Abstract
Smartphones store a plenitude of sensitive data. This data together with high values of smartphones make them an attractive target for physical theft. Clearly, the device owner would like to regain the device in such a case. Also, the information should be protected from illegitimate access.
In this paper, we present the first anti-theft solution that effectively handles these issues. Our proposal is based on a novel concept of an anti-theft honeypot account that protects the owner’s data while preventing a thief from resetting the device. Thus, a stolen device can be regained by the device owner with high probability, while information leakage to the thief is prevented. We implemented the proposed scheme and evaluated it through an empirical user study with 35 participants. In this study, the owner’s data could be protected, recovered, and anti-theft functionality could be performed unnoticed from the thief in all cases.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
/frameworks/base/core/java/android/os/RecoverySystem.java .
- 3.
/frameworks/base/services/core/java/com/android/server/RecoverySystemService.java.
- 4.
/bootable/recovery/device.cpp, /bootable/recovery/recovery.cpp.
- 5.
/packages/apps/Launcher2/src/com/android/launcher2/AllAppsList.java, /packages/apps/Settings/src/com/android/settings/applications/ManageApplications.java.
References
Al Rassan, I., Al Sheikh, M.A.: Securing application in mobile computing. Int. J. Inf. Electron. Eng. 3(5), 544 (2013)
Apple: Find my iPhone, iPad, iPod touch, or Mac. www.apple.com/support/icloud/find-my-device/
Avast: Avast free mobile security, June 2017. http://www.avast.com/en-us/free-mobile-security
Cannon, T., Bradford, S.: Into the droid: gaining access to Android user data. In: DefCon Hacking Conference (DefCon 2012), Las Vegas, Nevada, USA (2012)
Chouhan, J.G., Singh, N.K., Modi, P.S., Jani, K.A., Joshi, B.N., et al.: Camera and voice control based location services and information security on Android. J. Inf. Secur. 7(03), 195 (2016)
CNBC: CNBC study. http://www.cnbc.com/2014/04/26/most-americans-dont-secure-their-smartphones.html
Google: Android device manager, June 2017. https://www.google.com/android/devicemanager
Google: Android device protection, June 2017. https://support.google.com/nexus/answer/6172890
Google: Android internals, February 2017. https://source.android.com/source/index.html
Google: Android open source project, June 2017. https://source.android.com
Google: Android OS version usages, January 2017. https://developer.android.com/about/dashboards/index.html
Google: Android version usage, 6 July 2017. https://developer.android.com/about/dashboards/index.html
IDC: Worldwide smartphone OS market share, November 2016. http://www.idc.com/promo/smartphone-market-share/os;jsessionid=6A0934D1434A49DBFFE74D63DA2C595B
Insider, B.: IDG research, May 2014. http://www.businessinsider.com/smartphone-theft-statistics-2014-5?IR=T
Kuppusamy, K.S., Senthilraja, R., Aghila, G.: A model for remote access and protection of smartphones using short message service. arXiv preprint arXiv:1203.3431 (2012)
Ossmann, M., Osborn, K.: Multiplexed wired attack surfaces. In: BlackHat USA (2013)
Reports, C.: Consumer reports, May 2014. http://www.consumerreports.org/cro/news/2014/04/smart-phone-thefts-rose-to-3-1-million-last-year/index.htm
Ruddock, D.: Anti-theft. http://www.androidpolice.com/2015/03/12/guide-what-is-android-5-1s-antitheft-device-protection-feature-and-how-do-i-use-it/
Schneider, D.M.: iMobileSitter, March 2014. http://www.imobilesitter.com/
Shetty, A.: Mobile anti theft system (MATS) (2012)
Dhanu, S., Shaikh, A., Barshe, S.: Anti-theft application for Android based devices. Int. J. Adv. Res. Comput. Commun. Eng. (2016)
Simon, L., Anderson, R.: Security analysis of consumer-grade anti-theft solutions provided by Android mobile anti-virus apps. In: 4th Mobile Security Technologies Workshop (MoST). Citeseer (2015)
Srinivasan, A., Wu, J.: SafeCode – safeguarding security and privacy of user data on stolen iOS devices. In: Xiang, Y., Lopez, J., Kuo, C.-C.J., Zhou, W. (eds.) CSS 2012. LNCS, vol. 7672, pp. 11–20. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-35362-8_2
Symantec: Norton mobile security. https://us.norton.com/anti-theft/
Tang, Y., Ames, P., Bhamidipati, S., Bijlani, A., Geambasu, R., Sarda, N.: CleanOS: limiting mobile data exposure with idle eviction. In: Presented as part of the 10th USENIX Symposium on Operating Systems Design and Implementation (OSDI 12), pp. 77–91 (2012)
Whitwam, R.: Anti-theft (2015). http://www.greenbot.com/article/2904397/everything-you-need-to-know-about-device-protection-in-android-51.html
Yu, X., Wang, Z., Sun, K., Zhu, W.T., Gao, N., Jing, J.: Remotely wiping sensitive data on stolen smartphones. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, pp. 537–542. ACM (2014)
Acknowledgements
This work was supported by the German Federal Ministry of Education and Research (BMBF) through the project SmartPriv (16KIS0760).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Groß, S., Tiwari, A., Hammer, C. (2018). ThiefTrap – An Anti-theft Framework for Android. In: Lin, X., Ghorbani, A., Ren, K., Zhu, S., Zhang, A. (eds) Security and Privacy in Communication Networks. SecureComm 2017. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 238. Springer, Cham. https://doi.org/10.1007/978-3-319-78813-5_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-78813-5_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-78812-8
Online ISBN: 978-3-319-78813-5
eBook Packages: Computer ScienceComputer Science (R0)