Skip to main content
Springer Nature Link
Log in

Adaptive Security for Self-Protection of Mobile Computing Devices

  • Published:
Mobile Networks and Applications Aims and scope Submit manuscript

Abstract

Mobile computing has emerged as a pervasive technology that empowers its users with portable computation and context-aware communication. Smart systems and infrastructures can exploit portable and context-aware computing technologies to provide any time, any place digitized services on the go. Despite the offered benefits, such as portability, context-sensitivity, and high connectivity, mobile computing also faces some critical challenges. These challenges include resource poverty as well as data security and privacy that need to be addressed to increase the pervasiveness of mobile systems. We propose to provide a self-protection mechanism for mobile devices against the unforeseen security threats that can attack the critical resources of mobile devices. We have unified the concepts of autonomic computing and computer security to develop a framework that enables adaptive security to dynamically configure the security measures of a mobile device. We have developed a framework - an android-based prototype - that supports automation and user decision to protect the critical hardware and software resources of a device. Evaluation results demonstrate (i) framework’s accuracy for runtime detection and minimization of threats, and (ii) framework’s efficiency for device’s resource utilization.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14

Similar content being viewed by others

Notes

  1. Android: https://www.android.com/

  2. Google Play: https://play.google.com/

  3. In Fig. 8 we have anonymized the name of the app - used as a case study - that represents a potential security threat to the device resources.

  4. Samsung: https://www.samsung.com/us/mobile/

  5. Huawei: http://consumer.huawei.com/en/support/phones/

  6. Amazon DynamoDB: https://aws.amazon.com/dynamodb/

References

  1. Mehmood R, Bhaduri B, Katib I, Chlamtac I (2018) Smart societies, infrastructure, technologies and applications: first international conference, SCITA 2017, Jeddah, Saudi Arabia, November 27–29, 2017, Proceedings, vol 224 Springer

  2. Sajjad M, Abbasi AA, Malik A, Altamimi AB, Alseadoon IM (2018) Classification and mapping of adaptive security for mobile computing. IEEE Trans Emerg Top Comput 1(1):1–1

    Google Scholar 

  3. Protsenko M, Kreuter S, Muller T (2015) Dynamic self-protection and tamperproofing for android apps using native code. In: 2015 10th International conference on availability, reliability and security (ARES), pp 129–138

  4. Security H (2017) Study on mobile device security, Science and Technology Directorate

  5. Kim KI, Hwang HS, Ko HJ, Lee HK, Kim UM (2006) Multi-policy access control considering privacy in ubiquitous environment. In: 2006 international conference on hybrid information technology, vol 1. IEEE, pp 216–222

  6. Muhammed T, Mehmood R, Albeshri A, Katib I (2018) Ubehealth: a personalized ubiquitous cloud and edge-enabled networked healthcare system for smart cities. IEEE Access 6:32258–32285

    Article  Google Scholar 

  7. Penning N, Hoffman M, Nikolai J, Wang Y (2014) Mobile malware security challeges and cloud-based detection. In: 2014 International conference on collaboration technologies and systems (CTS). IEEE, pp 181–188

  8. Alampalayam SP, Kumar A (2003) An adaptive security model for mobile agents in wireless networks. In: Global telecommunications conference, 2003. GLOBECOM ’03, vol 3. IEEE, pp 1516–1521

  9. Anwar Z, Khan WA (2015) Guess who is listening in to the board meeting: on the use of mobile device applications as roving spy bugs. Secur Commun Netw 8(16):2813–2825

    Article  Google Scholar 

  10. Salehie M, Pasquale L, Omoronyia I, Ali R, Nuseibeh B (2012) Requirements-driven adaptive security: protecting variable assets at runtime. In: 2012 20th IEEE international requirements engineering conference (RE), pp 111–120

  11. Garcia M, Llewellyn-Jones D, Ortin F, Merabti M (2012) Applying dynamic separation of aspects to distributed systems security: a case study. Softw IET 6:231–248

