The 4th International Workshop on the Security, Privacy, and Digital Forensics of Mobile Systems and Networks (MobiSec 2020)

Session MobiSec-S1

Mobile Security

Conference
9:00 AM — 10:30 AM EDT
Local
Jul 6 Mon, 9:00 AM — 10:30 AM EDT

A View-Invariant Feature Learning Model for Cross-View Security Authentication in Mobile Smart Devices

Ao Li (Harbin University of Science and Technology, China); Xin Liu (Harbin University of Science and Technology, China); Qiang Guan (Kent State University, USA); Deyun Chen (Harbin University of Science and Technology(HUST), China); Guanglu Sun (Harbin University of Science and Technology, China)

0
Multi-view data is common in many real-world applications ever since the widely used mobile smart devices could capture and recording data from multi-perspective. One of the applications using multi-view data is for security authentication. Existing security authentication methods used by smart device show unacceptable recognition performance in most of the situations. In this paper, we propose a view-invariant feature learning model, which learns a feature subspace to project the data from different views into a common space. The proposed model exploits two regularization terms constructed with low-rank constraint to dig the global class-structure and the view-invariant structure from different views. Therefore, the complementary information is preserved while redundant information can be removed from the two views. Besides, we develop a numerical iterative scheme to solve the novel objective function. Experimental results prove that our method outperforms other methods.

Enterprise Mobile Device Management Requirements and Features

Hina Batool (Air University, Pakistan); Ammar Masood (Air University, Pakistan)

0
Mobile devices have now become a fundamental human necessity, not only due to their wide set of communication features but mostly due to their immense computing capabilities. The accessibility of mobile services has increased substantially thus leading to the concept of Bring Your Own Device (BYOD) to increase the efficacy and productivity of employees in an enterprise. Though BYOD gives organizations numerous benefits, it also presents great risks. Many enterprises have deployed Mobile device management (MDM) solution to secure BYOD environment. In this work we first determine the security risks associated with BYOD environment, followed by identification of requisite security requirements a MDM solution must support to mitigate these risks. On the basis of these requirements, our approach examines and compares leading commercial MDM solutions; an analysis, not only helpful in selection of appropriate solution for an enterprise but also suitable to provide guidelines for development of a customized solution.

A Convolutional Neural Network-Based RF Fingerprinting Identification Scheme for Mobile Phones

Sheng Wang (Southeast University, China); Linning Peng (Southeast University, China); Hua FU (Southeast University, China); Aiqun Hu (Southeast University, China); Xinyu Zhou (Southeast University, China)

0
Global system for mobile communications (GSM) is one of the most widely used communication standards in the world today, which still has a large number of users, so it is of great security significance to identify devices operating in a GSM network. This paper proposes a novel radio frequency fingerprinting (RFF) based device identifications method for mobile phones. A differential constellation trace figure (DCTF) physical layer RFF extraction and convolutional neural network (CNN) based classification scheme is designed to identify accessing mobile phones. Theoretical analysis shows that differential process of GSM signal can effectively reflect the characteristics of RFF from different phones. Compared with the existing RFF identification methods, CNN based classification can identify the DCTF of different devices with low complexity and high accuracy. Furthermore, the proposed DCTF-CNN method is robust to different device locations and GSM parameters. Experimental results show that the accuracy of the proposed DCTF-CNN method can reach 92.97\% and 99.77\% with SNR at 25~dB and 50~dB for 6 mobile phones.

Comprehensive Detection of Vulnerable Personal Information Leaks in Android Applications

Nattanon Wongwiwatchai (Chulalongkorn University, Thailand); Phannawhat Pongkham (Chulalongkorn University, Thailand); Kunwadee Sripanidkulchai (Chulalongkorn University, Thailand) [1570624137]

0
Privacy is important and valued by individuals in our society. However, the wide use of the Internet and applications that connect us humans together has introduced new complexities to how privacy can be maintained. Many notorious mobile applications have taken away user privacy by transmitting personal information without users' awareness. In this paper, we introduce VULPIX, an approach towards comprehensive detection of privacy leaks in Android mobile applications. We define a comprehensive list of data elements that are considered to be personal information and evaluate the comprehensiveness of detecting leaked personal information on a set of Android applications.

