• Home

  • Education

  • Security and Privacy Enhancement Framework for Mobile Devices using Active Authentication
3
@ IJTSRD | Available Online @ www ISSN No: 245 Inte R Security and P for Mobile De S Udith N Departme G.K.M. College of Eng ABSTRACT The techniques we used to develop and separation of enterprise content and per an end-user's device. Although the enter the environment in which work-related conducted, referred to as a work perso applications installed on the mobile make the enterprise content vulnerable exfiltration.An application restrictio configured through our Application Manager (ARM) Policy Manager that set different restrictions for each installe Our approach, that we refer to as Droid on post-installation application restric Such policies dynamically restrict the mobile applications at run-time. A restriction policy is configured Application Restriction Manager (A Manager that allows one to set differe for each installed application. Adhering our ARM system limits the capab application by restricting access to da resources contained within the work shadowing is a data and system resou technique we have chosen to levera implemented DroidARM and integrate Android operating system. Our experi show that our approach is efficient and e Keywords: Text, application usage, w and location I. INTRODUCTION Main objective of this project is to M applications often have access to sens resources on the user device. Misuse of t w.ijtsrd.com | Volume – 2 | Issue – 3 | Mar-Apr 56 - 6470 | www.ijtsrd.com | Volum ernational Journal of Trend in Sc Research and Development (IJT International Open Access Journ Privacy Enhancement Framew evices using Active Authenticat Narayanan, P Vignesh, T Manigandan ent of Computer Science and Engineering, gineering and Technology, Chennai, Tamil Nadu d to ensure the ersonal data on rprise manages d activities are ons third-party devices may e to misuse or on policy is n Restriction allows one to ed application. dARM, focuses ction policies. capabilities of An application through our ARM) Policy ent restrictions g to the policy, bilities of an ata and system persona. Data urce protection age. We have ed it into the imental results effective. web browsing, Mobile Android sitive data and this data by malicious applications may re and sensitive data leakage. In sensor positioning techniques of the device. In addition to th set the restrictions of mobile and message passing system introduced the design of ou describing the components framework with the correspon II. RELATED WORKS The sampling error, question difficulties in conducting te introduce some error or bia opinion polls.“M. Duggan, 2013,” PewResearchCenter, W 2013”. Andreas Saltos, D Schreiber, Sarah Lichenstein (Corresponding author), Ma Safety Studies). The various p problem, one promising techni a procedure for measuring mouse behavioral character biometric.“On the Effectivene Mouse Dynamics Biometric fo A Benchmark Study”.Chao S Xiaohong Guan Jialin Wang , ICB, 2012.The special-charac features capture aspects of com user’s style usually not found problem settings. “Decision active authentication”.A. Fri Professional july 2013. As a phone numbers and addresses r 2018 Page: 1196 me - 2 | Issue 3 cientific TSRD) nal work tion u, India esult in privacy breaches n our paper, we rely on s to retrieve the location hese techniques, we also device in login sessions m to admin control .We ur architecture through of our access control nding role of its entities. n wording and practical elephone surveys may as into the findings of “Cell phone activities Washington, DC, USA, Daniel Smith, Kristin n, Richard Lichenstein ay 26, 2015(Journal of potential solutions to this ique is mouse dynamics, and assessing a user’s ristics for use as a ess and Applicability of or Static Authentication: Shen Zhongmin Cai1, ,In Proc. IEEE 5th IAPR cter placeholders, some mputer.org/ITPro 3 1 the d in standard authorship fusion for multimodal idman et al, IEEE IT result of this, not only are stored in the mobile

Security and Privacy Enhancement Framework for Mobile Devices using Active Authentication

  • Upload
    ijtsrd

  • View
    2

  • Download
    0

Tags:

Embed Size (px)

