Wireless Pers Commun

DOI 10.1007/s11277-015-3121-8

Intelligent Security Model of Smart Phone Based

on Human Behavior in Mobile Cloud Computing

Daesung Moon1 Ikkyun Kim1 Jae Woong Joo2

Hyung Jin Im2 Jong Hyuk Park2 Young-Sik Jeong3

 Springer Science+Business Media New York 2015

Abstract Diverse researches following the advancement of IT technology and emer-

gence of smart devices are common in current research. In particular, the most commer-
cialized smart device, the smart phone, provides convenient communication among users
due to easy portability and real-time information sharing within a diverse system. More-
over, spatial and temporal use of smart devices greatly increased because these devices are
capable of performing the same functions as a desktop personal computer, making smart
phones extremely popular. However, research on smart phones has mainly focused on the
convenience of the services offered on these devices, while the issue of security has been
neglected. Smart phones are vulnerable to diverse, malicious attacks, which have increased
as new functions are developed and commonly used. For this reason, a number of appli-
cations were developed to detect a variety of malicious codes in smart phones and prevent
private information leakage. However, due to the difficulties of recognizing and responding

& Jong Hyuk Park

jhpark1@seoultech.ac.kr
& Young-Sik Jeong
ysjeong@dongguk.edu
Daesung Moon
daesung@etri.re.kr
Ikkyun Kim
ikkim21@etri.re.kr
Jae Woong Joo
woong88@seoultech.ac.kr
Hyung Jin Im
imhj9121@seoultech.ac.kr
1
Network Security Research Team, Electronics and Telecommunications Research Institute,
Daejeon, Korea
2
Department of Computer Science and Engineering and Department of Interdisciplinary Bio IT
Materials, SeoulTech, Seoul, Korea
3
Department of Multimedia Engineering, Dongguk University, Seoul, Korea

123
 D. Moon et al.

to attacks, such as advanced persistent threats (APTs), an intelligent security model is

urgently required. This paper suggests intelligent security model of smart phone based on
human behavior in mobile cloud computing to detect diverse types of malicious code in
smart phones and respond to advanced attacks, such as APTs. The suggested intelligent
security model of smart phone securely protects users from private information leaks and
illegal billing action. Moreover, intelligent response to malicious, difficult-to-detect code is
provided by a user behavior-based intelligent analysis, which makes it possible to shut
down network, registry, drive, and system accessibility and to notify users to respond to
malicious attacks.

Keywords Advanced persistent threat
Authentication
Intelligent security model

Mobile cloud computing

1 Introduction

Smart devices have become deeply embedded in the lives of users. Smart phones, which
are the most commonly used smart devices, provide convenient enhancements by offering
diverse content, not only through built-in functions including alarms, memos, cameras,
schedule management, and telephone services, but also through navigation, augmented
reality, social networking services (SNSs), banking, e-mail, and network games that all use
the internet. Smart phones are capable of performing the same functions as desktop PCs, in
addition to simpler functions, and work efficiency increases when these devices are used as
mobile offices without restrictions on time or spatial limits. The benefits of cost reduction
and performance efficiency enhancement encourage a continuously upwards trend in the
number of users who use smart phones [15]. Many smart phones that offer a diverse range
of benefits make use of a general-purpose operating system (OS) [69]. Although pro-
viding diverse services and the development of content are easy because of the general-
purpose OS, creating mobile malicious code is also easy [1, 1012].
Many crimes target the security weaknesses of mobile devices, and the size and damage
of attacks on mobile devices, such as smart phones, are ever increasing [1318]. For this
reason, a number of applications have been developed that detect diverse malicious code
and prevent private information leakage as part of the security measures of mobile devices.
Because these applications detect malicious code using a sequential method in which a
response is made by the list in the signature of the malicious code, detection of and
responses to attacks, such as APTs, are very difficult. An intelligent security model is
critical to the protection of smart phone users and is required against security threats such
as information leaks, illegal billing, and illicit use of personal information by malicious
actions and codes that are intelligent and able to transform into diverse forms [1621].
Moreover, next-generation security technology for mobile devices that can provide secu-
rity, integrity, usability, and reliability in diverse service environments is required. This
paper suggests intelligent security model of smart phone based on human behavior in
mobile cloud computing to detect diverse malicious code and respond to advanced attacks,
such as APT. The suggested intelligent security model of smart phone collects user
behavior and permissions information from mobile devices. The collected information
would then be transferred to the cloud for multi-dimensional analysis and the type of
malicious code determined. This model can provide more profound detection compared to

