HoneyCirculator: distributing credential honeytoken for introspection of web-based attack cycle

A web user who falsely accesses a compromised website is usually redirected to an adversary’s website and is forced to download malware after being exploited. Additionally, the adversary steals the user’s credentials by using information-leaking malware. The adversary may also try to compromise public websites owned by individual users by impersonating the website administrator using the stolen credentials. These compromised websites then become landing sites for drive-by download malware infection. Identifying malicious websites using crawling techniques requires a large amount of resources and time. To monitor the web-based attack cycle for effective detection and prevention, we propose a monitoring system called HoneyCirculator based on a honeytoken, which actively leaks bait credentials and lures adversaries to our decoy server that behaves like a compromised web content management system. To recursively analyze attack phases on the web-based attack cycle, our proposed system involves collecting malware, distributing bait credentials, monitoring fraudulent access, and inspecting compromised web content. It can instantly discover unknown malicious entities without conducting large-scale web crawling because of the direct monitoring behind the compromised web content management system. Our proposed system enables continuous and stable monitoring for about one year. In addition, almost all the malicious websites we discovered had not been previously registered in public blacklists.     

Personal information leakage detection method using the inference-based access control model on the Android platform

The web services used on desktop can be accessed through a smartphone due to the development of smart devices. As the usage of smartphones increases, the importance of personal information security inside the smartphone is emphasized. The openness features of Android platform make a lot easier to develop an application and also deploying malicious codes into application is an easy task for hackers. The security practices are also growing rapidly as the number of malicious code increases exponentially. According to these circumstances, new methods for detecting and protecting the behavior of leaked personal information are needed to manage the personal information within a smartphone.In this paper, we study the permission access category in order to detect the malicious code, which discloses the personal information on Android environment such as equipment and location information, address book and messages, and solve the problem related to Resource access of Random Access Control method in conventional Android file system to detect the new malware or malicious code via the context ontology reasoning of permission access and API resource information which the personal information are leaked through. Then we propose an inference-based access control model, which can be enabled to access the proactive security. There is more improvement accuracy than existing malicious detecting techniques and effectiveness of access control model is verified through the proposal of inference-based access control model.     

Fast Directional Handoff and lightweight retransmission protocol for enhancing multimedia quality in indoor WLANs

More and more mobile devices such as smartphones are being used with IEEE 802.11 wireless LANs (WLANs or Wi-Fi). However, mobile users are still experiencing poor service quality on the move due to the large handoff delay and packet loss problem. In order to reduce the delay, a new handoff scheme using the geomagnetic sensor embedded in mobile devices is proposed in this paper. The proposed scheme predicts the movement direction of a Mobile Station (MS) from the currently associated Access Point (AP) and performs active scanning with a reduced number of channels. In terms of the packet loss, a lightweight retransmission protocol is also proposed to minimize lost packets on Wi-Fi without producing a lot of acknowledgement packets. The proposed approaches are implemented on Android smartphones, and their performance is evaluated in a real indoor WLAN environment. The evaluation results demonstrate that the proposed schemes maintain seamless quality for real-time video even in an environment with frequent handoffs. Note that the proposed schemes are a client-only solution and do not require modification of the existing APs, which renders them very practical.     

STMAD: sensor-based threat’s mitigation on smartphones using allowlist and denylist

Sensors play a vital role in the smartphone for sensing-enabled mobile activities and applications. Different sources, like mobile applications and websites, access the sensors and use them for various purposes. The user needs permission to access the permission-imposed sensors. Using the generic sensor application programming interface, the user can access the no-permission-imposed sensors directly without any permission. Attackers target these sensors and make the smartphones vulnerable at the application, device and network levels. The attackers access the sensor’s information and use it for different purposes like personal identification number identification and user personal information theft. This paper presents STMAD, a novel allowlist-based intrusion prevention system to mitigate sensor-based threats on smartphones by detecting malicious access of an attacker through different channels. STMAD functions as a lightweight preventive mechanism for all sensors on the smartphone and preventing attackers from accessing sensors maliciously. The experimental results show that the proposed defense mechanism is more efficient and consumes minimal overhead. An informal security analysis also proved that the STMAD protects against various attacks.