DESCRIPTION

The techniques we used to develop and to ensure the separation of enterprise content and personal data on an end users device. Although the enterprise manages the environment in which work related activities are conducted, referred to as a work persons third party applications installed on the mobile devices may make the enterprise content vulnerable to misuse or exfiltration.An application restriction policy is configured through our Application Restriction Manager ARM Policy Manager that allows one to set different restrictions for each installed application. Our approach, that we refer to as DroidARM, focuses on post installation application restriction policies. Such policies dynamically restrict the capabilities of mobile applications at run time. An application restriction policy is configured through our Application Restriction Manager ARM Policy Manager that allows one to set different restrictions for each installed application. Adhering to the policy, our ARM system limits the capabilities of an application by restricting access to data and system resources contained within the work persona. Data shadowing is a data and system resource protection technique we have chosen to leverage. We have implemented DroidARM and integrated it into the Android operating system. Our experimental results show that our approach is efficient and effective. S Udith Narayanan | P Vignesh | T Manigandan "Security and Privacy Enhancement Framework for Mobile Devices using Active Authentication" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-2 | Issue-3 , April 2018, URL: https://www.ijtsrd.com/papers/ijtsrd11175.pdf Paper URL: http://www.ijtsrd.com/engineering/computer-engineering/11175/security-and-privacy-enhancement-framework-for-mobile-devices-using-active-authentication/s-udith-narayanan

Citation preview

Page 1: Security and Privacy Enhancement Framework for Mobile Devices using Active Authentication

@ IJTSRD | Available Online @ www.ijtsrd.com

ISSN No: 2456

InternationalResearch

Security and Privacy Enhancement Frameworkfor Mobile Devices

S Udith Narayanan, P Vignesh, T ManigandanDepartment of Co

G.K.M. College of Engineering and Technology, Chennai, Tamil Nadu, India

ABSTRACT

The techniques we used to develop andseparation of enterprise content and personal data on an end-user's device. Although the enterprise manages the environment in which work-related activities are conducted, referred to as a work personapplications installed on the mobile devices may make the enterprise content vulnerable to misuse or exfiltration.An application restriction policy is configured through our Application Restriction Manager (ARM) Policy Manager that allows one to set different restrictions for each installed application. Our approach, that we refer to as DroidARM, focuses on post-installation application restriction policies. Such policies dynamically restrict the capabilities of mobile applications at run-time. An application restriction policy is configured through our Application Restriction Manager (ARM) Policy Manager that allows one to set different restrictions for each installed application. Adhering to the policy, our ARM system limits the capabilities of an application by restricting access to data and system resources contained within the work persona. Data shadowing is a data and system resource protection technique we have chosen to leverage. We have implemented DroidARM and integrated it into the Android operating system. Our experimental show that our approach is efficient and effective.

Keywords: Text, application usage, web browsing, and location

I. INTRODUCTION

Main objective of this project is to Mobile Android applications often have access to sensitive data and resources on the user device. Misuse of this data by

@ IJTSRD | Available Online @ www.ijtsrd.com | Volume – 2 | Issue – 3 | Mar-Apr 2018

ISSN No: 2456 - 6470 | www.ijtsrd.com | Volume

International Journal of Trend in Scientific Research and Development (IJTSRD)

International Open Access Journal

Security and Privacy Enhancement Frameworkfor Mobile Devices using Active Authentication

S Udith Narayanan, P Vignesh, T Manigandan Department of Computer Science and Engineering,

G.K.M. College of Engineering and Technology, Chennai, Tamil Nadu, India

and to ensure the separation of enterprise content and personal data on

user's device. Although the enterprise manages related activities are

conducted, referred to as a work persons third-party he mobile devices may

make the enterprise content vulnerable to misuse or An application restriction policy is

configured through our Application Restriction Manager (ARM) Policy Manager that allows one to

nstalled application. Our approach, that we refer to as DroidARM, focuses

installation application restriction policies. Such policies dynamically restrict the capabilities of

time. An application nfigured through our

Application Restriction Manager (ARM) Policy Manager that allows one to set different restrictions for each installed application. Adhering to the policy, our ARM system limits the capabilities of an

o data and system resources contained within the work persona. Data shadowing is a data and system resource protection technique we have chosen to leverage. We have implemented DroidARM and integrated it into the Android operating system. Our experimental results show that our approach is efficient and effective.

pplication usage, web browsing,

Main objective of this project is to Mobile Android applications often have access to sensitive data and resources on the user device. Misuse of this data by

malicious applications may result in privacy breaches and sensitive data leakage. In our paper, sensor positioning techniques to retrieve the location of the device. In addition to these techniques, we also set the restrictions of mobile device in login sessions and message passing system to admin control introduced the design of our adescribing the components of our access control framework with the corresponding role of its entities.

