Misuse Detection for Mobile Devices Using Behaviour Profiling
Mobile devices have become essential to modern society; however, as their popularity has grown, so has theLi F, Clarke NL, Papadaki M, Haskell-Dowland PS (Dowland PS)
requirement to ensure devices remain secure. This paper proposes a behaviour-based profiling technique using
a mobile user’s application usage to detect abnormal activities. Through operating transparently to the user,
the approach offers significant advantages over traditional point-of-entry authentication and can provide
continuous protection. The experiment employed the MIT Reality dataset and a total of 45,529 log entries.
Four experiments were devised based on an inter-application dataset containing the general application;
two intra-application datasets combined with telephony and text message data; and a combined dataset that
included both inter-application and intra-application. Based on the experiments, a user’s profile was built
using either static or dynamic profiles and the best experimental results for the application-level applications,
telephone, text message, and multi-instance applications were an EER (Equal Error Rate) of 13.5%, 5.4%,
2.2%, and 10%, respectively.