MOBILE SECURITY AND PRIVACY MOBILE SECURITY AND PRIVACY Advances, Challenges and Future Research Directions Edited by Man Ho Au Kim-Kwang Raymond Choo Gary Kessler, Technical Editor AMSTERDAM • BOSTON • HEIDELBERG • LONDON NEW YORK • OXFORD • PARIS • SAN DIEGO SAN FRANCISCO • SINGAPORE • SYDNEY • TOKYO Syngress is an Imprint of Elsevier Syngress is an imprint of Elsevier 50 Hampshire Street, 5th Floor, Cambridge, MA 02139, United States © 2017 Elsevier Inc. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publisher’s permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions. This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein). Notices Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods, professional practices, or medical treatment may become necessary. Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information, methods, compounds, or experiments described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility. To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein. Library of Congress Cataloging-in-Publication Data A catalog record for this book is available from the Library of Congress British Library Cataloguing-in-Publication Data A catalogue record for this book is available from the British Library ISBN: 978-0-12-804629-6 For information on all Syngress publications visit our website at https://www.elsevier.com/ Publisher: Todd Green Acquisition Editor: Chris Katsaropoulos Editorial Project Manager: Anna Valutkevich Production Project Manager: Punithavathy Govindaradjane Cover Designer: Mark Rogers Typeset by SPi Global, India Contributors M.H. Au The Hong Kong Polytechnic Univer- D.Y.W. Liu The Hong Kong Polytechnic Uni- sity, Kowloon, Hong Kong versity, Kowloon, Hong Kong C. Chia University of Melbourne, Melbourne, L. Lo Iacono Cologne University of Applied Sci- VIC, Australia ences, Cologne, Germany K.-K.R. Choo University of Texas at San X. Lu The Hong Kong Polytechnic University, Antonio, San Antonio, TX, United States; Uni- Kowloon, Hong Kong versity of South Australia, Adelaide, SA, X.P. Luo The Hong Kong Polytechnic Univer- Australia sity, Kowloon, Hong Kong K.-P. Chow The University of Hong Kong, Y. Mohanraj Chennai, TN, India HKSAR, China H.V. Nguyen Cologne University of Applied J. Fang Jinan University, Guangzhou, China Sciences, Cologne, Germany D. Fehrenbacher Monash University, Melbourne, F. Schiliro University of South Australia, VIC, Australia Adelaide, SA, Australia F. Hayata University of Ngaoundéré, Ngaoundéré, F. Tchakounté University of Ngaoundéré, Cameroon Ngaoundéré, Cameroon L.C.K. Hui The University of Hong Kong, S. Tully Sydney, NSW, Australia HKSAR, China J. Walls University of South Australia, Z.L. Jiang Harbin Institute of Technology Shen- Adelaide, SA, Australia zhen Graduate School, Shenzhen, China Y. Xie Xiamen University, Fujian, China L. Lau Asia Pacific Association of Technology G.Z. Xue Xiamen University, Fujian, China and Society (APATAS), Hong Kong Special Administrative Region S.-M. Yiu The University of Hong Kong, HKSAR, China X. Li Chinese Academy of Sciences, Beijing, China L. Yu The Hong Kong Polytechnic University, Kowloon, Hong Kong S. Li Jinan University, Guangzhou, China vii About the Editors Man Ho Allen Au received bachelor's of the Journal of Information Security and and master's degrees from the Department Applications, Elsevier. He has served as a of Information Engineering, Chinese guest editor for various journals including University of Hong Kong, in 2003 and 2005 Future Generation Computer Systems, Elsevier, respectively, and a PhD from the University and Concurrency and Computation: Practice of Wollongong, Australia, in 2009. Currently, and Experience, Wiley. he is an assistant professor at the Dept. Kim-Kwang Raymond Choo currently of Computing, Hong Kong Polytechnic holds the Cloud Technology Endowed University. Before moving to Hong Kong Professorship at the University of Texas at in Jul. 2014, he was been a lecturer at the San Antonio, and is an associate professor School of Computer Science and Software at the University of South Australia, and Engineering, University of Wollongong, a guest professor at the China University Australia. of Geosciences. He has been an invited Dr. Au's research interests include in- speaker for a number