skip to main content
10.1145/2757290.2757291acmconferencesArticle/Chapter ViewAbstractPublication PagesmobihocConference Proceedingsconference-collections
research-article

mAuditor: Mobile Auditing Framework for mHealth Applications

Published: 22 June 2015 Publication History

Abstract

Enormous numbers of mobile health applications (mHealth apps) developed recently on mobile devices (e.g. smartphones, tablets, etc.) have enabled health status (e.g. sleep quality, heart rate, etc.) monitoring that is readily accessible to average mobile device users. Typically, such mHealth apps involve active usage of mobile device resources, such as on-board sensors, network bandwidth, etc. The rapid increase of these applications promotes the US FDA agency to put in place regulations on mHealth app risk assessment. But these existing and upcoming regulations have not yet been accompanied by a mobile auditing framework, which provides real-time monitoring of mHealth apps' resource usage and triggers alerts to users if abnormal resource usage patterns are detected. In this paper, we develop a low-overhead and non-obtrusive mobile auditing framework, called mAuditor, that specifically monitors in real-time on-board sensor and network bandwidth usage of mHealth apps. We carry out experiments using a diverse set of mHealth apps that are available on the Google Play App store. Our results indicate that mAuditor is able to detect the discrepancies between normal and abnormal resource usage patterns of mHealth apps.

References

[1]
"Comparison of mobile operating systems," 2014, http://en.wikipedia.org/wiki/Comparison of mobile operating systems.
[2]
"Google announces android has surpassed 1 billion device activations," 2014, http://phandroid.com/2013/09/03/android-device-activations-1-billion/.
[3]
S. Avancha, A. Baxi, and D. Kotz, "Privacy in mobile technology for personal healthcare," ACM Comput. Surv., vol. 45, no. 1, pp. 3:1--3:54, Dec. 2012. {Online}. Available: http://doi.acm.org/10.1145/2379776.2379779
[4]
R. Istepanian, S. Laxminarayan, and C. Pattichis, M-Health: Emerging Mobile Health Systems, ser. Topics in Biomedical Engineering. International Book Series. Springer US, 2010. {Online}. Available: http://books.google.es/books?id=lZbBcQAACAAJ
[5]
"Mobile medical applications guidance for industry and food and drug administration staff," 2014, http://www.fda.gov/downloads/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/UCM263366.pdf.
[6]
"Android activity manager (am)," 2014, http://developer.android.com/reference/android/app/ActivityManager.html.
[7]
"Profiling with traceview and dmtracedump," 2014, http://developer.android.com/tools/debugging/debugging-tracing.html#traceviewLayout.
[8]
"Java native interface," 2014, http://docs.oracle.com/javase/7/docs/technotes/guides/jni/.
[9]
"Sleep as droid," 2014, https://sites.google.com/site/sleepasandroid/home.
[10]
"contagio mobile," 2014, http://contagiominidump.blogspot.jp/.
[11]
J. Froehlich, M. Y. Chen, S. Consolvo, B. Harrison, and J. A. Landay, "Myexperience: A system for in situ tracing and capturing of user feedback on mobile phones," in Proceedings of the 5th International Conference on Mobile Systems, Applications and Services, ser. MobiSys '07. New York, NY, USA: ACM, 2007, pp. 57--70. {Online}. Available: http://doi.acm.org/10.1145/1247660.1247670
[12]
H. Falaki, R. Mahajan, and D. Estrin, "Systemsens: A tool for monitoring usage in smartphone research deployments," in Proceedings of the Sixth International Workshop on MobiArch, ser. MobiArch '11. New York, NY, USA: ACM, 2011, pp. 25--30. {Online}. Available: http://doi.acm.org/10.1145/1999916.1999923
[13]
C. Shepard, A. Rahmati, C. Tossell, L. Zhong, and P. Kortum, "Livelab: Measuring wireless networks and smartphone users in the field," SIGMETRICS Perform. Eval. Rev., vol. 38, no. 3, pp. 15--20, Jan. 2011. {Online}. Available: http://doi.acm.org/10.1145/1925019.1925023
[14]
G. Maier, F. Schneider, and A. Feldmann, "A first look at mobile hand-held device traffic," in phProceedings of the 11th International Conference on Passive and Active Measurement, ser. PAM'10. Berlin, Heidelberg: Springer-Verlag, 2010, pp. 161--170. {Online}. Available: http://dl.acm.org/citation.cfm?id=1889324.1889341
[15]
W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth, "Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones," in Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, ser. OSDI'10. Berkeley, CA, USA: USENIX Association, 2010, pp. 1--6. {Online}. Available: http://dl.acm.org/citation.cfm?id=1924943.1924971
[16]
L. Xie, X. Zhang, J.-P. Seifert, and S. Zhu, "pbmds: A behavior-based malware detection system for cellphone devices," in Proceedings of the Third ACM Conference on Wireless Network Security, ser. WiSec '10. New York, NY, USA: ACM, 2010, pp. 37--48. {Online}. Available: http://doi.acm.org/10.1145/1741866.1741874
[17]
I. Burguera, U. Zurutuza, and S. Nadjm-Tehrani, "Crowdroid: Behavior-based malware detection system for android," in Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, ser. SPSM '11. New York, NY, USA: ACM, 2011, pp. 15--26. {Online}. Available: http://doi.acm.org/10.1145/2046614.2046619
[18]
J. S. F. Jinseong Jeon, Kristopher K. Micinski, "Symdroid: Symbolic execution for dalvik bytecode," Technical Report CS-TR-5022, 2012.
[19]
W. Enck, M. Ongtang, and P. McDaniel, "On lightweight mobile phone application certification," in Proceedings of the 16th ACM Conference on Computer and Communications Security, ser. CCS '09. New York, NY, USA: ACM, 2009, pp. 235--245. {Online}. Available: http://doi.acm.org/10.1145/1653662.1653691
[20]
A. P. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner, "Android permissions demystified," in Proceedings of the 18th ACM Conference on Computer and Communications Security, ser. CCS '11. New York, NY, USA: ACM, 2011, pp. 627--638. {Online}. Available: http://doi.acm.org/10.1145/2046707.2046779
[21]
"Android open source project," 2014, https://source.android.com/.
[22]
"Epi mhealth app," 2014, http://epimhealth.com/.
[23]
"Blood pressure recorder app," 2014, https://play.google.com/store/apps/details?id=com.bpdiary.talkdatabase&hl=en.

Cited By

View all
  • (2022)Understanding the Paths and Patterns of App-Switching Experiences in Mobile SearchesSustainability10.3390/su14201299214:20(12992)Online publication date: 11-Oct-2022

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
MobileHealth '15: Proceedings of the 2015 Workshop on Pervasive Wireless Healthcare
June 2015
66 pages
ISBN:9781450335256
DOI:10.1145/2757290
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 June 2015

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. auditing
  2. mobile health applications

Qualifiers

  • Research-article

Funding Sources

  • National Science Foundation

Conference

MobiHoc'15
Sponsor:

Acceptance Rates

Overall Acceptance Rate 15 of 25 submissions, 60%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)3
  • Downloads (Last 6 weeks)0
Reflects downloads up to 26 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2022)Understanding the Paths and Patterns of App-Switching Experiences in Mobile SearchesSustainability10.3390/su14201299214:20(12992)Online publication date: 11-Oct-2022

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media