An Evaluation of Smartphone Resources Used by Web Advertisements

With the rapid advancement of mobile devices, people have become more attached to them than ever. This rapid growth combined with millions of applications (apps) make smartphones a favourite means of communication among users. In general, the available contents on smartphones, apps and the web, come into two versions: (i) free contents that are monetized via advertisements (ads), and (ii) paid ones that are monetized by user subscription fees. However, the resources (energy, bandwidth, processing power) on-board are limited, and the existence of ads in either websites or free apps can adversely impact these resources. These issues brought the need for good understanding of the mobile advertising eco-system and how such limited resources can be efficiently used. This thesis focuses on mobile web browsing. Surfing web-pages on smatphones is one of the most commonly used task among smartphone users. However, web-page complexity is increasing, especially when designed for desktop computers. On one hand, the existence of ads in web-pages is essential for publishers' monetization strategy. On the other hand, their existence in webpages leads to even higher complexity of the webpages. This complexity in the smartphone environment, where the battery and bandwidth resources are limited, is reflected in longer loading time, more energy consumed, and more bytes transferred. With this view, quantifying the energy consumption due to web ads in smartphones is essential for publishers to optimize their webpages, and for system designers to develop an energy-aware applications (browsers) and protocols. Apart from their energy impact, ads consume network bandwidth as well. Therefore, quantifying the bandwidth consumption due to downloading web ads is crucial to creating more energy and bandwidth aware applications. This thesis first classifies web content into: (i) core information, and (ii) forced ``unwanted" information, namely ads. Then, describes an approach that enables the separation of web content in a number of a websites. Having done so, the energy cost due to downloading, rendering, and displaying web ads over Wi-Fi and 3G networks is evaluated. That is, how much energy web ads contribute to the total consumed energy when a user accesses the web. Furthermore, the bandwidth consumed by web ads in a number of well-known websites is also evaluated. Motivated by our findings about ads' impact on the energy and bandwidth, the thesis proposes and implements a novel web-browsing technique that adapts the webpages delivered to smartphones, based on a smartphone's current battery level and the network type. Webpages are adapted by controlling the amount of ads to be displayed. Validation tests confirm that the system, in some cases, can extend smartphone battery life by up to ~ 30\% and save wireless bandwidth up to ~ 44\%

WebPro: A proxy-based approach for low latency web browsing on mobile devices

Abstract—To load a webpage, a web browser first downloads the base HTML file of the page in order to discover the list of objects referenced in the page. This process takes roughly one round-trip time and constitutes a significant portion of the web browsing delay on mobile devices as wireless networks suffer from longer transmission and access delays compared to wired networks. In this work, we propose a solution for eliminating this initial delay, which is transparent to end systems, does not require modifying HTTP, and is well suited for web browsing on mobile devices. Our solution, called WebPro, relies on a network proxy that builds an up-to-date database of resource lists for the websites visited frequently by network users. The proxy resides in the wired part of the network, and hence can afford to pro-actively build and refresh the resource list database periodically. When a request for a webpage comes to the proxy, it simultaneously fetches the base HTML and all referenced objects required to render the webpage using the corresponding resource list stored in the local database. We have built a working prototype of WebPro and have conducted live experiments over WiFi and LTE networks. Our results show an average of 26% reduction in page load time for a mix of popular web sites chosen from categories such as news, sports and shopping. Moreover, in comparison to another best known proxy-based solution, WebPro provides delay reductions ranging from 5 % to 51 % for a variety of web sites. Keywords—Web browsing, Mobile devices, Browsing delay

Predicting mobile application power consumption

We present an analysis of battery consumption to predict the average consumption rate of any given application. We explain the process and techniques used to gather the data, and present over 25000 readings collected over 3 months. We then use iterative proportional fitting to predict the consumptions rates, discuss the issues with the collected data, and highlight the attempts made to alleviate the problems. Lastly, we discuss the limitations and challenges of this approach, and suggest changes that may be required in order to produce more accurate results

A Mobile Secure Bluetooth-Enabled Cryptographic Provider

The use of digital X509v3 public key certificates, together with different standards for secure digital signatures are commonly adopted to establish authentication proofs between principals, applications and services. One of the robustness characteristics commonly associated with such mechanisms is the need of hardware-sealed cryptographic devices, such as Hardware-Security Modules (or HSMs), smart cards or hardware-enabled tokens or dongles. These devices support internal functions for management and storage of cryptographic keys, allowing the isolated execution of cryptographic operations, with the keys or related sensitive parameters never exposed. The portable devices most widely used are USB-tokens (or security dongles) and internal ships of smart cards (as it is also the case of citizen cards, banking cards or ticketing cards). More recently, a new generation of Bluetooth-enabled smart USB dongles appeared, also suitable to protect cryptographic operations and digital signatures for secure identity and payment applications. The common characteristic of such devices is to offer the required support to be used as secure cryptographic providers. Among the advantages of those portable cryptographic devices is also their portability and ubiquitous use, but, in consequence, they are also frequently forgotten or even lost. USB-enabled devices imply the need of readers, not always and not commonly available for generic smartphones or users working with computing devices. Also, wireless-devices can be specialized or require a development effort to be used as standard cryptographic providers. An alternative to mitigate such problems is the possible adoption of conventional Bluetooth-enabled smartphones, as ubiquitous cryptographic providers to be used, remotely, by client-side applications running in users’ devices, such as desktop or laptop computers. However, the use of smartphones for safe storage and management of private keys and sensitive parameters requires a careful analysis on the adversary model assumptions. The design options to implement a practical and secure smartphone-enabled cryptographic solution as a product, also requires the approach and the better use of the more interesting facilities provided by frameworks, programming environments and mobile operating systems services. In this dissertation we addressed the design, development and experimental evaluation of a secure mobile cryptographic provider, designed as a mobile service provided in a smartphone. The proposed solution is designed for Android-Based smartphones and supports on-demand Bluetooth-enabled cryptographic operations, including standard digital signatures. The addressed mobile cryptographic provider can be used by applications running on Windows-enabled computing devices, requesting digital signatures. The solution relies on the secure storage of private keys related to X509v3 public certificates and Android-based secure elements (SEs). With the materialized solution, an application running in a Windows computing device can request standard digital signatures of documents, transparently executed remotely by the smartphone regarded as a standard cryptographic provider