    Article  Google Scholar 

  12. An G, Bae G, Kim K, Seo D (2009) Context-aware dynamic security configuration for mobile communication device. In: 2009 3rd International conference on new technologies, mobility and security (NTMS), pp 1–5

  13. Kephart JO, Chess DM (2003) The vision of autonomic computing. Computer 36:41–50

    Article  Google Scholar 

  14. Sajjad M, Abbasi AA, Malik A, Altamimi AB, Alseadoon IM (2018) Classification and mapping of adaptive security for mobile computing. IEEE Trans Emerg Top Comput

  15. Intelligence GSMA (2016) Definitive data and analysis for the mobile industry. http://GSMAintelligence.com

  16. Robbes R, Lanza M (2008) Spyware. In: ACM/IEEE 30th International conference on software engineering, pp 847–850

  17. Satyanarayanan M (2015) A brief history of cloud offload: a personal journey from odyssey through cyber foraging to cloudlets. GetMobile: Mobile Comput Commun 18(4):19–23

    Article  Google Scholar 

  18. Lewis GA, Lago P, Procaccianti G (2014) Architecture strategies for cyber-foraging: preliminary results from a systematic literature review. In: European conference on software architecture. Springer, pp 154–169

  19. Zhang X, Kim G-B, Bae H-Y (2014) An adaptive spatial cloaking method for privacy protection in location-based service. In: 2014 International conference on information and communication technology convergence (ICTC), pp 480–485

  20. Seigneur TEMM (2013) Security adaptation based on autonomic and trust systems for ubiquitous mobile network and green it. In: UBICOMM 2013 : the seventh international conference on mobile ubiquitous computing, systems, services and technologies, IARIA

  21. Martinelli F, Mori P, Quillinan T, Schaefer C (2008) A runtime monitoring environment for mobile java. In: IEEE international conference on software testing verification and validation workshop, 2008. ICSTW ’08, pp 270–278

  22. Yang Z, Lu S, Yang P (2006) Runtime security verification for itinerary-driven mobile agents. In: 2nd IEEE international symposium on dependable, autonomic and secure computing, pp 177–186

  23. Lin H, Yan Z, Fu Y (2019) Adaptive security-related data collection with context awareness. J Netw Comput Appl 126:88–103

    Article  Google Scholar 

  24. Laborde R, Oglaza A, Wazan AS, Barrère F, Benzekri A (2019) A situation-driven framework for dynamic security management. Ann Telecommun 74(3-4):185–196

    Article  Google Scholar 

  25. An G, Bae G, Kim K, Seo D (2009) Context-aware dynamic security configuration for mobile communication device. In: 2009 3rd International conference on new technologies, mobility and Security (NTMS), pp 1–5

  26. Maheshwari S (2018) That game on your phone may be tracking what you’re watching on tv, https://www.nytimes.com/2017/12/28/business/media/alphonso-app-tracking.html

  27. Rocha BPS, Costa DNO, Moreira RA, Rezende CG, Loureiro AAF, Boukerche A (2010) Adaptive security protocol selection for mobile computing. J Netw Comput Appl 33:569–587

    Article  Google Scholar 

  28. Garcia M, Llewellyn-Jones D, Ortin F, Merabti M (2012) Applying dynamic separation of aspects to distributed systems security: a case study. Softw IET 6:231–248

    Article  Google Scholar 

  29. Gilbert P, Chun B-G, Cox LP, Jung J (2011) Vision: automated security validation of mobile apps at app markets. In: Proceedings of the second international workshop on mobile cloud computing and services. ACM, pp 21–26

  30. Dehling T, Gao F, Schneider S, Sunyaev A (2015) Exploring the far side of mobile health: information security and privacy of mobile health apps on ios and android. JMIR mHealth and uHealth, 3(1)

  31. (2016). Xposed - general info, versions & changelog, xda developers

  32. Sable Research Group (2016) Soot: a framework for analyzing and transforming Java and Android applications

  33. Pallapa G, Roy N, Das SK (2008) A scheme for quantizing privacy in context-aware ubiquitous computing. In: IET conference proceedings, pp 32–32