Session Chair

Lei Chen & Danda B. Rawat

Session MobiSec-Keynote

Keynote

Conference
10:30 AM — 11:00 AM EDT
Local
Jul 6 Mon, 10:30 AM — 11:00 AM EDT

Consensus Protocols and Security of Blockchain

Wenjing Lou (Virginia Tech.)

0
TBA

Session Chair

Lei Chen & Danda B. Rawat

Session MobiSec-S2

Network & Communication Security

Conference
11:30 AM — 1:00 PM EDT
Local
Jul 6 Mon, 11:30 AM — 1:00 PM EDT

D-S based Fusion Method for Against Malicious Nodes in Wireless Sensor Networks

Qiao Tian (Harbin Engineering University, China); Pengwan Qin (PLA, China); Meiyu Wang (Harbin Engineering University, China); Yang Liu (Beijing Insititute of Astronautical Systems Engineering, China)

0
Malicious nodes attacks pose a great security threat to the multi-sensor networks, especially the fusion result of the fusion center. Dempster-Shafer (D-S) evidence theory is a very effective fusion method, but conflict evidences brought by malicious nodes will greatly affect the accuracy of traditional D-S fusion method. Based on the above considerations, this paper adopts an improved D-S evidence theory method, which can intelligently reduce the influence of malicious nodes on the decide results during the fusion process, thereby improving the security of the entire wireless sensor networks. Finally, several examples are carried out on the background of network security situational awareness, which proves the feasibility of the proposed method.

Location-Aided Secure Transmission for Uplink Massive MIMO System Against Full-Duplex Jammer

Zhexian Shen (PLA Army Engineering University, China); Kui Xu (Army Engineering University of PLA, China)

0
In the study of physical layer security for massive multiple-input multiple-output (MIMO) systems, the operating mechanism of jammer is often considered simple and fixed, which underestimates the disruption and flexibility of jamming attacks. It is possible for a massive MIMO system to suffer from simultaneous jamming and eavesdropping during the training and transmission phase, or an intelligent jammer may switch the duplex mode so as to match the purpose with lower power consumption. In these cases, the anti-jamming schemes proposed in previous papers may fail, and a robust secure transmission against flexible jamming should be designed. To this end, we mainly focus on the interactions between the base station and jammer in the uplink massive MIMO system, where the jammer is capable of working in full-duplex mode to obstruct the base station and eavesdrop on uplink users simultaneously. The spatial orthogonality brought by the location of jammer and users is used to produce a two-layer combiner at the base station for the purpose of suppressing signals from jamming direction. Under this condition, we prove that the jammer falls into a half-duplex eavesdropper. Then a statistical eavesdropping bound is given without the instantaneous channel state information (CSI) of eavesdropping channels, which guides the power control of users in order that the secrecy capacity is optimized.

Security Analysis of LTE-V2X and A Platooning Case Study

Pengfei Zhu (Beijing University Of Posts And Telecommunications, China); Konglin Zhu (Beijing University of Posts and Telecommunications, China); Lin Zhang (Beijing University of Posts and Telecommunications, China)

0
C-V2X extended from cellular networks has been considered one of the promising communication techniques for Internet of Vehicles (IoV). Correspondingly, it inherits the security issues from cellular networks, i.e., LTE or 5G, and also bring new types of security issues. In this paper, we take LTE-V2X as an example to investigate the potential security and privacy issues of LTE-V2X. In particular, we first study the LTE-V2X communication procedure and discover the potential security flaws. Then we use the platooning case to show the harmfulness caused by different types of attacks using the security flaws. Finally, we use SUMO and OMNET++ to simulate platoon and LTE-V2X, and conduct different types of attacks on the simulator. The simulation results show that various attacks significantly degrade the performance of platoon from the perspective of inter-vehicle distance and vehicle speed.