     

基于智能手机无线信号和图像距离感知融合的室内定位算法

针对于目前面向个人使用的手机室内定位精度低、效果差,且成本较高难以拓展的问题,提出了一种利用普通智能手机作为硬件设备,融合Wi-Fi无线信号和图像数据,通过双层过滤的方式对用户进行高精度室内定位的算法。算法分为线下阶段和线上阶段。在线下阶段,对目标场地建立坐标系,在坐标系多个目标位置进行Wi-Fi采样并建立指纹库,同时对环境进行拍照取样并抽取图像特征。在线上阶段,通过实时获取的Wi-Fi信息进行第一层过滤,以确定当前用户可能的位置区间;然后,结合提出的一种距离补偿算法对用户手机当前捕获的图像进行特征提取,在第一层过滤的基础上,确定用户的精准位置。在实际场地进行的实验表明,相比传统Wi-Fi及二维图像定位方法,该算法能够在探测接入点（AP）数量较少及室内场景相似的情况下提高室内定位精度,可以应用于一般室内定位应用或结合基于位置的服务（LBS）应用。     

Utility-oriented resource allocation for 360-degree video transmission over heterogeneous networks

Immersive media streaming, especially virtual reality (VR)/360-degree video streaming which is very bandwidth demanding, has become more and more popular due to the rapid growth of the multimedia and networking deployments. To better explore the usage of resource and achieve better video quality perceived by users, this paper develops an application-layer scheme to jointly exploit the available bandwidth from the LTE and Wi-Fi networks in 360-degree video streaming. This newly proposed scheme explores the saliency of video contents, prediction of users' view and channel status information to maximize the system's utility in a multi-RAN environment. It also determines the optimal association of users with multiple Wi-Fi access points (APs). Besides, a novel buffer strategy is proposed to mitigate the influence of short-time prediction problem for transmitting 360-degree videos in time-varying networks. The promising performance and low complexity of the proposed scheme and algorithms are validated in simulations with various 360-degree videos.     

Analysis of smartphone user mobility traces for opportunistic data collection in wireless sensor networks

The increasing ubiquity of smartphones coupled with the mobility of their users will allow the use of smartphones to enhance the operation of wireless sensor networks. In addition to accessing data from a wireless sensor network for personal use, and the generation of data through participatory sensing, we propose the use of smartphones to collect data from sensor nodes opportunistically. For this to be feasible, the mobility patterns of smartphone users must support opportunistic use. We analyze the dataset from the Mobile Data Challenge by Nokia, and we identify the significant patterns, including strong spatial and temporal localities. These patterns should be exploited when designing protocols and algorithms, and their existence supports the proposal for opportunistic data collection through smartphones.     

一种新型的手机安全管理软件设计与实现

随着手机的广泛使用,它遭受到众多恶意攻击,有效的安全管理可以防护用户的信息数据安全.通过研究Symbian手机操作系统体系结构和安全特性,设计并实现一种新型的手机安全管理软件.采用"基于程序行为"的主动检测和"文件服务插件"技术,是在Symbian系统上的新实现,能够检测未知恶意程序,增加手机文件访问控制,实现手机更加安全可靠的信息数据管理.     

JANUS: A Framework for Scalable and Secure Routing in Hybrid Wireless Networks

Hybrid networks consisting of cellular and Wi-Fi networks were proposed as a high-throughput architecture for cellular services. In such networks, devices equipped with cellular and Wi-Fi network cards access Internet services through the cellular base station. The Wi-Fi interface is used to provide a better service to clients that are far away from the base station, via multihop ad hoc paths. The modified trust model of hybrid networks generates a set of new security challenges as clients rely on intermediate nodes to participate effectively in the resource reservation process and data forwarding. In this paper, we introduce JANUS, a framework for scalable, secure, and efficient routing for hybrid cellular and Wi-Fi networks. JANUS uses a scalable routing algorithm with multiple channel access, for improved network throughput. In addition, it provides protection against selfish nodes through a secure crediting protocol and protection against malicious nodes through secure route establishment and data forwarding mechanisms. We evaluate JANUS experimentally and show that its performance is 85 percent of the optimum algorithm, improving with a factor greater than 50 percent over previous work. We evaluate the security overhead of JANUS against two types of attacks: less aggressive, but sufficient for some applications, selfish attacks and purely malicious attacks.     

