MyFitnessPal, can be used to reduce sodium intake to ≤ 2,300 mg/day compared to the traditional paper-and-pencil method. This four-week randomized parallel trial enrolled 30 generally healthy adults who were 18 to 80 years of age. Participants were randomly assigned to the MyFitnessPal (“APP”) group or to the paper (“PAP”) group and required to meet three times with the researcher for screening, baseline (start), and completion of the study. There was a significant difference in the mean urinary sodium change between the APP group and the PAP group from the start of the intervention to the completion (-24.0±32.6 and 8.5±41.9 mmol/g creatinine respectively, p = 0.027). Other positive trends that resulted from the intervention included a decline in dietary sodium in both groups and a higher adherence in the APP group compared to the PAP group regarding recording method. The MyFitnessPal app proved to be a useful tool in reducing and/or monitoring sodium intake. Thus, this trial reinforces the potential of this app to be used for monitoring other nutrients, but further research needs to be conducted.
ContributorsIpjian, Michelle (Author) / Johnston, Carol (Thesis advisor) / Shepard, Christina (Committee member) / Johnson, Melinda (Committee member) / Arizona State University (Publisher)
Created2016
Description
On Android, existing security procedures require apps to request permissions for access to sensitive resources.
Only when the user approves the requested permissions will the app be installed.
However, permissions are an incomplete security mechanism.
In addition to a user's limited understanding of permissions, the mechanism does not account for the possibility that different permissions used together have the ability to be more dangerous than any single permission alone.
Even if users did understand the nature of an app's requested permissions, this mechanism is still not enough to guarantee that a user's information is protected.
Applications can potentially send or receive sensitive information from other applications without the required permissions by using intents.
In other words, applications can potentially collaborate in ways unforeseen by the user, even if the user understands the permissions of each app independently.
In this thesis, we present several graph-based approaches to address these issues.
We determine the permissions of an app and generate scores based on our assigned value of certain resources.
We analyze these scores overall, as well as in the context of the app's category as determined by Google Play.
We show that these scores can be used to identify overzealous apps, as well as apps that do not properly fit within their category.
We analyze potential interactions between different applications using intents, and identify several promiscuous apps with low permission scores, showing that permissions alone are not sufficient to evaluate the security risks of an app.
Our analyses can form the basis of a system to assist users in identifying apps that can potentially compromise user privacy.
Only when the user approves the requested permissions will the app be installed.
However, permissions are an incomplete security mechanism.
In addition to a user's limited understanding of permissions, the mechanism does not account for the possibility that different permissions used together have the ability to be more dangerous than any single permission alone.
Even if users did understand the nature of an app's requested permissions, this mechanism is still not enough to guarantee that a user's information is protected.
Applications can potentially send or receive sensitive information from other applications without the required permissions by using intents.
In other words, applications can potentially collaborate in ways unforeseen by the user, even if the user understands the permissions of each app independently.
In this thesis, we present several graph-based approaches to address these issues.
We determine the permissions of an app and generate scores based on our assigned value of certain resources.
We analyze these scores overall, as well as in the context of the app's category as determined by Google Play.
We show that these scores can be used to identify overzealous apps, as well as apps that do not properly fit within their category.
We analyze potential interactions between different applications using intents, and identify several promiscuous apps with low permission scores, showing that permissions alone are not sufficient to evaluate the security risks of an app.
Our analyses can form the basis of a system to assist users in identifying apps that can potentially compromise user privacy.
ContributorsGibson, Aaron (Author) / Bazzi, Rida (Thesis advisor) / Ahn, Gail-Joon (Committee member) / Walker, Erin (Committee member) / Arizona State University (Publisher)
Created2015
Description
Smartphones are pervasive nowadays. They are supported by mobile platforms that allow users to download and run feature-rich mobile applications (apps). While mobile apps help users conveniently process personal data on mobile devices, they also pose security and privacy threats and put user's data at risk. Even though modern mobile platforms such as Android have integrated security mechanisms to protect users, most mechanisms do not easily adapt to user's security requirements and rapidly evolving threats. They either fail to provide sufficient intelligence for a user to make informed security decisions, or require great sophistication to configure the mechanisms for enforcing security decisions. These limitations lead to a situation where users are disadvantageous against emerging malware on modern mobile platforms. To remedy this situation, I propose automated and systematic approaches to address three security management tasks: monitoring, assessment, and confinement of mobile apps. In particular, monitoring apps helps a user observe and record apps' runtime behaviors as controlled under security mechanisms. Automated assessment distills intelligence from the observed behaviors and the security configurations of security mechanisms. The distilled intelligence further fuels enhanced confinement mechanisms that flexibly and accurately shape apps' behaviors. To demonstrate the feasibility of my approaches, I design and implement a suite of proof-of-concept prototypes that support the three tasks respectively.
ContributorsJing, Yiming (Author) / Ahn, Gail-Joon (Thesis advisor) / Doupe, Adam (Committee member) / Huang, Dijiang (Committee member) / Zhang, Yanchao (Committee member) / Arizona State University (Publisher)
Created2015