123
Intelligent Security Model of Smart Phone Based on Human

the existing response to malicious code through signature, as well as stronger security as
shown in Fig. 1 [1, 11].
This paper consists of the following sections: section 2 discusses the mobile threat
factor and security requirements along with an analysis of a previously suggested model.
Section 3 presents an intelligent security model of smart phone. Section 4 presents design
of intelligent security model of smart phone based on human behavior in mobile cloud
computing. Section 5 presents system efficiency through a comparative analysis between
previous researches and the suggested system. Finally, Sect. 6 contains the overall con-
clusions, a summary, and suggests direction for future researches.

2 Related Work

This section explains threat factors, types of malicious code, essential security consider-
ations for mobile devices, and provides reviews of previous literature relevant to this study.

Real-time information
shared with diverse Key role of
devices providing
convenient service
Easy
portability
Increased weakness
Desktop function to malicious attack
performance

Convenient communication Research on intelligent

among users and maximum security models for APT
enhancement of spatial- Smart Phone attack detection and
temporal usage response

Analysis Collection of
Information User Pattern & Information

Intelligent Analysis based on human behavior

+PVGNNKIGPV5OCTV2JQPG5GEWTKV[/QFGN

Intelligent response User protection Detection of diverse

to difficult -to-detect against private malicious code for
malicious codes using information smart phones and
user behavior-based leaks and illegal responsive to
intelligent type billing action advanced attacks,
analysis such as APT

%NQWF

Fig. 1 Conceptual map of response to diverse mobile attacks using the intelligent security model of smart
phone

123
 D. Moon et al.

2.1 Mobile Threat Factors

Factors that greatly affect mobile security can be divided into application-based threats,
web-based threats, and network-based threats. Application-based threats frequently occur
in application downloadable to mobile devices. Software applications developed with
malicious purposes are capable of extracting stored information and inducing fatal errors in
mobile devices. Private information leaked through information extraction occurs through
spyware. Spyware is capable of collecting data related to locations, contacts, calling his-
tory, e-mail, pictures, and text messages without user consent. Application-based threats
cause an automatic download of malicious applications, hacking, and malfunctioning of
mobile devices, which include systematic suspension and access to private information
without notice [20].
Web-based threats are not only related to desktop PCs but also to mobile devices and
common occurrences. Acquirement of administrative authority because of weaknesses in
the general-purpose OSs of mobile devices and private information leaks through mali-
cious code occur. Mobile web browsers that are vulnerable to malicious code are down-
loadable, which can incur security breaches because of the software security defects that
are inherent in web browser components [21].
Network-based threats take place within local wireless and mobile networks. Wi-Fi
sniffing, in particular, transfers data through many applications and web pages. This
security problem is particularly serious as users are unaware of the data transfers [20].

2.2 Types of Malicious Mobile Code

Types of malicious mobile code can be divided into mobile device, device disability
inducing, battery consumption, excessive charge induction, information leakage, and cross
platform types, which all share similar purposes related to private information leaks,
payment action, and system demolition.
Mobile device malicious code refers to a malicious code that operates on mobile devices
and performs actions such as system demolition or private information leaks. Malicious
codes attack mobile devices to create functional paralysis of mobile devices, obtain private
information, or for financial benefit [22]. The device disability-inducing type refers to
malicious code that attacks mobile devices to cause defects or to fully disable the device in
severe cases [22]. The battery consumption type is a malicious code that continuously
incurs electricity use in mobile devices and performs diverse attacks to drain batteries [23].
The excessive charge induction type is a malicious code that incurs excessive charges by
continuously trying on the short message service (SMS) or transfer service of mobile
devices. This type of malicious code accesses stored telephone numbers without users
consent and attempts to deliver this information through SMS and transmission to
unspecified individuals by generating random numbers [23]. The information leakage type
is a malicious code that externally leaks information of the infected mobile device or users
private information. When this malicious code is installed, security settings on the mobile
device are changed to allow additional application attacks to occur as private information
stored on the mobile device and information created from previous use are externally
transferred. Moreover, there are malicious spywares that leak the location information of
the users [24]. There is also a cross platform type that infects desktop PCs through mobile
devices. A worm is copied onto a memory card, and the malicious code automatically

