Trust evaluation in mobile devices

An empirical study

Richard Weiss, Leon Reznik, Yanyan Zhuang, Andrew Hoffman, Darrell Pollard, Albert Rafetseder, Tao Li, Justin Cappos

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    Mobile devices today, such as smartphones and tablets, have become both more complex and diverse. This paper presents a framework to evaluate the trustworthiness of the individual components in a mobile system, as well as the entire system. The major components are applications, devices and networks of devices. Given this diversity and multiple levels of a mobile system, we develop a hierarchical trust evaluation methodology, which enables the combination of trust metrics and allows us to verify the trust metric for each component based on the trust metrics for others. The paper first demonstrates this idea for individual applications and Android-based smartphones. The methodology involves two stages: initial trust evaluation and trust verification. In the first stage, an expert rule system is used to produce trust metrics at the lowest level of the hierarchy. In the second stage, the trust metrics are verified by comparing data from components and a trust evaluation is produced for the combined system. This paper presents the results of two empirical studies, in which this methodology is applied and tested. The first study involves monitoring resource utilization and evaluating trust based on resource consumption patterns. We measured battery voltage, CPU utilization and network communication for individual apps and detected anomalous behavior that could be indicative of malicious code. The second study involves verification of the trust evaluation by comparing the data from two different devices: the GPS location from an Android smartphone in an automobile and the data from an on-board diagnostics (OBD) sensor of the same vehicle.

    Original languageEnglish (US)
    Title of host publicationProceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015
    PublisherInstitute of Electrical and Electronics Engineers Inc.
    Pages25-32
    Number of pages8
    Volume1
    ISBN (Print)9781467379519
    DOIs
    StatePublished - Dec 2 2015
    Event14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015 - Helsinki, Finland
    Duration: Aug 20 2015Aug 22 2015

    Other

    Other14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015
    CountryFinland
    CityHelsinki
    Period8/20/158/22/15

    Fingerprint

    Smartphones
    Mobile devices
    Application programs
    Automobiles
    Telecommunication networks
    Program processors
    Global positioning system
    Monitoring
    Sensors
    Electric potential
    Android (operating system)

    Keywords

    • Mobile computing
    • Security
    • Trust metrics

    ASJC Scopus subject areas

    • Computer Networks and Communications

    Cite this

    Weiss, R., Reznik, L., Zhuang, Y., Hoffman, A., Pollard, D., Rafetseder, A., ... Cappos, J. (2015). Trust evaluation in mobile devices: An empirical study. In Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015 (Vol. 1, pp. 25-32). [7345261] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/Trustcom.2015.353

    Trust evaluation in mobile devices : An empirical study. / Weiss, Richard; Reznik, Leon; Zhuang, Yanyan; Hoffman, Andrew; Pollard, Darrell; Rafetseder, Albert; Li, Tao; Cappos, Justin.

    Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015. Vol. 1 Institute of Electrical and Electronics Engineers Inc., 2015. p. 25-32 7345261.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Weiss, R, Reznik, L, Zhuang, Y, Hoffman, A, Pollard, D, Rafetseder, A, Li, T & Cappos, J 2015, Trust evaluation in mobile devices: An empirical study. in Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015. vol. 1, 7345261, Institute of Electrical and Electronics Engineers Inc., pp. 25-32, 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015, Helsinki, Finland, 8/20/15. https://doi.org/10.1109/Trustcom.2015.353
    Weiss R, Reznik L, Zhuang Y, Hoffman A, Pollard D, Rafetseder A et al. Trust evaluation in mobile devices: An empirical study. In Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015. Vol. 1. Institute of Electrical and Electronics Engineers Inc. 2015. p. 25-32. 7345261 https://doi.org/10.1109/Trustcom.2015.353
    Weiss, Richard ; Reznik, Leon ; Zhuang, Yanyan ; Hoffman, Andrew ; Pollard, Darrell ; Rafetseder, Albert ; Li, Tao ; Cappos, Justin. / Trust evaluation in mobile devices : An empirical study. Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015. Vol. 1 Institute of Electrical and Electronics Engineers Inc., 2015. pp. 25-32
    @inproceedings{efff72fa0e5048278695c2bfc9d540c1,
    title = "Trust evaluation in mobile devices: An empirical study",
    abstract = "Mobile devices today, such as smartphones and tablets, have become both more complex and diverse. This paper presents a framework to evaluate the trustworthiness of the individual components in a mobile system, as well as the entire system. The major components are applications, devices and networks of devices. Given this diversity and multiple levels of a mobile system, we develop a hierarchical trust evaluation methodology, which enables the combination of trust metrics and allows us to verify the trust metric for each component based on the trust metrics for others. The paper first demonstrates this idea for individual applications and Android-based smartphones. The methodology involves two stages: initial trust evaluation and trust verification. In the first stage, an expert rule system is used to produce trust metrics at the lowest level of the hierarchy. In the second stage, the trust metrics are verified by comparing data from components and a trust evaluation is produced for the combined system. This paper presents the results of two empirical studies, in which this methodology is applied and tested. The first study involves monitoring resource utilization and evaluating trust based on resource consumption patterns. We measured battery voltage, CPU utilization and network communication for individual apps and detected anomalous behavior that could be indicative of malicious code. The second study involves verification of the trust evaluation by comparing the data from two different devices: the GPS location from an Android smartphone in an automobile and the data from an on-board diagnostics (OBD) sensor of the same vehicle.",
    keywords = "Mobile computing, Security, Trust metrics",
    author = "Richard Weiss and Leon Reznik and Yanyan Zhuang and Andrew Hoffman and Darrell Pollard and Albert Rafetseder and Tao Li and Justin Cappos",
    year = "2015",
    month = "12",
    day = "2",
    doi = "10.1109/Trustcom.2015.353",
    language = "English (US)",
    isbn = "9781467379519",
    volume = "1",
    pages = "25--32",
    booktitle = "Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015",
    publisher = "Institute of Electrical and Electronics Engineers Inc.",