of events, such as the formation security and privacy, applied 2011 UNODC-ITU Asia-Pacific Regional cryptography, accountable anonymity, and Workshop on Fighting Cybercrime, cloud computing. He has published over the Korean (Government) Institute of 90 papers in those areas in journals such as Criminology (2013), the UNAFEI and IEEE Transactions on Information Forensics UAE Government conference in 2014, and and Security, IEEE Transactions on Knowledge the World Internet Conference (Wuzhen and Data Engineering, ACM Transaction on Summit) in 2014, jointly organized by Information and System Security and interna- the Cyberspace Administration of China tional conferences including the Network and the People's Government of Zhejiang and Distributed System Security Symposium Province. He has also been a Keynote/ (NDSS) and the ACM Conference on Plenary Speaker at conferences, such as Computer and Communications Security the SERENE-RISC Spring 2016 Workshop, (CCS). His work has received various awards, the IEEE International Conference on Data including the ACISP 2016 Best Paper Award Science and Data Intensive Systems (DSDIS and runner-up for a PET award in 2009 for 2015), and those organized by Infocomm Outstanding Research in Privacy Enhancing Development Authority of Singapore, Technologies. A*Star, Nanyang Technological University, He has served as a program committee Singapore Management University member for over 30 international confer- (2015), the Cloud Security Alliance New ences and workshops. He is also a program Zealand (2015), CSO Australia and Trend committee co-chair of the 8th International Micro (2015), the Anti-Phishing Working Conference on Network and System Security Group (2014), the National Taiwan and the 9th International Conference on University of Science and Technology (2014), Provable Security. He is an associate editor the Asia Pacific University of Technology & ix x ABOUT THE EDITORS Innovation (Malaysia; 2014), the Nanyang various awards, including the ESORICS Technological University (Singapore; 2011), 2015 Best Research Paper Award, the Highly and National Chiayi University (Taiwan; Commended Award from Australia New 2010), and he has been an Invited Expert Zealand Policing Advisory Agency in 2014, at UNAFEI Criminal Justice Training in a Fulbright Scholarship in 2009, a British 2015, at the INTERPOL Cyber Research Computer Society's Wilkes Award in 2008, Agenda Workshop 2015, and at the Taiwan and the 2008 Australia Day Achievement Ministry of Justice Investigation Bureau's Medallion, and was on the winning team 2015 International Symposium on Regional in Germany's University of Erlangen- Security and Transnational Crimes. He was Nuremberg (FAU) Digital Forensics Research named one of the 10 Emerging Leaders in Challenge in 2015. He is also a Fellow of the the Innovation category of The Weekend Australian Computer Society, and a senior Australian Magazine/Microsoft's Next member of the IEEE. 100 series in 2009, and is the recipient of CHAPTER 1 Mobile Security and Privacy M.H. Au*, K.-K.R. Choo†,‡ *The Hong Kong Polytechnic University, Kowloon, Hong Kong †University of Texas at San Antonio, San Antonio, TX, United States ‡University of South Australia, Adelaide, SA, Australia 1 INTRODUCTION Security and privacy are highly dynamic and fast-paced research areas due to rapid tech- nological advancements. Mobile security and privacy are no exception. For example, 10 or 15 years ago, research in mobile security was mainly concerned about securing the Global System for Mobile Communications (GSM) network and communications (Jøsang and Sanderud, 2003). Since mobile phones become user programmable (i.e., the device supports third-party software), the scope for security and privacy research extends to studying the security of such third-party software and associated privacy risks (La Polla et al., 2013) (e.g., whether third-party software will result in the leakage of user data). It is also in the user's interest to ensure both confidentiality and integrity of the data that is stored on and made accessible via these devices. This is the focus of this book. Specifically, in this book, we will be presenting the state-of-the-art advances
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages264 Page
-
File Size-