开放接入点的安全可信接入

随着无线网络公众服务的推进,免费的开放接入点爆发式增长。针对开放接入点日益突出的安全问题,尤其是伪造接入点带来的个人隐私信息泄露,钓鱼攻击,漏洞攻击等,提出了一种基于接入点行为分析的安全可信接入方法。该方法参考了垃圾邮件判定的相关技术,采用D-S证据理论,建立一个推理规则库（包含SSID判别,Beacon密度,AP的物理层特性,数据转发行为特性等）,通过接入点行为证据的分析和合成,完成对接入点可信性的判定,从而避免无线客户端接入非法的接入点。通过典型实例验证了该方法。     

Association management for data dissemination over wireless mesh networks

To enable multimedia broadcasting services in mesh networks, it is critical to optimize the broadcast traffic load. Traditionally, users associate with access points (APs) with the strongest signal strength. We explore the concept of dual-association, where the AP for unicast traffic and the AP for broadcast traffic are independently chosen by exploiting overlapping coverages that are typical in mesh networks. The goal of our proposed solution is to optimize the overall network load by exploiting the flexibility provided by independent selection of unicast and broadcast APs. We propose a novel cost metric based on ETT (Expected Transmission Time) and the number of nodes in range of the APs, that are advertised in the beacons from the APs. Users periodically scan and associate with the AP which has the lowest cost metric. The proposed approach reduces the number of APs that handle the broadcast traffic resulting in a heavy reduction in control and data packet overhead. This leads to higher packet delivery rate and enhanced video quality measured in terms of PSNR. Our approach allows the freed up resources at APs to increase the unicast throughput. We compare the performance of our approach with traditional signal strength based association using extensive simulations and real experiments on an indoor testbed of 180 IEEE 802.11b based devices.     

Securing Wi-Fi networks

Wi-Fi networks, based on the IEEE 802.11 b/g standards, have become very popular in recent years. Many users have installed Wi-Fi networks at home, and numerous corporations have added Wi-Fi access points to their wired networks, giving employees easier access to corporate data and services. Hackers can decrypt and read data on a wireless link protected by built-in WEP encryption, and may even be able to access the data on a wired network through a Wi-Fi access point. We assess Wi-Fi network security in one city, analyze alternative security techniques, and suggest ways to secure such networks.     

Utilizing a Bluetooth remote lock system for a smartphone

With the advent of mobile devices and the convergence of wireless technologies and the Internet, both the content and the quality of research in this field are subject to regular change. A variety of state-of-the-art computing devices that are compatible with each other have been produced. These devices have the ability to interact with people. This is also known as pervasive computing. Particularly, as smartphones have recently become one of the most popular devices worldwide, various convenient applications are being released. Smartphones available today not only provide the ordinary internal processes such as dialing or receiving phone calls, sending text messages, and doing mobile banking, but also increasingly control various other devices that are part of our daily lives. In effect, this means that through smartphone applications, we can remotely control a variety of external devices such as televisions, projectors for presentations, computers, and even cars. The research in this paper is based on the evolving technological possibilities of using smartphone applications to control external devices. This paper presents the design and implementation of a remote lock system using wireless communication on a smartphone. In this context, remote lock system refers to a lock system that can be controlled remotely by a dedicated Android application. Every smartphone is equipped with Bluetooth which makes this technology possible. The application proposed in this paper uses the existing Bluetooth function on Android smartphones to open and manage locks. The users’ lock information can be stored and managed in real time in the database via a server that is built and managed by a server manager. Even if users forget the password of the lock, our proposed lock system can guide them to retrieve it easily, and a user manual is included to help users navigate the system. This system also provides a variety of management functions such as adding, deleting, modifying, and purchasing the user’s own locks.     