The Proceedings of 14th Australian Digital Forensics Conference, 5-6 December 2016, Edith Cowan University, Perth, Australia

Conference Foreword This is the fifth year that the Australian Digital Forensics Conference has been held under the banner of the Security Research Institute, which is in part due to the success of the security conference program at ECU. As with previous years, the conference continues to see a quality papers with a number from local and international authors. 11 papers were submitted and following a double blind peer review process, 8 were accepted for final presentation and publication. Conferences such as these are simply not possible without willing volunteers who follow through with the commitment they have initially made, and I would like to take this opportunity to thank the conference committee for their tireless efforts in this regard. These efforts have included but not been limited to the reviewing and editing of the conference papers, and helping with the planning, organisation and execution of the conference. Particular thanks go to those international reviewers who took the time to review papers for the conference, irrespective of the fact that they are unable to attend this year. To our sponsors and supporters a vote of thanks for both the financial and moral support provided to the conference. Finally, to the student volunteers and staff of the ECU Security Research Institute, your efforts as always are appreciated and invaluable. Yours sincerely, Conference Chair Professor Craig Valli Director, Security Research Institut

Providing efficient services for smartphone applications

Mobile applications are becoming an indispensable part of people\u27s lives, as they allow access to a broad range of services when users are on the go. We present our efforts towards enabling efficient mobile applications in smartphones. Our goal is to improve efficiency of the underlying services, which provide essential functionality to smartphone applications. In particular, we are interested in three fundamental services in smartphones: wireless communication service, power management service, and location reporting service.;For the wireless communication service, we focus on improving spectrum utilization efficiency for cognitive radio communications. We propose ETCH, a set of channel hopping based MAC layer protocols for communication rendezvous in cognitive radio communications. ETCH can fully utilize spectrum diversity in communication rendezvous by allowing all the rendezvous channels to be utilized at the same time.;For the power management service, we improve its efficiency from three different angles. The first angle is to reduce energy consumption of WiFi communications. We propose HoWiES, a system-for WiFi energy saving by utilizing low-power ZigBee radio. The second angle is to reduce energy consumption of web based smartphone applications. We propose CacheKeeper, which is a system-wide web caching service to eliminate unnecessary energy consumption caused by imperfect web caching in many smartphone applications. The third angle is from the perspective of smartphone CPUs. We found that existing CPU power models are ill-suited for modern multicore smartphone CPUs. We present a new approach of CPU power modeling for smartphones. This approach takes CPU idle power states into consideration, and can significantly improve power estimation accuracy and stability for multicore smartphones.;For the location reporting service, we aim to design an efficient location proof solution for mobile location based applications. We propose VProof, a lightweight and privacy-preserving location proof scheme that allows users to construct location proofs by simply extracting unforgeable information from the received packets

Privacy-preserving controls for sharing mHealth data

Mobile devices allow people to collect and share health and health-related information with recipients such as health providers, family and friends, employers and insurance companies, to obtain health, emotional or financial benefits. People may consider certain health information sensitive and prefer to disclose only what is necessary. In this dissertation, we present our findings about factors that affect people’s sharing behavior, describe scenarios in which people may wish to collect and share their personal health-related information with others, but may be hesitant to disclose the information if necessary controls are not available to protect their privacy, and propose frameworks to provide the desired privacy controls. We introduce the concept of close encounters that allow users to share data with other people who may have been in spatio-temporal proximity. We developed two smartphone-based systems that leverage stationary sensors and beacons to determine whether users are in spatio-temporal proximity. The first system, ENACT, allows patients diagnosed with a contagious airborne disease to alert others retrospectively about their possible exposure to airborne virus. The second system, SPICE, allows users to collect sensor information, retrospectively, from others with whom they shared a close encounter. We present design and implementation of the two systems, analyse their security and privacy guarantees, and evaluate the systems on various performance metrics. Finally, we evaluate how Bluetooth beacons and Wi-Fi access points can be used in support of these systems for close encounters, and present our experiences and findings from a deployment study on Dartmouth campus

Web Content Delivery Optimization

Milliseconds matters, when they’re counted. If we consider the life of the universe into one single year, then on 31 December at 11:59:59.5 PM, “speed” was transportation’s concern, and now after 500 milliseconds it is web’s, and no one knows whose concern it would be in coming milliseconds, but at this very moment; this thesis proposes an optimization method, mainly for content delivery on slow connections. The method utilizes a proxy as a middle box to fetch the content; requested by a client, from a single or multiple web servers, and bundles all of the fetched image content types that fits into the bundling policy; inside a JavaScript file in Base64 format. This optimization method reduces the number of HTTP requests between the client and multiple web servers as a result of its proposed bundling solution, and at the same time optimizes the HTTP compression efficiency as a result of its proposed method of aggregative textual content compression. Page loading time results of the test web pages; which were specially designed and developed to capture the optimum benefits of the proposed method; proved up to 81% faster page loading time for all connection types. However, other tests in non-optimal situations such as webpages which use “Lazy Loading” techniques, showed just 35% to 50% benefits, that is only achievable on 2G and 3G connections (0.2 Mbps – 15 Mbps downlink) and not faster connections