ConXsense - Automated Context Classification for Context-Aware Access Control

We present ConXsense, the first framework for context-aware access control on mobile devices based on context classification. Previous context-aware access control systems often require users to laboriously specify detailed policies or they rely on pre-defined policies not adequately reflecting the true preferences of users. We present the design and implementation of a context-aware framework that uses a probabilistic approach to overcome these deficiencies. The framework utilizes context sensing and machine learning to automatically classify contexts according to their security and privacy-related properties. We apply the framework to two important smartphone-related use cases: protection against device misuse using a dynamic device lock and protection against sensory malware. We ground our analysis on a sociological survey examining the perceptions and concerns of users related to contextual smartphone security and analyze the effectiveness of our approach with real-world context data. We also demonstrate the integration of our framework with the FlaskDroid architecture for fine-grained access control enforcement on the Android platform.Comment: Recipient of the Best Paper Awar

Keeping Context In Mind: Automating Mobile App Access Control with User Interface Inspection

Recent studies observe that app foreground is the most striking component that influences the access control decisions in mobile platform, as users tend to deny permission requests lacking visible evidence. However, none of the existing permission models provides a systematic approach that can automatically answer the question: Is the resource access indicated by app foreground? In this work, we present the design, implementation, and evaluation of COSMOS, a context-aware mediation system that bridges the semantic gap between foreground interaction and background access, in order to protect system integrity and user privacy. Specifically, COSMOS learns from a large set of apps with similar functionalities and user interfaces to construct generic models that detect the outliers at runtime. It can be further customized to satisfy specific user privacy preference by continuously evolving with user decisions. Experiments show that COSMOS achieves both high precision and high recall in detecting malicious requests. We also demonstrate the effectiveness of COSMOS in capturing specific user preferences using the decisions collected from 24 users and illustrate that COSMOS can be easily deployed on smartphones as a real-time guard with a very low performance overhead.Comment: Accepted for publication in IEEE INFOCOM'201

PlaceAvoider: Steering First-Person Cameras away from Sensitive Spaces

Abstract—Cameras are now commonplace in our social and computing landscapes and embedded into consumer devices like smartphones and tablets. A new generation of wearable devices (such as Google Glass) will soon make ‘first-person ’ cameras nearly ubiquitous, capturing vast amounts of imagery without deliberate human action. ‘Lifelogging ’ devices and applications will record and share images from people’s daily lives with their social networks. These devices that automatically capture images in the background raise serious privacy concerns, since they are likely to capture deeply private information. Users of these devices need ways to identify and prevent the sharing of sensitive images. As a first step, we introduce PlaceAvoider, a technique for owners of first-person cameras to ‘blacklist ’ sensitive spaces (like bathrooms and bedrooms). PlaceAvoider recognizes images captured in these spaces and flags them for review before the images are made available to applications. PlaceAvoider performs novel image analysis using both fine-grained image features (like specific objects) and coarse-grained, scene-level features (like colors and textures) to classify where a photo was taken. PlaceAvoider combines these features in a probabilistic framework that jointly labels streams of images in order to improve accuracy. We test the technique on five realistic first-person image datasets and show it is robust to blurriness, motion, and occlusion. I

Use of nonintrusive sensor-based information and communication technology for real-world evidence for clinical trials in dementia

Cognitive function is an important end point of treatments in dementia clinical trials. Measuring cognitive function by standardized tests, however, is biased toward highly constrained environments (such as hospitals) in selected samples. Patient-powered real-world evidence using information and communication technology devices, including environmental and wearable sensors, may help to overcome these limitations. This position paper describes current and novel information and communication technology devices and algorithms to monitor behavior and function in people with prodromal and manifest stages of dementia continuously, and discusses clinical, technological, ethical, regulatory, and user-centered requirements for collecting real-world evidence in future randomized controlled trials. Challenges of data safety, quality, and privacy and regulatory requirements need to be addressed by future smart sensor technologies. When these requirements are satisfied, these technologies will provide access to truly user relevant outcomes and broader cohorts of participants than currently sampled in clinical trials

eXCloud: Transparent runtime support for scaling mobile applications in cloud

Cloud computing augments applications with ease-of-access to the enormous resources on the Internet. Combined with mobile computing technologies, mobile applications can exploit the Cloud everywhere by statically distributing code segments or dynamically migrating running processes onto cloud services. Existing migration techniques are however too coarse-grained for mobile devices, so the overheads often offset the benefits of migration. To build a truly elastic mobile cloud computing infrastructure, we introduce eXCloud (eXtensible Cloud) - a middleware system with multi-level mobility support, ranging from as coarse as a VM instance to as fine as a runtime stack frame, and allows resources to be integrated and used dynamically. In eXCloud, a stack-on-demand (SOD) approach is used to support computation mobility throughout the mobile cloud environment. The approach is fully adaptive, goal-driven and transparent. By downward task migration, applications running on the cloud nodes can exploit or take control of special resources in mobile devices such as GPS and cameras. With a restorable MPI layer, task migrations of MPI parallel programs can happen between cloud nodes or be initiated from a mobile device. Our evaluation shows that SOD outperforms several existing migration mechanisms in terms of migration overhead and latency. All our techniques result in better resource utilization through task migrations among cloud nodes and mobile nodes.published_or_final_versionThe 2011 International Conference on Cloud and Service Computing (CSC), Hong Kong, China, 12-14 December 2011. In Proceedings of CSC, 2011, p. 103-11

Towards sustainable transport: wireless detection of passenger trips on public transport buses

An important problem in creating efficient public transport is obtaining data about the set of trips that passengers make, usually referred to as an Origin/Destination (OD) matrix. Obtaining this data is problematic and expensive in general, especially in the case of buses because on-board ticketing systems do not record where and when passengers get off a bus. In this paper we describe a novel and inexpensive system that uses off-the-shelf Bluetooth hardware to accurately record passenger journeys. Here we show how our system can be used to derive passenger OD matrices, and additionally we show how our data can be used to further improve public transport services.Comment: 13 pages, 4 figures, 1 tabl