Know your enemy: The risk of unauthorized access in smartphones by insiders

Ildar Muslukhov; Yazan Boshmaf; Cynthia Kuo; Jonathan Lester; Konstantin Beznosov

doi:10.1145/2493190.2493223

Know your enemy: The risk of unauthorized access in smartphones by insiders

Ildar Muslukhov, Yazan Boshmaf, Cynthia Kuo, Jonathan Lester, Konstantin Beznosov

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

79 Citations (Scopus)

Abstract

Smartphones store large amounts of sensitive data, such as SMS messages, photos, or email. In this paper, we report the results of a study investigating users' concerns about unauthorized data access on their smartphones (22 interviewed and 724 surveyed subjects). We found that users are generally concerned about insiders (e.g., friends) accessing their data on smartphones. Furthermore, we present the first evidence that the insider threat is a real problem impacting smartphone users. In particular, 12% of subjects reported a negative experience with unauthorized access. We also found that younger users are at higher risk of experiencing unauthorized access. Based on our results, we propose a stronger adversarial model that incorporates the insider threat. To better reflect users' concerns and risks, a stronger adversarial model must be considered during the design and evaluation of data protection systems and authentication methods for smartphones.

Original language	English
Title of host publication	MobileHCI 2013 - Proceedings of the 15th International Conference on Human-Computer Interaction with Mobile Devices and Services
Pages	271-280
Number of pages	10
DOIs	https://doi.org/10.1145/2493190.2493223
Publication status	Published - 2013
Externally published	Yes
Event	15th International Conference on Human-Computer Interaction with Mobile Devices and Services, MobileHCI 2013 - Munich, Germany Duration: 27 Aug 2013 → 30 Aug 2013

Publication series

Name	MobileHCI 2013 - Proceedings of the 15th International Conference on Human-Computer Interaction with Mobile Devices and Services

Conference

Conference	15th International Conference on Human-Computer Interaction with Mobile Devices and Services, MobileHCI 2013
Country/Territory	Germany
City	Munich
Period	27/08/13 → 30/08/13

Keywords

insider
loss
physical threats
smartphone
stranger
theft
user study

Access to Document

10.1145/2493190.2493223

Cite this

Muslukhov, I., Boshmaf, Y., Kuo, C., Lester, J., & Beznosov, K. (2013). Know your enemy: The risk of unauthorized access in smartphones by insiders. In MobileHCI 2013 - Proceedings of the 15th International Conference on Human-Computer Interaction with Mobile Devices and Services (pp. 271-280). (MobileHCI 2013 - Proceedings of the 15th International Conference on Human-Computer Interaction with Mobile Devices and Services). https://doi.org/10.1145/2493190.2493223

Muslukhov, Ildar ; Boshmaf, Yazan ; Kuo, Cynthia et al. / Know your enemy : The risk of unauthorized access in smartphones by insiders. MobileHCI 2013 - Proceedings of the 15th International Conference on Human-Computer Interaction with Mobile Devices and Services. 2013. pp. 271-280 (MobileHCI 2013 - Proceedings of the 15th International Conference on Human-Computer Interaction with Mobile Devices and Services).

@inproceedings{7eb2475cec8548b9844a2bc1ad70cfe4,

title = "Know your enemy: The risk of unauthorized access in smartphones by insiders",

abstract = "Smartphones store large amounts of sensitive data, such as SMS messages, photos, or email. In this paper, we report the results of a study investigating users' concerns about unauthorized data access on their smartphones (22 interviewed and 724 surveyed subjects). We found that users are generally concerned about insiders (e.g., friends) accessing their data on smartphones. Furthermore, we present the first evidence that the insider threat is a real problem impacting smartphone users. In particular, 12% of subjects reported a negative experience with unauthorized access. We also found that younger users are at higher risk of experiencing unauthorized access. Based on our results, we propose a stronger adversarial model that incorporates the insider threat. To better reflect users' concerns and risks, a stronger adversarial model must be considered during the design and evaluation of data protection systems and authentication methods for smartphones.",

keywords = "insider, loss, physical threats, smartphone, stranger, theft, user study",

author = "Ildar Muslukhov and Yazan Boshmaf and Cynthia Kuo and Jonathan Lester and Konstantin Beznosov",

year = "2013",

doi = "10.1145/2493190.2493223",

language = "English",

isbn = "9781450322737",

series = "MobileHCI 2013 - Proceedings of the 15th International Conference on Human-Computer Interaction with Mobile Devices and Services",

pages = "271--280",

booktitle = "MobileHCI 2013 - Proceedings of the 15th International Conference on Human-Computer Interaction with Mobile Devices and Services",

note = "15th International Conference on Human-Computer Interaction with Mobile Devices and Services, MobileHCI 2013 ; Conference date: 27-08-2013 Through 30-08-2013",