Fountain-Coding-Aided Secure Delivery via Cross-locking Between Payload Data and Control Information

Hanxun Ren (Xi'an Jiaotong University, China); Qinghe Du (Xi'an Jiaotong University, China); Yijie Ou (Xi'an Jiaotong University, China); Pinyi Ren (Xi'an Jiaotong University, China)

1
The conventional fountain-coding aided strategies realize transmission secrecy by ensuring the legitimate receiver can accumulate the sufficient number of fountain-coded packets before the eavesdropper does, which emphasise on the security of entire file. However, in the process of communication a fraction of confidential message will be recovered by parts of correct decoding of intercepted packets at the eavesdropper, which is forbidden for some scenarios with stringent security requirement. To solve the above mentioned issue, we propose a secure transmission scheme via cross-locking between the fountain-coded data and the codebook information, in which the generating matrix of fountain codes is implicitly transferred between legitimate pairs such that the inter-data codebook information can be protected. Specifically, the transmitter exploits fountain-coded packets legitimate user received to encrypt the key associated with the generating matrix to prevent eavesdropper from decoding any coded packets, thereby the secure transmission is guaranteed. A wireless secure transmission system based on the proposed scheme is developed on the software radio platform and its security performance is evaluated in actual scenarios. The experimental results demonstrate that the proposed scheme outperforms the existing comparison schemes in terms of the intercept probability and the recovering proportion for eavesdropper.

Session Chair

Lei Chen & Danda B. Rawat

Session MobiSec-S3

Privacy, Trust & Threats

Conference
2:30 PM — 4:00 PM EDT
Local
Jul 6 Mon, 2:30 PM — 4:00 PM EDT

QuickWalk: Quick Trust Assessment for Vehicular Social Networks

Ziyi Shen (University of North Texas, USA); Shuyu He (University of North Texas and Harbin Engineering Univ, USA); Qing Yang (University of North Texas, USA)

0
To avoid the untrustworthy information transmitted within a vehicular network, we propose a quick trust assessment algorithm, called QuickWalk, to evaluate the trust relation between any pair of vehicles in the network. Leveraging on the trustworthiness information, vehicle would only receive and process those shared from the trustworthy peers. The key of solution is to construct a vehicular social network (VSN) among vehicles, enabling vehicles to connect and communicate with each other by exchanging information. Then, the trust relation between an information seeker and a provider can be modeled and computed from the social connections between them. The QuickWalk algorithm is designed based on the three-valued subjective logic model, and is able to offer faster trust evaluation within a VSN. Simulation results not only validate the correctness of the QuickWalk algorithm but also confirm that QuickWalk outperforms the state-of-the-art solution by offering a smaller execution time, while assessing trust of vehicles in a VSN.

Protecting Privacy From Aerial photography: State of the Art, Opportunities, and Challenges

Bin Jiang (Tianjin University, China); Jiachen Yang (Tianjin University,China, China); Houbing Song (Embry-Riddle Aeronautical University, USA)

0
With the continuous development of unmanned aerial vehicle (UAV) photography and mapping technology, there are more and more air-to-ground information acquisition methods, which provide more choices for both industry and entertainment. Under the help of drones, operators can obtain and collect information on the ground, and air-to-ground images are often the convenient types. However, the issue of privacy protection can not be ignored here. In special situations, it will violate the right of privacy. Faced with such a problem, how to properly prevent privacy leakage and protect air-to-ground information security has become an unavoidable topic. In this paper, we make a detailed survey to summarize the relevant both technical and legal issues. Specially, the whole survey can be divided into four main parts: overview of airborne optical equipment, possible privacy infringement methods based on drones, privacy protection in drones applications and related legal aspects. Based on the survey content in this article, we can set up several valuable research directions in this field and improve the privacy protection in civilian drones applications. More effective privacy protection methods will also be applied to industry to enhance the application effect of UAV aerial photography technology.

Quantitative Analysis on Source-Location Privacy for Wireless Sensor Networks

Di Tang (The Third Research Institute of Ministry of Public Security, China); Jian Gu (The Third Research Institute of Ministry of Public Security, China); Weijia Han (Shaanxi Normal University, China); Xiao Ma (Shaanxi Normal University, China)

1
Wireless sensor networks (WSNs) have been widely used in various applications for continuous event monitoring and detection. Dual to lack of a protected physical boundary, WSNs are vulnerable to trace-back attacks. The existing secure routing protocols are designed to protect source location privacy by increasing uncertainty of routing direction against statistic analysis on traffic flow. Nevertheless, the security has not been quantitatively measured and shown to indicate the direction of secure routing design. In this paper, we propose a theoretical security measurement scheme to define and analyze the quantitative amount of the information leakage from each eavesdropped message. Through the theoretical analysis, we identify vulnerabilities of existing routing algorithms and quantitatively compute the direction information leakage based on various routing strategy. The theoretical analysis results also indicate the direction for maximization of source location privacy.

