Date Awarded

Winter 2017

Document Type

Dissertation

Degree Name

Doctor of Philosophy (Ph.D.)

Department

Computer Science

Advisor

Haining Wang

Committee Member

Gang Zhou

Committee Member

Weizhen Mao

Committee Member

Kun Sun

Committee Member

Zhongshu Gu

Abstract

With the advancements in mobile technology, smartphones have become ubiquitous in people's daily lives and have greatly facilitated users in many aspects. For a smartphone user, power saving and privacy protection are two important issues that matter and draw serious attentions from research communities. In this dissertation, we present our studies on some specific issues of power saving and privacy protection on a smartphone. Although IEEE 802.11 standards provide Power Save Mode (PSM) to help mobile devices conserve energy, PSM fails to bring expected benefits in many real scenarios. We define an energy conserving model to describe the general PSM traffic contention problem, and propose a solution called HPSM to address one specific case, in which multiple PSM clients associate to a single AP. In HPSM, we first use a basic sociological concept to define the richness of a PSM client based on the link resource it consumes. Then we separate these poor PSM clients from rich PSM clients in terms of link resource consumption, and favor the former to save power when they face PSM transmission contention. Our evaluations show that HPSM can help the poor PSM clients effectively save power while only slightly degrading the rich's performance in comparison to the existing PSM solutions. Traditional user authentication methods using passcode or finger movement on smartphones are vulnerable to shoulder surfing attack, smudge attack, and keylogger attack. These attacks are able to infer a passcode based on the information collection of user's finger movement or tapping input. As an alternative user authentication approach, eye tracking can reduce the risk of suffering those attacks effectively because no hand input is required. We propose a new eye tracking method for user authentication on a smartphone. It utilizes the smartphone's front camera to capture a user's eye movement trajectories which are used as the input of user authentication. No special hardware or calibration process is needed. We develop a prototype and evaluate its effectiveness on an Android smartphone. Our evaluation results show that the proposed eye tracking technique achieves very high accuracy in user authentication. While LBS-based apps facilitate users in many application scenarios, they raise concerns on the breach of privacy related to location access. We perform the first measurement of this background action on the Google app market. Our investigation demonstrates that many popular apps conduct location access in background within short intervals. This enables these apps to collect a user's location trace, from which the important personal information, Points of Interest (PoIs), can be recognized. We further extract a user's movement pattern from the PoIs, and utilize it to measure the potential privacy breach. The measurement results also show that using the combination of movement pattern related metrics and the other PoI related metrics can help detect the privacy breach in an earlier manner than using either one of them alone. We then propose a preliminary solution to properly handle these location requests from background.

DOI

http://doi.org/10.21220/S2SS9J

Rights

© The Author

Share

COinS