II. RELATED WORKS

The sampling error, question wording and practical difficulties in conducting telephone surveys may introduce some error or bias into the findings of opinion polls.“M. Duggan, “Cell phone activities 2013,” PewResearchCenter, Washington, DC, USA, 2013”. Andreas Saltos, Daniel Smith, Kristin Schreiber, Sarah Lichenstein, Richard Lichenstein (Corresponding author), May 26, 20Safety Studies). The various potential solutions to this problem, one promising technique is mouse dynamics, a procedure for measuring and assessing a user’s mouse behavioral characteristics for use as a biometric.“On the Effectiveness and ApMouse Dynamics Biometric for Static Authentication: A Benchmark Study”.Chao Shen Zhongmin Cai1, Xiaohong Guan Jialin Wang ,In ICB, 2012.The special-character placeholders, some features capture aspects of computer.org/Iuser’s style usually not found in standard authorship problem settings. “Decision fusion for multimodal active authentication”.A. Fridman Professional july 2013. As a result of this, not only phone numbers and addresses are stor

Apr 2018 Page: 1196

6470 | www.ijtsrd.com | Volume - 2 | Issue – 3

Scientific (IJTSRD)

International Open Access Journal

Security and Privacy Enhancement Framework sing Active Authentication

G.K.M. College of Engineering and Technology, Chennai, Tamil Nadu, India

malicious applications may result in privacy breaches and sensitive data leakage. In our paper, we rely on sensor positioning techniques to retrieve the location of the device. In addition to these techniques, we also set the restrictions of mobile device in login sessions and message passing system to admin control .We introduced the design of our architecture through describing the components of our access control framework with the corresponding role of its entities.

The sampling error, question wording and practical difficulties in conducting telephone surveys may

r or bias into the findings of opinion polls.“M. Duggan, “Cell phone activities 2013,” PewResearchCenter, Washington, DC, USA, 2013”. Andreas Saltos, Daniel Smith, Kristin Schreiber, Sarah Lichenstein, Richard Lichenstein (Corresponding author), May 26, 2015(Journal of Safety Studies). The various potential solutions to this problem, one promising technique is mouse dynamics, a procedure for measuring and assessing a user’s mouse behavioral characteristics for use as a biometric.“On the Effectiveness and Applicability of Mouse Dynamics Biometric for Static Authentication: A Benchmark Study”.Chao Shen Zhongmin Cai1, Xiaohong Guan Jialin Wang ,In Proc. IEEE 5th IAPR

character placeholders, some features capture aspects of computer.org/ITPro 3 1 the user’s style usually not found in standard authorship problem settings. “Decision fusion for multimodal active authentication”.A. Fridman et al, IEEE IT

As a result of this, not only phone numbers and addresses are stored in the mobile

Page 2: Security and Privacy Enhancement Framework for Mobile Devices using Active Authentication

International Journal of Trend in Scientific Research and Development (IJTSRD) ISSN: 2456-6470

@ IJTSRD | Available Online @ www.ijtsrd.com | Volume – 2 | Issue – 3 | Mar-Apr 2018 Page: 1197

device but also financial information and business details which definitely should be kept private. “Unobtrusive User-Authentication on Mobile Phones using Biometric Gait Recognition”.Mohammad O. Derawi , Claudia Nickel , Patrick Bours and Christoph Busch.In Proc. IEEE 6th Int. Conf. IIH-MSP, 2010.

III. PROPOSED SYSTEM

In this paper we have proposed the restriction system for application, there is the application blocking that is internal and external application want to block through the admin panel the particular application connectivity The Administrator has set the privileges

to access the persons. The person has no permission to access the restriction apps. She/he cannot access the restriction application, and the menu options with the message passing system into admin panel , the user want to use restriction application for emergency purpose incase user can pass the message into the admin panel , if it’s the valid reason then the administrator can allow to use application for that user. There is extra propose in this, such that the alarm notify the system to remind if the user forget to logout the application. When the person login the application it will be shown in the admin and can restrict. There are also logout options in case if the user logout then the person device cannot control.

Fig.2 Block diagram of ARS

A. Admin panel creation:

Develop the admin panel using the localhost (wampserver & myphpadmin) and create the default login account for all the application user along with restriction menus.

B. Policy Manager:

The admin can control the android application only if the terms and conditions (policy) are accepted by the android user.

C. Authentication:

The authentication process will be done between the mobile device & admin panel in the login account if and only if login is successful and gets the user permission to access the admin panel.

D. Admin restriction system: If the user login the account in android mobile it will be shown in the admin panel who are logging in &being in online list only then admin can set the privileges for users.