Secure Overlay Network Design

Due to the increasing security threats on the Internet, new overlay network architectures have been proposed to secure privileged services. In these architectures, the application servers are protected by a defense perimeter where only traffic from entities called servlets are allowed to pass. End users must be authorized and can only communicate with entities called access points (APs). APs relay authorized users’ requests to servlets, which in turn pass them to the servers. The identity of APs are publicly known while the servlets are typically secret. All communications are done through the public Internet. Thus all the entities involved form an overlay network. The main component of this distributed system consists of n APs and m servlets. A design for a network is a bipartite graph with APs on one side, and the servlets on the other side. If an AP is compromised by an attacker (or fails), all the servlets that are connected to it are subject to attack. An AP is blocked, if all servlets connected to it are subject to attack. We consider two models for the failures: In the stochastic model, we assume that each AP i fails with a given probability p _i . In the adversarial model, we assume that there is an adversary that knows the topology of the network and chooses at most k APs to compromise. In both models, our objective is to design the connections between APs and servlets to minimize the (expected/worst-case) number of blocked APs. In this paper, we give a polynomial-time algorithm for this problem in the stochastic model when the number of servlets is a constant. We also show that if the probability of failure of each AP is at least 1/2, then in the optimal design each AP is connected to only one servlet (we call such designs star-shaped), and give a polynomial-time algorithm to find the best star-shaped design. We observe that this statement is not true if the failure probabilities are small. In the adversarial model, we show that the problem is related to a problem in combinatorial set theory, and use this connection to give bounds on the maximum number of APs that a perfectly failure-resistant design with a given number of servlets can support. Our results provide the first rigorous theoretical foundation for practical secure overlay network design.     

Helpful-stressful cycle? Psychological links between type of mobile phone user and stress

The profusion of smartphones allows more people to have access to a telephone, a computer and the Internet, all via one device. Despite this convenience, excessive usage and habitual checking can cause significant stress for smartphone users. A helpful-stressful cycle is beginning to emerge as a pattern. With this in mind, we develop a model that examines the differences between smartphone and traditional mobile phone users with regard to the relationships between four psychological factors: locus of control (LOC), social interaction anxiety (SIA), need for touch (NFT) and materialism. Our examination explores this in the context of the level of stress these two types of users experience when using their chosen phone. The results from our empirical study suggest that user type moderates the aforementioned relationships. The effects of LOC, SIA and NFT on ‘technostress’ are stronger for smartphone users than for traditional mobile phone users. In contrast, materialism is positively related to stress for traditional mobile phone users but not for smartphone users.     

What a smartphone is to me: understanding user values in using smartphones

The objective of this study is twofold. First, it aims to investigate the various values users achieve with smartphones, which is a form of user‐empowering information technology (IT). The other objective is to introduce a means‐end chain approach into IT‐user studies. An important attraction of smartphones is their personalized environment, which is mainly provided by varied applications. The user personalization ability implies that users achieve diverse benefits with smartphones; that is, users decide what a smartphone is to them rather than adopt a given product. Thus, investigating what values users pursue with a smartphone (i.e. a value‐oriented approach) will give insights into understanding the users. To investigate user values in using smartphones, we conducted a laddering interview with 54 smartphone users and analyzed the data by using a means‐end chain approach to understand consumers' hierarchical value structure. This study contributes to value‐oriented research on user‐empowering IT by revelling how users benefit from smartphones. Furthermore, the study advances value‐oriented research by showing what users actually do with smartphones, from concrete activities to abstract values. In addition, a means‐end chain approach introduced in the study can be another angle for the investigation of user adoption of technology, in that it can describe IT use contexts and practices, which become an important object of analysis in the information systems research.     

IWFUCIA: An integrated model for Wi-Fi fingerprints radio map updating and localization on changed impact analysis

