Previous month Previous day Next day Next month
By Year By Month By Week Today Search Jump to month

User Mobility Patterns: A Gold Mine for Intrusion Detection of Mobile Devices

Download as iCal file
Wednesday, 4. June 2014, 10:00 - 11:00
Category: Lectures & Presentations | created by This email address is being protected from spambots. You need JavaScript enabled to view it.

Prof. Peter Scheuermann, Department of Electrical Engineering and Computer Science, Northwestern University, USA and visiting professor at SBA Research gives a talk about “User Mobility Patterns: A Gold Mine for Intrusion Detection of Mobile Devices”.

Abstract: Theft of confidential data by unauthorized users accounts for much of the financial losses due to computer crime. However, most user authentication techniques for portable computers require explicit authentication. In the first part of this talk, we present an implicit re-authentication schemes for portable devices that monitors the user specific patterns based on file system and network activities. The various parameters relevant to these activities are mapped into a multidimensional vector space and a k-means clustering algorithm is used to construct a normal user model. Intruders are detected by measuring the distance between two distribution vectors.

While the above activities are useful for some types of devices, smart phones enable us to track the user behavior by observing spatio-temporal patterns. In the second part of our talk we present two statistical profiling techniques that allow us to detect anomalies corresponding to intruder patterns. Our techniques fall in the category of non-parametric collective detection anomaly models. Probabilities are extracted from the traces and anomalies correspond to a low probability region of the stochastic model. The first technique takes into account the location-in –time of users and computes the cumulative probabilities of trace samples. The second, considers also the transition probabilities between locations to construct the Markov sequence probabilities of trace samples. We present the results of our experimental evaluation based on the Reality Mining and Geolife data sets that show that our system is capable of detecting a potential intruder with 90-95 % accuracy.

Location SBA Research
Contact Edgar Weippl