}

Muslukhov, I, Boshmaf, Y, Kuo, C, Lester, J & Beznosov, K 2013, Know your enemy: The risk of unauthorized access in smartphones by insiders. in MobileHCI 2013 - Proceedings of the 15th International Conference on Human-Computer Interaction with Mobile Devices and Services. MobileHCI 2013 - Proceedings of the 15th International Conference on Human-Computer Interaction with Mobile Devices and Services, pp. 271-280, 15th International Conference on Human-Computer Interaction with Mobile Devices and Services, MobileHCI 2013, Munich, Germany, 27/08/13. https://doi.org/10.1145/2493190.2493223

Know your enemy: The risk of unauthorized access in smartphones by insiders. / Muslukhov, Ildar; Boshmaf, Yazan; Kuo, Cynthia et al.
MobileHCI 2013 - Proceedings of the 15th International Conference on Human-Computer Interaction with Mobile Devices and Services. 2013. p. 271-280 (MobileHCI 2013 - Proceedings of the 15th International Conference on Human-Computer Interaction with Mobile Devices and Services).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Know your enemy

T2 - 15th International Conference on Human-Computer Interaction with Mobile Devices and Services, MobileHCI 2013

AU - Muslukhov, Ildar

AU - Boshmaf, Yazan

AU - Kuo, Cynthia

AU - Lester, Jonathan

AU - Beznosov, Konstantin

PY - 2013

Y1 - 2013

N2 - Smartphones store large amounts of sensitive data, such as SMS messages, photos, or email. In this paper, we report the results of a study investigating users' concerns about unauthorized data access on their smartphones (22 interviewed and 724 surveyed subjects). We found that users are generally concerned about insiders (e.g., friends) accessing their data on smartphones. Furthermore, we present the first evidence that the insider threat is a real problem impacting smartphone users. In particular, 12% of subjects reported a negative experience with unauthorized access. We also found that younger users are at higher risk of experiencing unauthorized access. Based on our results, we propose a stronger adversarial model that incorporates the insider threat. To better reflect users' concerns and risks, a stronger adversarial model must be considered during the design and evaluation of data protection systems and authentication methods for smartphones.

AB - Smartphones store large amounts of sensitive data, such as SMS messages, photos, or email. In this paper, we report the results of a study investigating users' concerns about unauthorized data access on their smartphones (22 interviewed and 724 surveyed subjects). We found that users are generally concerned about insiders (e.g., friends) accessing their data on smartphones. Furthermore, we present the first evidence that the insider threat is a real problem impacting smartphone users. In particular, 12% of subjects reported a negative experience with unauthorized access. We also found that younger users are at higher risk of experiencing unauthorized access. Based on our results, we propose a stronger adversarial model that incorporates the insider threat. To better reflect users' concerns and risks, a stronger adversarial model must be considered during the design and evaluation of data protection systems and authentication methods for smartphones.

KW - insider

KW - loss

KW - physical threats

KW - smartphone

KW - stranger

KW - theft

KW - user study

UR - http://www.scopus.com/inward/record.url?scp=84883667031&partnerID=8YFLogxK

U2 - 10.1145/2493190.2493223

DO - 10.1145/2493190.2493223

M3 - Conference contribution

AN - SCOPUS:84883667031

SN - 9781450322737

T3 - MobileHCI 2013 - Proceedings of the 15th International Conference on Human-Computer Interaction with Mobile Devices and Services

SP - 271

EP - 280

BT - MobileHCI 2013 - Proceedings of the 15th International Conference on Human-Computer Interaction with Mobile Devices and Services

Y2 - 27 August 2013 through 30 August 2013

ER -

Muslukhov I, Boshmaf Y, Kuo C, Lester J, Beznosov K. Know your enemy: The risk of unauthorized access in smartphones by insiders. In MobileHCI 2013 - Proceedings of the 15th International Conference on Human-Computer Interaction with Mobile Devices and Services. 2013. p. 271-280. (MobileHCI 2013 - Proceedings of the 15th International Conference on Human-Computer Interaction with Mobile Devices and Services). doi: 10.1145/2493190.2493223

Know your enemy: The risk of unauthorized access in smartphones by insiders

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this