Trusted detection of sensitive activities on mobile phones using power consumption measurements

Mordechai Guri, Gabi Kedma, Boris Zadov, Yuval Elovici

2014 IEEE Joint Intelligence and Security Informatics Conference, 145-151, 2014

The unprecedented popularity of modern mobile phones has made them a lucrative target for skillful and motivated offenders. A typical mobile phone is packed with sensors, which can be turned on silently by a malicious program, providing invaluable information to the attacker. Detecting such hidden activities through software monitors can be blindfolded and bypassed by rootkits and by anti-forensic methods applied by the malicious program. Moreover, detecting power consumption by software running on the mobile phone is susceptible to similar evasive techniques. Consequently, software based detection of hidden malicious activities, particularly the silent activation of sensors, cannot be considered as trusted. In this paper we present a method which detects hidden activities using external measurement of power consumption. The classification model is acquired using machine-learning multi-label …