Tampere University of Technology

TUTCRIS Research Portal

Mobile Social Networking under Side-Channel Attacks: Practical Security Challenges

Research output: Contribution to journalArticleScientificpeer-review

Details

Original languageEnglish
Pages (from-to)2591-2601
Number of pages11
JournalIEEE Access
Volume5
DOIs
Publication statusPublished - 2017
Publication typeA1 Journal article-refereed

Abstract

Mobile social networks (MSNs) are the networks of individuals with similar interests connected to each other through their mobile devices. Recently, MSNs are proliferating fast supported by emerging wireless technologies that allow to achieve more efficient communication and better networking performance across the key parameters, such as lower delay, higher data rate, and better coverage. At the same time, most of the MSN users do not fully recognize the importance of security on their handheld mobile devices. Due to this fact, multiple attacks aimed at capturing personal information and sensitive user data become a growing concern, fueled by the avalanche of new MSN applications and services. Therefore, the goal of this work is to understand whether the contemporary user equipment is susceptible to compromising its sensitive information to the attackers. As an example, various information security algorithms implemented in modern smartphones are thus tested to attempt the extraction of the said private data based on the traces registered with inexpensive contemporary audio cards. Our obtained results indicate that the sampling frequency, which constitutes the strongest limitation of the off-the-shelf side-channel attack equipment, only delivers low-informative traces. However, the success chances to recover sensitive data stored within a mobile device may increase significantly when utilizing more efficient analytical techniques as well as employing more complex attack equipment. Finally, we elaborate on the possible utilization of neural networks to improve the corresponding encrypted data extraction process, while the latter part of this paper outlines solutions and practical recommendations to protect from malicious side-channel attacks and keep the personal user information protected.

Keywords

  • Information systems security, Mobile social networks (MSNs), Neural networks, Side-channel attacks, Social networking services

Publication forum classification