CONCLUSIONS

In this paper, we proposed parallel binary decision-level fusion architecture for classifiers based on four biometric modalities: text, application usage, web browsing, and location. Using this fusion method we addressed the problem of active authentication and characterized its performance on a real-world data set of 200 subjects, each using their personal Android mobile device for a period of at least 30 days.

Page 3: Security and Privacy Enhancement Framework for Mobile Devices using Active Authentication

International Journal of Trend in Scientific Research and Development (IJTSRD) ISSN: 2456-6470

@ IJTSRD | Available Online @ www.ijtsrd.com | Volume – 2 | Issue – 3 | Mar-Apr 2018 Page: 1198

REFERENCES

1. “Biometric Authentication Using Wavelet Probabilistic Neural Network”.Ching-Han Chen, Ching-Yi Chen2,2013 IEEE 17th International Symposium on Consumer Electronics (ISCE).

2. “Towards Multiple User Active Authentication in Mobile Devices”, Mattias Andersson , Hironao Okada, IEEE TENCON 2013 Journal Publication.

3. “ Extracting IM evidence of Android apps Sign In or Purchase”,Dr. Sridhar Mandapati , Sravya Pamidi , Sriharitha Ambati,Journal of Computer Engineering 2015.

4. “Monitoring Temperature Changes in Body”,Abdul Hadi H. Nograles, Felicito S. Caluyo, IEEE INDICON 2013 Journal Publication.

5. “Toward Writing Style Anonymization”,Akshata V.S, Rumana Pathan, Poornima Patil, Farjana Nadaf.International Journal of Core Engineering and Management(IJCEM) 2014.


Authentication and Privacy in EPON

Authentication and Privacy in EPON

Documents
Week 13 - Wednesday. What did we talk about last time? Authentication and privacy Data mining and privacy Privacy online

Week 13 - Wednesday. What did we talk about last time? Authentication and privacy Data mining and privacy Privacy online

Documents
Privacy and Authentication: An Introduction to Cryptography

Privacy and Authentication: An Introduction to Cryptography

Documents
Security – Authentication and Encryption - cs.cmu.edu110/slides/week12-1-security.pdf · Learning Goals •Define the following terms: data privacy, data security, authentication,

Security – Authentication and Encryption - cs.cmu.edu110/slides/week12-1-security.pdf · Learning Goals •Define the following terms: data privacy, data security, authentication,

Documents
(2007) BioKey - Privacy Preserving Biometric Authentication

(2007) BioKey - Privacy Preserving Biometric Authentication

Technology
IDENTITY BASED ENCRYPTION PROTOCOL FOR PRIVACY AND AUTHENTICATION

IDENTITY BASED ENCRYPTION PROTOCOL FOR PRIVACY AND AUTHENTICATION

Documents
A privacy-preserving authentication service using mobile devices · 2018-11-27 · A privacy-preserving authentication service using mobile devices Mihai Togan Security Software Architect

A privacy-preserving authentication service using mobile devices · 2018-11-27 · A privacy-preserving authentication service using mobile devices Mihai Togan Security Software Architect

Documents
Hop-By-Hop Authentication and Source Privacy in Wireless Sensor Networks

Hop-By-Hop Authentication and Source Privacy in Wireless Sensor Networks

Documents
Summary of Lecture 4 Authentication (Review). CSE2500 System Security & Privacy Access Control Srini & Nandita 2 Authentication means to establish the

Summary of Lecture 4 Authentication (Review). CSE2500 System Security & Privacy Access Control Srini & Nandita 2 Authentication means to establish the

Documents
Hop by-hop message authentication and source privacy in wireless sensor networks

Hop by-hop message authentication and source privacy in wireless sensor networks

Education
Privacy-Preserving RFID Systems: Model and Constructions · her. This leads to the notion of “privacy-preserving” authentication. Several models for privacy preserving RFID authentication

Privacy-Preserving RFID Systems: Model and Constructions · her. This leads to the notion of “privacy-preserving” authentication. Several models for privacy preserving RFID authentication

Documents
Resource recommendation vs privacy enhancement

Resource recommendation vs privacy enhancement

Technology
A privacy-preserving authentication protocol with secure

A privacy-preserving authentication protocol with secure

Documents
Multi-factor Authentication Security Enhancement

Multi-factor Authentication Security Enhancement

Documents
(2007) Privacy Preserving Multi-Factor Authentication with Biometrics

(2007) Privacy Preserving Multi-Factor Authentication with Biometrics

Technology
HMAC-Based Authentication Protocol: Attacks and Improvements€¦ · the privacy of keyed-Hash Message Authentication Code (HMAC)-based RFID mutual authentication protocol which is