An Improved Shapley Value Benefit Distribution Mechanism in Cooperative Game of Cyber Threat Intelligence Sharing

Weiqiang Xie (XIDIAN University, China); Xiao Yu (XIDIAN University, China); Zhang Yuqing (University of Chinese Academy of Sciences, China); He Wang (unknown)

0
Cyber threat intelligence sharing enables organizations to gain stronger cyber security defense capabilities with less security investment. However, how to motivate organizations to share more threat intelligence information is a challenge. In this paper, cyber threat intelligence sharing is modeled as a cooperative game model, and a reward mechanism based on the shapley value is proposed. In this mechanism, we first introduced the concept of risk coefficient in cyber threat intelligence sharing, and improved the basic Shapley value benefit distribution mechanism to make the distribution of benefits more fair and reasonable.Finally, the validity of the proposed model is verified by a case.

Session Chair

Wenjia Li & Yun Lin

Session MobiSec-S4

General Topics

Conference
4:30 PM — 6:30 PM EDT
Local
Jul 6 Mon, 4:30 PM — 6:30 PM EDT

Self Energy Recycling for Full-Duplex enabled D2D with SWIPT and Uplink NOMA

Ishan Budhiraja (TIET PAtiala, India); Neeraj Kumar (Thapar University Patiala, India); Sudhanshu Tyagi (Thapar Institute of Engineering & Technology, Deemed University, Patiala, India); Quoc-Viet Pham (Incehon University, India); Mohsen Guizani (Qatar University, Qatar)

0
Simultaneous wireless information and power transfer (SWIPT) is a technique in which users harvest energy and receive data simultaneously from the base station (BS) to charge their energy-constrained batteries and improve their quality-of-service (QoS). Despite it, this technique suffers from the doubly near-far problem where the users who lie at the edges of a cell do not receive a sufficient amount of energy due to fading, resulting in system performance degradation. In this paper, we integrate the self-energy recycling technique with the full-duplex enabled D2D communication system. With this technique, the D2D cell edge user (DCEU) harvests energy from its self-interference and uses that energy to transmit data to its nearest D2D cell centre user (DCCU). Then, the DCCU multiplexes its data with the DCEU and transmits it to the BS using uplink Non-orthogonal multiple access (NOMA). In data transmission, both the DCCU and DCEU consume a large amount of energy due to which their QoS decreases. Our goal in this paper is to minimize the total energy consumed by the DCEU and DCCU while maintaining their QoS. The formulated problem is non-linear due to time and power constraints, and non-convex due to self and NOMA interference. To solve this problem, we use the joint time and power allocation scheme. Numerical results demonstrate that our proposed scheme achieves optimal energy consumption.

SDN-enabled Traffic Alert System for IoV in Smart Cities

Gunasekaran Raja (Anna University, India); Priyanka Dhanasekaran (Anna University, India); Sudha Anbalagan (SRM University, India); Aishwarya Ganapathisubramaniyan (Anna University, India); Ali Kashif Bashir (Manchester Metropolitan University, United Kingdom (Great Britain))

0
Intelligent Transportation System (ITS) are helping to enhance road safety and traffic management applications. Internet of Vehicles (IoV) plays a promising role in this field, which turns each vehicle into a smart object with its own compute, storage, and networking capabilities. Nowadays, accidents have been increased mainly due to un-notified alerts about other accidents, work-in-progress, and excessive motorized vehicles at peak times. This non-line of sight information can be efficiently delivered using vehicular communication. IoV network, however has its own challenges like high mobility and dynamic network topology. The above mentioned challenges are addressed with the assistance of a centralized Software Defined Network (SDN), which isolates the control plane from the data plane. In IoV, SDN provides logically centralized traffic management and improves the vehicular communication. In this paper, the Software Defined-Internet of Vehicles (SD-IoV) system is designed to manage heavy traffic and avoids broadcast storm problem with high packet delivery ratio. The proposed broadcast routing mechanism uses selective forwarding and neighbor awareness of the vehicle to efficiently broadcast emergency alert messages, thereby avoiding traffic jams and reducing travel time. On-Board Unit (OBU) in vehicles detects the accident and initializes the broadcast algorithm in SD-IoV system. The accident detection by OBU in vehicles is simulated using machine learning technique with an accuracy of 90%. Simulation performed in SUMO and OMNeT++ shows that with the help of the SDN controller, the IoV network achieves a high packet delivery ratio with minimal delay.