    }

    TY - GEN

    T1 - Trust evaluation in mobile devices

    T2 - An empirical study

    AU - Weiss, Richard

    AU - Reznik, Leon

    AU - Zhuang, Yanyan

    AU - Hoffman, Andrew

    AU - Pollard, Darrell

    AU - Rafetseder, Albert

    AU - Li, Tao

    AU - Cappos, Justin

    PY - 2015/12/2

    Y1 - 2015/12/2

    N2 - Mobile devices today, such as smartphones and tablets, have become both more complex and diverse. This paper presents a framework to evaluate the trustworthiness of the individual components in a mobile system, as well as the entire system. The major components are applications, devices and networks of devices. Given this diversity and multiple levels of a mobile system, we develop a hierarchical trust evaluation methodology, which enables the combination of trust metrics and allows us to verify the trust metric for each component based on the trust metrics for others. The paper first demonstrates this idea for individual applications and Android-based smartphones. The methodology involves two stages: initial trust evaluation and trust verification. In the first stage, an expert rule system is used to produce trust metrics at the lowest level of the hierarchy. In the second stage, the trust metrics are verified by comparing data from components and a trust evaluation is produced for the combined system. This paper presents the results of two empirical studies, in which this methodology is applied and tested. The first study involves monitoring resource utilization and evaluating trust based on resource consumption patterns. We measured battery voltage, CPU utilization and network communication for individual apps and detected anomalous behavior that could be indicative of malicious code. The second study involves verification of the trust evaluation by comparing the data from two different devices: the GPS location from an Android smartphone in an automobile and the data from an on-board diagnostics (OBD) sensor of the same vehicle.

    AB - Mobile devices today, such as smartphones and tablets, have become both more complex and diverse. This paper presents a framework to evaluate the trustworthiness of the individual components in a mobile system, as well as the entire system. The major components are applications, devices and networks of devices. Given this diversity and multiple levels of a mobile system, we develop a hierarchical trust evaluation methodology, which enables the combination of trust metrics and allows us to verify the trust metric for each component based on the trust metrics for others. The paper first demonstrates this idea for individual applications and Android-based smartphones. The methodology involves two stages: initial trust evaluation and trust verification. In the first stage, an expert rule system is used to produce trust metrics at the lowest level of the hierarchy. In the second stage, the trust metrics are verified by comparing data from components and a trust evaluation is produced for the combined system. This paper presents the results of two empirical studies, in which this methodology is applied and tested. The first study involves monitoring resource utilization and evaluating trust based on resource consumption patterns. We measured battery voltage, CPU utilization and network communication for individual apps and detected anomalous behavior that could be indicative of malicious code. The second study involves verification of the trust evaluation by comparing the data from two different devices: the GPS location from an Android smartphone in an automobile and the data from an on-board diagnostics (OBD) sensor of the same vehicle.

    KW - Mobile computing

    KW - Security

    KW - Trust metrics

    UR - http://www.scopus.com/inward/record.url?scp=84967317304&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=84967317304&partnerID=8YFLogxK

    U2 - 10.1109/Trustcom.2015.353

    DO - 10.1109/Trustcom.2015.353

    M3 - Conference contribution

    SN - 9781467379519

    VL - 1

    SP - 25

    EP - 32

    BT - Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015

    PB - Institute of Electrical and Electronics Engineers Inc.

    ER -