dc.description.abstract |
In recent years, smartphones have become inseparable components of people's daily life. However, the great popularity of smartphones causes some security problems. For example, users may store their contact lists, passwords and other credentials in their smartphones. In addition to various features, smartphones also have various motion sensors like accelerometer and gyroscope. Therefore, number of malwares focused on smartphones goes up while capabilities of smartphones increase. It is well-known fact that Android has gained great popularity in smartphone technology and it is leader of smartphone market. This unluckily leads attackers to the Android platform. There are various malwares targeting Android smartphones like premium-SMS malwares. Since users intensely use touchscreen of their smartphones, attackers are highly interested in touchscreen nowadays. Furthermore, attackers use motion sensors as a side-channel information to obtain user's private data. There are several studies in the literature which show how motion sensors can be used as a side-channel. In this thesis, we rstly investigate malwares targeting Android smartphones, analyse their behavior and motivations. Then, we show that accelerometer sensor data can be used to infer user's input on touchscreen. We handle available studies in this area and propose new feature set for PIN inference by using accelerometer data. We considerably reduce the number of feature vectors while slightly improve the accuracy rate in PIN inference. Another important contribution of the thesis is to determine user's age interval by using accelerometer sensor as a side-channel. We show that by analyzing user's tap event on the touchscreen we can determine whether the user is child or adult. This is actually our great contribution to the literature because this information may give attackers extra avenues for their malicious acitivities. |
|