In Wi-Fi fingerprinting indoor localization, automating radio map database maintenance is one of the crucial issues, as it is a labour-intensive and long-term task for collecting and filtering samples to keep an up-to-date and accurate database. In particular, those access points (APs) newly installed in the environment should update radio maps and be included in the database to improve localization performance. This study presents an IWFUCIA system that automates indoor radio map database maintenance (RMapDM) using crowdsourced samples without accurate location annotation. The IWFUCIA incorporates the newly installed APs detection and identification, the significant APs feature selection, fingerprint integration updating, and online localization algorithms. After collecting new crowdsourced samples, we apply Willmott’s index of agreement (WIA) based on the Supported Vector Machine (SVM) regression to detect and identify a newly installed AP and the original existing ones. After getting the new APs, we propose a correlated coefficient and t-test score algorithm to select only those significant AP-based feature samples. We also proposed a fingerprint integration model to fuse original existing and new APs to update the database. Extensive experiments have been conducted in our teaching building to validate and evaluate the effectiveness of IWFUCIA. The results show that our IWFUCIA is robust for long-term maintenance and updating the outdated radio map database server. The average localization accuracy achieves 0.466 m, which significantly outperforms the localization positioning approaches with the original radio map by 84.96%, outdated radio maps by the changed APs powers removed, increased and decreased by 26.32%, 55.36%, and 73.14%, respectively.     

Automated construction of Wi-Fi-based indoor logical location predictor using crowd-sourced photos with Wi-Fi signals

Owing to the recent proliferation of smartphones and the SNS, a large number of images taken by smartphones at various places have been uploaded to SNSs. In addition, smartphones are equipped with various sensors such as Wi-Fi modules that enable us to generate an image associated with the sensory information that represents the context in which the image was captured. This study demonstrates the benefits of images associated with Wi-Fi signals in the automated construction of a Wi-Fi-based indoor logical location classifier that predicts a semantic location label of a user’s position for shopping complexes. In this study, a logical location class refers to the store class label in a shopping complex, such as Starbucks and H&M. Given a collection of images associated with Wi-Fi signals taken at a shopping complex and the complex’s floor plan, the proposed method first estimates the store label at which an image was taken by analyzing the image and crawled online images of branch stores. Then, the 2D coordinates of the images taken at branch stores on the floor coordinate system can be estimated using the floor plan. Subsequently, by using the Wi-Fi signals of the branch store images and their estimated 2D coordinates, we construct a transformation function that maps Wi-Fi signals onto the 2D coordinates, and we adopt this function to predict an indoor location class of an observed Wi-Fi scan from a smartphone possessed by an end user. The proposed transformation function comprises an ensemble of sub-functions designed based on CVAEs. Finally, we demonstrate the effectiveness of the proposed method for three actual shopping complexes.     

Usability Principles for Augmented Reality Applications in a Smartphone Environment

Through the rapid spread of smartphones, users have access to many types of applications similar to those on desktop computer systems. Smartphone applications using augmented reality (AR) technology make use of users' location information. As AR applications will require new evaluation methods, improved usability and user convenience should be developed. The purpose of the current study is to develop usability principles for the development and evaluation of smartphone applications using AR technology. We develop usability principles for smartphone AR applications by analyzing existing research about heuristic evaluation methods, design principles for AR systems, guidelines for handheld mobile device interfaces, and usability principles for the tangible user interface. We conducted a heuristic evaluation for three popularly used smartphone AR applications to identify usability problems. We suggested new design guidelines to solve the identified problems. Then, we developed an improved AR application prototype of an Android-based smartphone, which later was conducted a usability testing to validate the effects of usability principles.     

Capacity bounds of deployment concepts for Wireless Mesh Networks

Local area wireless networks are like cellular systems: Stations associate to one out of several access points (APs), which connect to a wired backbone. Due to signal attenuation and transmission power limitations, radio connectivity is available only sufficiently close to an AP. In scenarios with a dense deployment of APs the wired backbone causes unprofitably high costs.A Wireless Mesh Network (WMN) serves to extend the coverage of APs by means of Mesh Points (MPs) that forward data between a station and an AP. This concept reduces deployment costs, but reduces also network capacity, owing to multiple transmissions of the same data packet on its multi-hop route.This paper analyzes how the capacity of cost-limited WMNs can be optimized. A layered model of a WMN specifying the typical characteristics of the network is used to calculate the upper capacity bound. Based on the heuristics developed, networks of more than 150 nodes (APs, MPs and stations) can be handled.We apply the method to investigate the combination of three measures for improving the WMN capacity: (i) concurrent scheduling of transmissions, (ii) application of directional antennas and (iii) variable number of MPs per AP. The capacity bounds for different combinations of the measures mentioned is computed and compared. Combined with a simple cost model, these results are useful to provide insight into the economical feasibility of WMNs for wireless Internet access.