123
Intelligent Security Model of Smart Phone Based on Human

infects the device through auto-run functions when the infected memory card is inserted
into the desktop PC or other devices [25].

2.3 Essential Security Considerations for Mobile Device Protection

Representative security considerations for mobile devices include data confidentiality,

integrity, and usability. Data confidentiality is an essential security consideration because
smart devices, such as smart phones and tablet PCs (personal computers) that use networks
through Wi-Fi(wireless fidelity) are vulnerable to data wiretapping, and data confidentiality
should be guaranteed so that attackers cannot obtain data [2225]. Data integrity should be
able to check whether the received data were not falsified by an attacker. The integrity of
data or messages is guaranteed in general by using the value generated through the hash
function. Moreover, security of the hash function itself is required [2225]. As for data
availability, since smart devices depend on battery power, effective and identical data
transfer functions and processing with less effort is critical [2225].

2.4 Research Trends for Mobile Device Protection

As mentioned in [24], mobile threats on the general-purpose OS (operating system) for

smart devices are part of the suggested security requirements, which include loss of mobile
devices, mobile resource access without consent, mobile malicious code, spyware, and
fishing. Although security requirements for diverse security threats have been proposed, an
integrated security model is necessary to respond to the evolving intelligence of attacks.
Researchers [25] analyzed the security system response to authority invasion by malicious
software and the related processes in the environments of smart phones, which catch
threats through process monitoring, detection, and trace and alarm functions to notify
users. As for the detection method, it uses static code analysis in databases by logging the
determined suspicious action and malicious application function. However, it has a dis-
advantage in that it cannot check whether the transferred message was counterfeit or
falsified in the database. Another study [26] categorized diverse fishing detection tech-
niques in mobile devices, including Bluetooth fishing, SMS fishing, vishing, and mobile
web application fishing. Moreover, it introduced fishing detection technology for mobile
devices and compared each detection technology. In [27], representative malicious code
samples were compared and attack scenarios were analyzed to suggest techniques for
detecting mobile malicious code through static analysis. This study computes hash values
and signature values of suspicious applications and defines the risk level according to the
degree of risk. At high-risk levels, the application performs attack detection by searching
commands and the main key words used in the mobile malicious code. Although diverse
researches have been conducted for mobile device protection from various viewpoints,
these researches are not sufficient for intelligent attack response because they depend on
previously defined malicious code or static analysis of malicious code.

3 Intelligent Security Model of Smart Phone

Figure 2 shows the operation process of detecting abnormal symptoms in the suggested
intelligent smart phone security model. The process is divided into five steps, and the
performance in each step is described in Table 1.

123
 D. Moon et al.

/QDKNG2NCVHQTO
7RFCVG
+PHQTOCVKQP
%QNNGEVKQPQHU[UVGO
CTVKHCEVUCPFRGTOKUUKQP
KPHQTOCVKQP

%QORCTCVKXGCPCN[UKUQH
7$+&$ U[UVGOCTVKHCEVUCPF
RGTOKUUKQPKPHQTOCVKQP

0Q %NQWF%QORWVKPI2NCVHQTO
&GVGTOKPCVKQPQH
TKUMKPGUU
;GU

5WURGPUKQPQH 5GEWTG&$
JKIJTKUMU[UVGOU
TGSWGUV
5VCVKE&[PCOKE
/CMKPIRCEMCIGQH #PCN[UKU
VJGEQNNGEVGFFCVC

&GVGTOKPCVKQPQH
TKUMKPGUU

TGRQTV /CMKPI#PCN[UKU
4KUMYCTPKPICPF
4GRQTV
PGVYQTMUJWVFQYP

Fig. 2 Scenarios for the detection of abnormal symptoms using an intelligent security model of smart
phone

