Date Awarded

Fall 2016

Document Type


Degree Name

Doctor of Philosophy (Ph.D.)


Computer Science


Qun Li

Committee Member

Weizhen Mao

Committee Member

Denys Poshyvanyk

Committee Member

Haining Wang

Committee Member

Mark Hinders


We live in a world where mobile devices are already ubiquitous. It is estimated that in the United States approximately two thirds of adults own a smartphone, and that for many, these devices are their primary method of accessing the Internet. World wide, it is estimated that in May of 2014 there were 6.9 billion mobile cellular subscriptions, almost as much as the world population. of these 6.9 billion, approximately 1 billion are smart devices, which are concentrated in the developed world. In the developing world, users are moving from feature phones to smart devices as a result of lower prices and marketing efforts. Because smart mobile devices are ubiquitous, security and privacy are primary concerns. Threats such as mobile malware are already substantial, with over 2500 different types identified in 2010 alone. It is likely that, as the smart device market continues to grow, so to will concerns about privacy, security, and malicious software. This is especially true, because these mobile devices are relatively new. Our research focuses on increasing the security and privacy of user data on smart mobile devices. We propose three applications in this domain: (1) a service that provides private, mobile location sharing; (2) a secure, intuitive proximity networking solution; and (3) a potential attack vector in mobile devices, which utilizes novel covert channels. We also propose a first step defense mechanism against these covert channels. Our first project is the design and implementation of a service, which provides users with private and secure location sharing. This is useful for a variety of applications such as online dating, taxi cab services, and social networking. Our service allows users to share their location with one another with trust and location based access controls. We allow users to identify if they are within a certain distance of one another, without either party revealing their location to one another, or any third party. We design this service to be practical and efficient, requiring no changes to the cellular infrastructure and no explicit encryption key management for the users. For our second application, we build a modem, which enables users to share relatively small pieces of information with those that are near by, also known as proximity based networking. Currently there are several mediums which can be used to achieve proximity networking such as NFC, bluetooth, and WiFi direct. Unfortunately, these currently available schemes suffer from a variety of drawbacks including slow adoption by mobile device hardware manufactures, relatively poor usability, and wide range, omni-directional propagation. We propose a new scheme, which utilizes ultrasonic (high frequency) audio on typical smart mobile devices, as a method of communication between proximal devices. Because mobile devices already carry the necessary hardware for ultrasound, adoption is much easier. Additionally, ultrasound has a limited and highly intuitive propagation pattern because it is highly directional, and can be easily controlled using the volume controls on the devices. Our ultrasound modem is fast, achieving several thousand bits per second throughput, non-intrusive because it is inaudible, and secure, requiring attackers with normal hardware to be less than or equal to the distance between the sender and receiver (a few centimeters in our tests). Our third work exposes a novel attack vector utilizing physical media covert channels on smart devices, in conjunction with privilege escalation and confused deputy attacks. This ultimately results in information leakage attacks, which allow the attacker to gain access to sensitive information stored on a user's smart mobile device such as their location, passwords, emails, SMS messages and more. Our attack uses our novel physical media covert channels to launder sensitive information, thereby circumventing state of the art, taint-tracking analysis based defenses and, at the same time, the current, widely deployed permission systems employed by mobile operating systems. We propose and implement a variety of physical media covert channels, which demonstrate different strengths such as high speed, low error rate, and stealth. By proposing several different channels, we make defense of such an attack much more difficult. Despite the challenging situation, in this work we also propose a novel defense technique as a first step towards research on more robust approaches. as a contribution to the field, we present these three systems, which together enrich the smart mobile experience, while providing mobile security and keeping privacy in mind. Our third approach specifically, presents a unique attack, which has not been seen "in the wild", in an effort to keep ahead of malicious efforts.




© The Author