Purdue University Graduate School
Browse
Differentiating_Users_Final_ekatz.pdf (5.94 MB)

Differentiating Users Based on Changes in the Underlying Block Space of Their Smartphones

Download (5.94 MB)
thesis
posted on 2020-05-06, 19:27 authored by Eric D KatzEric D Katz
With the growing popularity of using smartphones in business environments, it is increasingly likely that phones will be the target of attacks and sources of evidence in cyber forensic investigations. It will often be important to identify who was using the phone at the time an incident occurred. This can be very difficult as phones are easily misplaced, borrowed, or stolen. Previous research has attempted to find ways to identify computer users based on behavioral analysis. Current research into user profiling requires highly invasive examinations of potentially sensitive user data that the user might not be comfortable with people inspecting or could be against company policy to store. This study developed user profiles based on changes in a mobile phone's underlying block structure. By examining where and when changes occur, a user profile can be developed that is comparable to more traditional intrusion detection models, but without the need to use invasive data sets. These profiles can then be used to determine user masquerading efforts or detect when a compromise has occurred. This study included 35 participants that used Samsung Galaxy S3s for three months. The results of the study show that this method has a high accuracy of classifying a phone's actual sessions correctly when using 2-class models. Results from the 1-class models were not as accurate, but the Sigmoid SVM was able to correctly classify actual user sessions from attack sessions.

History

Degree Type

  • Doctor of Philosophy

Department

  • Computer and Information Technology

Campus location

  • West Lafayette

Advisor/Supervisor/Committee Chair

Dr. Marcus Rogers

Additional Committee Member 2

Dr. Eric Dietz

Additional Committee Member 3

Dr. Jay Doyle

Additional Committee Member 4

Dr. John Springer

Usage metrics

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC