Data Service Analysis, Threats and Countermeasures in Wireless Mobile Environments

Open Access
- Author:
- Zhu, Zhichao
- Graduate Program:
- Computer Science and Engineering
- Degree:
- Doctor of Philosophy
- Document Type:
- Dissertation
- Date of Defense:
- February 01, 2012
- Committee Members:
- Guohong Cao, Committee Chair/Co-Chair
Peng Liu, Committee Member
Sencun Zhu, Committee Member
Aylin Yener, Committee Member - Keywords:
- 3G
Data Mining
Mobile Worms
Social Network
Location Proof
Location Privacy - Abstract:
- With the rapid growing of smart mobile devices and the advent of wireless technology, emerging wireless mobile networks have become more and more popular. As one of the largest wireless access networks, the third-generation (3G) network has been largely deployed to cope with the increasing demand of wireless data services. One of the most popular data services, location-based service (LBS), is also booming as the mobile localization technology becomes available on most mobile devices. However, little is known from a network perspective about how these networks are used or how well these networks are performing. These wireless access environments are facing a variety of security and privacy threats, especially when their data access behavior remains unclear. For example, recent cellular phone networks have begun allowing third-party applications to run over certain open-API phone operating systems, such as Windows Mobile, iPhone, and Google's Android platforms. With this increased openness, the fear of rogue programs written to propagate from one phone to another becomes even more real. Moreover, today's location-sensitive services rely on a user's mobile device to determine its location and use this location for all the services. This approach allows the user to cheat by having his device transmit a fake location, which might enable the user to access a restricted resource erroneously or provide bogus alibis. This dissertation explores several issues in the wireless mobile environments, from data access, data (worm) propagation, location data proof and privacy points of view respectively, and proposes innovative solutions to address these problems. First, we present an analysis of data services based on a nationwide 3G network trace collected by one of the largest cellular network service providers in U.S. Our work differentiates itself from previous studies by examining data service usage patterns and user mobility patterns from various dimensions, including applications, user roles, device types, and diurnal characteristics. As a unique data service in 3G networks, Multimedia Messaging Service (MMS) is studied in detail from various perspectives, such as message size, attachment type, message waiting time, etc. We look into network failures and study how these failures affect local and roaming users. We also discuss frequent registration failures and MMS failures to better understand how the network performs. Our results either verify some of the speculations in previous observations or reveal key areas for further research. These results are important to cellular network operators and protocol designers who can use them to improve network performance and user satisfaction. Second, we propose a counter mechanism to contain the propagation of a mobile worm at the earliest stage by patching an optimal set of selected phones. The counter mechanism continually extracts a social-relationship graph between mobile phones via an analysis of the network traffic. As people are more likely to open and download messages received from friends, this social-relationship graph represents the potential propagation path of a mobile worm. The counter mechanism partitions the social-relationship graph via two different algorithms, balanced and clustered partitioning, and selects an optimal set of phones to be patched first because they have the capability to infect the highest number of other phones. The performance of these partitioning algorithms is compared against a benchmark random-partitioning scheme. Through extensive trace-driven experiments, using real IP-packet traces from one of the largest cellular networks in the U.S., we demonstrate the efficacy of our proposed counter mechanism in containing mobile worms. Third, we propose A Privacy-Preserving Location Proof Updating System (APPLAUS) in which co-located Bluetooth-enabled mobile devices mutually generate location proofs and send updates to a location-proof server. Periodically changed pseudonyms are used by mobile devices to protect source-location privacy from other devices, and from untrusted location-proof servers. We also develop a user-centric location-privacy model in which individual users evaluate their location-privacy levels and decide whether and when to accept the location-proof requests. In order to defend against colluding attacks, we also present betweenness-ranking-based and correlation-clustering-based approaches for outlier detection. APPLAUS can be implemented with existing network infrastructure, and it can be easily deployed in Bluetooth-enabled mobile devices with little computation or power cost. Extensive experimental results show that APPLAUS can effectively provide location proofs, significantly preserve source-location privacy, and effectively detect colluding attacks.