  34. Miller E (1998) An introduction to the resource description framework. Bull Am Soc Inf Sci Technol 25 (1):15–19

    Article  Google Scholar 

  35. Suna A, El Fallah-Seghrouchni A (2005) A mobile agents platform: architecture, mobility and security elements. In: Bordini RH, Dastani M, Dix J, El Fallah Seghrouchni A (eds) Programming multi-agent systems. Springer, Berlin, pp 126–146

  36. Zhao K, Zou D, Jin H, Tian Z, Qiang W, Dai W (2015) Privacy protection for perceptual applications on smartphones. In: 2015 IEEE international conference on mobile services (MS). IEEE, pp 174–181

  37. La Polla M, Martinelli F, Sgandurra D (2013) A survey on security for mobile devices. IEEE Commun Surv Tutorials 15(1):446–471

    Article  Google Scholar 

  38. Wijesekera P, Baokar A, Hosseini A, Egelman S, Wagner D, Beznosov K (2015) Android permissions remystified: a field study on contextual integrity. In: USENIX security symposium, pp 499–514

  39. Maji AK, Arshad FA, Bagchi S, Rellermeyer JS (2012) An empirical study of the robustness of inter-component communication in android. In: 2012 42nd Annual IEEE/IFIP international conference on dependable systems and networks (DSN). IEEE, pp 1–12

  40. Cugola G, Margara A, Migliavacca M (2009) Context-aware publish-subscribe: model, implementation, and evaluation. In: 2009 IEEE symposium on computers and communications, pp 875–881

  41. Onica E, Felber P, Mercier H, Rivière E (2016) Confidentiality-preserving publish/subscribe: a survey. ACM Comput Surv (CSUR) 49(2):27

    Google Scholar 

  42. Jung H-W, Kim S-G, Chung C-S (2004) Measuring software product quality: a survey of iso/iec 9126. IEEE Softw 21(5):88–92

    Article  Google Scholar 

  43. Liu Y, Jin Z, Wang Y (2010) Survey on security scheme and attacking methods of wpa/wpa2. In: 2010 6th international conference on wireless communications networking and mobile computing (wicom). IEEE, pp 1–4

  44. Lashkari AH, Danesh MMS, Samadi B (2009) A survey on wireless security protocols (wep, wpa and wpa2/802.11 i). In: 2nd IEEE International conference on computer science and information technology, 2009. ICCSIT 2009. IEEE, pp 48–52

Download references

Acknowledgments

This research is funded by the Deanship of Scientific Research at the University of Ha’il, Saudi Arabia under the grant number ‘160595’ (Project Code: 160595)

Author information

Authors and Affiliations

  1. College of Computer Science and Engineering (CCSE), University of Ha’il (UoH), Ha’il, Kingdom of Saudi Arabia

    Aakash Ahmad & Abdulrahman Alreshidi

  2. School of Electrical Engineering and Computer Science (SEECS), National University of Sciences and Technology (NUST), Islamabad, Pakistan

    Asad Waqar Malik & Maryam Sajjad

  3. Department of Information Systems, Faculty of Computer Science and Information Technology, University of Malaya, Kuala Lumpur, Malaysia

    Asad Waqar Malik

  4. Department of Electrical and Computer Engineering, COMSATS University Islamabad-Wah Campus, Islamabad, Pakistan

    Wilayat Khan

Authors
  1. Aakash Ahmad
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Asad Waqar Malik
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Abdulrahman Alreshidi
    View author publications

    You can also search for this author inPubMed Google Scholar

  4. Wilayat Khan
    View author publications

    You can also search for this author inPubMed Google Scholar

  5. Maryam Sajjad
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Aakash Ahmad.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Ahmad, A., Malik, A.W., Alreshidi, A. et al. Adaptive Security for Self-Protection of Mobile Computing Devices. Mobile Netw Appl 28, 653–672 (2023). https://doi.org/10.1007/s11036-019-01355-y

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11036-019-01355-y

Keywords