Security analysis of mobile crowd sensing applications

Owoh, Nsikak Pius; Singh, Manmeet

doi:10.1016/j.aci.2018.10.002

Cited by 18 publications

(13 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, the combination of two or more permissions sequent of Normal or Dangerous can become high risk and expose users’ privacy. For instance, if a user downloads Whatsapp, which requires the normal permission for internet access and changing audio settings, using fingerprint hardware, taking photos, reading contacts, and accessing precise location can put users at risk because the accessed data are unencrypted and can be seen in clear text that lead to data leakage [ 21 ].…”

Section: Literature Reviewmentioning

confidence: 99%

A Privacy Preservation Quality of Service (QoS) Model for Data Exposure in Android Smartphone Usage

Bakar

Singh

Shariff

2021

Sensors

View full text Add to dashboard Cite

An Android smartphone contains built-in and externally downloaded applications that are used for entertainment, finance, navigation, communication, health and fitness, and so on. The behaviour of granting permissions requested by apps might expose the Android smartphone user to privacy risks. The existing works lack a formalized mathematical model that can quantify user and system applications risks. No multifaceted data collector tool can also be used to monitor the collection of user data and the risk posed by each application. A benchmark of the risk level that alerts the user and distinguishes between acceptable and unacceptable risk levels in Android smartphone user does not exist. Hence, to address privacy risk, a formalized privacy model called PRiMo that uses a tree structure and calculus knowledge is proposed. An App-sensor Mobile Data Collector (AMoDaC) is developed and implemented in real life to analyse user data accessed by mobile applications through the permissions granted and the risks involved. A benchmark is proposed by comparing the proposed PRiMo outcome with the existing available testing metrics. The results show that Tools & Utility/Productivity applications posed the highest risk as compared to other categories of applications. Furthermore, 29 users faced low and acceptable risk, while two users faced medium risk. According to the benchmark proposed, users who faced risks below 25% are considered as safe. The effectiveness and accuracy of the proposed work is 96.8%.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

A Privacy Preservation Quality of Service (QoS) Model for Data Exposure in Android Smartphone Usage

Bakar

Singh

Shariff

2021

Sensors

View full text Add to dashboard Cite

show abstract

“…According to Ref. [32], ensuring privacy-preserving in MCS system encourages mobile users to use MCS system applications and participate in sensing and data collection. Therefore, a properly designed framework for privacy preservation must support the workers to flexibly adjust on all three aspects, so as to provide most suitable participation for every worker as this is a critical principle as MCS essentially rely on these workers for data collection.…”

Section: Privacy and Trust Managementmentioning

confidence: 99%

“…This method ensures that the participants do not submit falsified information into the system which will compromise the trustworthiness of the system, although it is seen as compromising the privacy of the users on the other hand. Therefore the MCS system is responsible for the access control, by giving the necessary rights to authorized users [32].…”

Section: ) Authenticationmentioning

confidence: 99%

Simulation of Trust-Based Mechanism for Enhancing User Confidence in Mobile Crowdsensing Systems

et al. 2020

View full text Add to dashboard Cite

With the rapid development of mobile technology and subsequent mass adoption of mobile devices, mobile crowdsensing (MCS) has gained a lot of research attention. In MCS systems, trust is a key focus in the overall improvement in the participant uptake of the sensing tasks. The trust-based scheme of MCS is studied to predict the damage level, the scores of quality-of-service (QoS), and the levels of qualityof-data (QoD) of MCS systems. Users can participate in MCS sensing based on trustworthy indicators that are related to user experience and system reputation, as well as the knowledge obtained about the MCS systems. This paper illustrates the establishment of user confidence during recruitment in MCS as it is very critical for the success of MCS systems and proposes a simulation trust-based mechanism (SiTBaM) approach. The level of MCS security is enhanced to protect the privacy of participants, so that participants can be assured that the MCS system they are working with during sensing moment is trustworthy. The application of SiTBaM in MCS is verified to yield better results as the simulations show that it offers higher QoS levels, QoD scores, as well as low damage levels in the presence of any task or many malicious users. These results were validated through comparisons with other schemes. INDEX TERMS Mobile crowdsensing, quality-of-data, quality-of-service, security, trust-based scheme.

show abstract

“…Mobile devices such as smartphones and tablets are quickly becoming the dominant devices for accessing Internet resources and has gained popularity with higher memory capacity, processor speed and battery life due to advancement in technology, making it suitable for mobile transactions [56,57]. Mobile phones are common in our society today due to its multi-purpose usage, the convenience and mobility advantages, ease of purchase and it is used for payment on the move; payment anywhere and anytime [5,37,40,44].…”

Section: Introductionmentioning

confidence: 99%

An Identity-Based Elliptic Curve Cryptography for Mobile Payment Security

et al. 2020

View full text Add to dashboard Cite

Security breaches have been observed in different dimensions in mobile payment system. The violation of user's privacy is a common phenomenon in mobile payment transactions. This study presents an improved security scheme for a mobile payment system using elliptic curve cryptography over a binary field with International Mobile Equipment Identity to ensure higher security. The scheme uses a payment gateway for registration and maps all input text to elliptic curve points using ASCII values. Payment details are stored on the gateway, which is encrypted but decrypted only with merchant's decryption key. The proposed scheme was evaluated in terms of key size, security strength, computational power, memory capacity, encryption and decryption time and mobile phone battery. The result shows that the scheme provides integrity, confidentiality and privacy. The result also shows that the proposed scheme is time-efficient and computationally inexpensive for resourceconstrained environment like mobile payment system.

show abstract

Security analysis of mobile crowd sensing applications

Cited by 18 publications

References 34 publications

A Privacy Preservation Quality of Service (QoS) Model for Data Exposure in Android Smartphone Usage

A Privacy Preservation Quality of Service (QoS) Model for Data Exposure in Android Smartphone Usage

Simulation of Trust-Based Mechanism for Enhancing User Confidence in Mobile Crowdsensing Systems

An Identity-Based Elliptic Curve Cryptography for Mobile Payment Security

Contact Info

Product

Resources

About