Trusted Detection of Sensitive Activities on Mobile Phones Using Power Consumption Measurements Conference Paper uri icon

abstract

  • The unprecedented popularity of modern mobile phones has made them a lucrative target for skillful and motivated offenders. A typical mobile phone is packed with sensors, which can be turned on silently by a malicious program, providing invaluable information to the attacker. Detecting such hidden activities through software monitors can be blindfolded and bypassed by rootkits and by anti-forensic methods applied by the malicious program. Moreover, detecting power consumption by software running on the mobile phone is susceptible to similar evasive techniques. Consequently, software based detection of hidden malicious activities, particularly the silent activation of sensors, cannot be considered as trusted. In this paper we present a method which detects hidden activities using external measurement of power consumption. The classification model is acquired using machine-learning multi-label classification algorithms. Our method overcomes the inherent weaknesses of software-based monitors, and provides a trusted solution. We describe the measurement setup, and provide detailed evaluation results of the algorithms used. The results obtained so far support the feasibility of our method.

publication date

  • September 24, 2014