Huang, Stephen2019-09-132019-09-13May 20172017-05May 2017Portions of this document appear in: Lu, Xi, and Shou-Hsuan Stephen Huang. "Malicious Apps May Explore a Smartphone's Vulnerability to Detect One’s Activities." In 2017 IEEE 31st International Conference on Advanced Information Networking and Applications (AINA), pp. 787-794. IEEE, 2017.https://hdl.handle.net/10657/4551In order to make apps functional, mobile operating systems, such as Android, allow applications to access some system data without asking for user permission. We demonstrate that by analyzing these system data and some side channel information, it is possible to gain insight into a smartphone user’s behavior, thus putting their privacy at risk. With these real-time privacy information collected, a malicious attacker may launch spear phishing attacks with much higher yield rates. In this thesis, we study a combination of power consumption, network traffic, and memory usage of several commonly used activities, and demonstrated that it is possible to classify a user’s smartphone activities into one of six categories, which are Video, Game, Internet, Music, Idle, and Phone Call. We designed several experiments to test the classification which resulted in high success rates. We also present the possibility of detecting transitions of smartphone activities.application/pdfengThe author of this work is the copyright owner. UH Libraries and the Texas Digital Library have their permission to store and provide access to this work. UH Libraries has secured permission to reproduce any and all previously published materials contained in the work. Further transmission, reproduction, or presentation of this work is prohibited except with permission of the author(s).VulnerabilitySide channelMobile phoneSmartphoneAndroid2019-09-13Thesisborn digital