Features Fusion based Automatic Modulation Classification Using Convolutional Neural Network

Chunsheng Lin (Beijing University of Posts and Telecommunications, China); Juanjuan Huang (Beijing University of Posts and Telecommunications, China); Sai Huang (Beijing University of Posts and Telecommunications, China); Yuanyuan Yao (Beijing Information Science & Technology University, China); Xin Guo (Zhengzhou University, China)

0
The modulation format is a key parameter that influences the monitoring of the intercepted signals. Automatic modulation classification (AMC) is utilized to recognize the modulation format of the intercepted signals. However, most recent AMC methods neglect the complementarity of different features. In this paper, we propose a novel features fusion based AMC scheme using convolutional neural network (FFCNN). Fusion features are generated by concatenating the two-dimensional spectrum correlation function (SCF) images and the graphic constellation (GC) images. Moreover, the FFCNN classifier is utilized to obtain more discriminative representations and makes the final modulation classification decisions. Extensive simulations demonstrate that the proposed FFCNN scheme outperforms other recent methods.

Signal Recognition Based On Federated Learning

Jibo Shi (Harbin Engineering University, China); Haojun Zhao (Harbin Engineering University, China); Meiyu Wang (Harbin Engineering University, China); Qiao Tian (Harbin Engineering University, China)

0
Radio signal modulation recognition has a wide range of applications in spectrum detection, channel estimation, and interference recognition, and is a prerequisite step for signal decoding and demodulation. With the development of artificial intelligence, great progress has been made in signal recognition using deep learning methods. However, the method of deep learning requires a large amount of data. Today, with more and more emphasis on data privacy and security protection, there are usually hard-to-break barriers between data sources. This makes the data limited and of poor quality, which is not enough to support deep learning training. Federated learning may be a feasible direction to solve this problem. In this article, we will discuss signal modulation recognition based on federated learning, and the results show that an acceptable recognition rate is achieved while satisfying privacy protection and data security.

Instagram User Behavior Identification Based on Multidimensional Features

Hua Wu (Southeast University, China); Qiuyan Wu (Southeast University, China); Guang Cheng (Southeast University, China); Shuyi Guo (Southeast University, China)

0
The development of smartphones and social networks has brought great convenience to our lives. Due to the increasing requirements of user privacy, user data are protected by encryption protocol. But it also makes it difficult to regulate malicious behavior. The existing user behavior identification adopts the statistical features of encrypted traffic, which fluctuates greatly in different transmission environments. In this paper, we propose a method to obtain the stable features of encrypted traffic. Based on the principle of maximum entropy, we put forward an approach to divide the distribution ranges of these stable features, and map the feature space into SVM vector space. Our research focuses on multiple user behavior in the Instagram application. The evaluation results achieve 99.8% accuracy, 99.3% precision, 99.3% recall, and 0.09% false positive rate(FPR) on average.

Optimal Power Splitting for Simultaneous Wireless Information and Power Transfer in Millimeter-wave Networks

Yihan Liang (Shenzhen University, China); Yejun He (Shenzhen University, China); Jian Qiao (Shenzhen University, China)

0
Simultaneous wireless information and power transfer (SWIPT)-enabled millimeter-wave (mmWave) network is one of the most effective solutions to solve the problem of high power consumption at wireless devices caused by high data rate applications. In this paper, we propose a SWIPT-enabled mmWave network and investigate the influence of mmWave propagation features on rate-energy (R-E) tradeoff of SWIPT system. In addition, an optimal power splitting (PS) policy is proposed to minimize the duration until battery exhausting, communication interruption and information loss occur. Finally, the proposed PS policy is modeled by Markov decision process (MDP) problem and realized by reinforcement learning (RL) algorithm. Simulation results show that the proposed RL-based PS policy can achieve higher battery energy level and stable data rate which can keep a good QoS of the whole SWIPT-enabled mmWave network.

Session Chair

Wenjia Li & Yun Lin

Made with in Toronto · Privacy Policy · © 2020 Duetone Corp.