HMAC-Based Authentication Protocol: Attacks and Improvements€¦ · the privacy of keyed-Hash Message Authentication Code (HMAC)-based RFID mutual authentication protocol which is

Documents
Audio Restoration, Enhancement & Authentication Terminology

Audio Restoration, Enhancement & Authentication Terminology

Documents
A Privacy Protection User Authentication and Key Agreement

A Privacy Protection User Authentication and Key Agreement

Documents
Encryption, Privacy, & Authentication Chris R Chris H Mindy C

Encryption, Privacy, & Authentication Chris R Chris H Mindy C

Documents
Authentication, Protocols, Passwordssloan/CLASSES/privacy... · authentication User authentication is absolutely crucial If you can impersonate someone else (be authenticated as them),

Authentication, Protocols, Passwordssloan/CLASSES/privacy... · authentication User authentication is absolutely crucial If you can impersonate someone else (be authenticated as them),

Documents
Practical Privacy-preserving ECG-based Authentication for IoT … · 2019-12-17 · severe security and privacy leakages with regard to data privacy and identity authentication are

Practical Privacy-preserving ECG-based Authentication for IoT … · 2019-12-17 · severe security and privacy leakages with regard to data privacy and identity authentication are

Documents
Secure and Privacy Enhanced Authentication & Authorization Protocol in Cloud

Secure and Privacy Enhanced Authentication & Authorization Protocol in Cloud

Documents
A Privacy-Aware Continuous Authentication Scheme for ... · a privacy-aware continuous authentication scheme and architecture for the delivery of proximity-based services. The devised

A Privacy-Aware Continuous Authentication Scheme for ... · a privacy-aware continuous authentication scheme and architecture for the delivery of proximity-based services. The devised

Documents
Enhancement of 802.16e to Support EAP-based Authentication / … · 2004. 1. 29. · 2004-01-27 IEEE C802.16-71/r3 2 Enhancement of 802.16e to Support EAP-based Authentication / Key

Enhancement of 802.16e to Support EAP-based Authentication / … · 2004. 1. 29. · 2004-01-27 IEEE C802.16-71/r3 2 Enhancement of 802.16e to Support EAP-based Authentication / Key

Documents
Privacy-Aware Authentication in the Internet of ThingsKeywords: Internet of Things, privacy, privacy-aware authentication, EPC Gen2, RFID, IPsec, IKEv2 1 Introduction The Internet

Privacy-Aware Authentication in the Internet of ThingsKeywords: Internet of Things, privacy, privacy-aware authentication, EPC Gen2, RFID, IPsec, IKEv2 1 Introduction The Internet

Documents
A Security Enhancement and Proof for AKA (Authentication and Key Agreement)

A Security Enhancement and Proof for AKA (Authentication and Key Agreement)

Documents
Protecting Privacy and Ensuring Security of RFID Systems Using Private Authentication Protocols

Protecting Privacy and Ensuring Security of RFID Systems Using Private Authentication Protocols

Documents
Reconciling User Privacy and Implicit Authentication for ... · plicit authentication systems with veri able security. We consider a network-based implicit authentication sys-tem

Reconciling User Privacy and Implicit Authentication for ... · plicit authentication systems with veri able security. We consider a network-based implicit authentication sys-tem

Documents
A Novel Privacy Preserving Authentication and Access Control …caislab.kaist.ac.kr/publication/paper_files/2006/... · 2018-09-27 · REN etal.: NOVEL PRIVACY PRESERVING AUTHENTICATION

A Novel Privacy Preserving Authentication and Access Control …caislab.kaist.ac.kr/publication/paper_files/2006/... · 2018-09-27 · REN etal.: NOVEL PRIVACY PRESERVING AUTHENTICATION

Documents
1 Destructive Privacy and Mutual Authentication in Vaudenay ...1)We propose an RFID scheme that achieves mutual authentication and destructive privacy in Vau-denay’s model as a natural

1 Destructive Privacy and Mutual Authentication in Vaudenay ...1)We propose an RFID scheme that achieves mutual authentication and destructive privacy in Vau-denay’s model as a natural

Documents