Table 1 Performance of abnormal symptom detection at each step

Step Description

Step 1 Behavior information centered at users that are related to processing, networks, registry, drivers,
and authorities in the smart phone are collected to be stored in UBI DB
Step 2 Riskiness is analyzed by comparing the information in the UBI DB and collected information. If
abnormal symptoms are detected, the system operation with the highest risk is suspended. Where
no abnormal symptoms are found, data are continuously collected
Step 3 Collected data packages are written and an analysis is commissioned to cloud computing, which
performs static and dynamic analyses using data in secure DB and collected data from the smart
phone
Step 4 Risk level is determined based on the analyzed data and an analysis report is written
Step 5 An analysis report is written in cloud computing and sent to the mobile platform, which warns of
the riskiness and shuts down the smart phone network

123
Intelligent Security Model of Smart Phone Based on Human

4 Design of Intelligent Security Model of Smart Phone Based on Human

Behavior in Mobile Cloud Computing

The structure of the intelligent security model of smart phone (ISMSP) based on human
behavior in mobile cloud computing suggested in this paper is shown in Fig. 3. The
intelligent security model of smart phone can be functionally divided into a mobile plat-
form and cloud-computing platform, and the two are connected to provide intelligent
security of smart phone.

4.1 Mobile Platform

The mobile platform is composed of permission analysis tools (PAT), a user behavior
inspector (UBI), a user behavior information database (UBI DB), a network monitor (NM),
a memory monitor (MM), a file monitor (FM), and a mobile security manager (MSM).
Network monitor (NM) this component monitors network information, such as con-
nection information to external networks, traffic information, and operation information on
mobile platforms.
Memory monitor (MM) monitors files such as running applications, processes, registry,
networks, and driver information.
File monitor (FM) monitors information about files including file size, form, signature,
change from modification, and generation time.
Permission analysis tools (PAT) collect degrees of usage of information along with
permission information for each installed application and analyzes them to determine
riskiness.
User behavior information database (UBI DB) perceives the usage pattern of smart
phone users to analyze and store as user behavior data and manages the behavior infor-
mation. User behavior factors include system artifacts such as files, processes, networks,

// 0/ 2#6 (/ +PURGEVQT
#NGTV7PKV %NCUUKHKECVKQP
9CTPKPI
7PKV
/GUUCIG
/QDKNG5GEWTG 5GEWTG
/CPCIGT #PCN[\GT &$
7$+ 5VCVKE &[PCOKE
#PCN[UKU #PCN[UKU

7$+&$

%NQWF%QORWVKPI2NCVHQTO

/QDKNG2NCVHQTO
Fig. 3 Intelligent security model of smart phone architecture

123
 D. Moon et al.

touch tracking (touch channel and touch frequency), channel tracking (page movement
channel and page exposure frequency), and time (day of the week and time). Behavior or
repeated behavior patterns are extracted using actions that are repeated during a certain
amount of time. Moreover, it compares this information to existing behavior and measures
risk levels according to abnormal symptoms.
Mobile secure manager (MSM) collects system artifacts including files, processes,
networks, and user behavior information and conducts comparative analyses with existing
data stored in the UBI DB. When analysis results indicate a high-risk level, the action is
suspended and the collected data are transferred to the cloud-computing platform.

4.2 Cloud Computing Platform

The cloud computing platform is composed of an analyzer, inspector, and secure DB.
The analyzer is a component that comprehensively analyzes files, processes, memory,
certifications, and user behavior information that were transferred from the mobile plat-
form. An analyzer can be divided into static analysis and dynamic analysis according to the
analysis type. Static analysis disassembles applications and analyzes the application pro-
gramming interface used in the source code of the application to determine the existence of
malicious code. When an application appears, it is checked for falsification through
comparison and analysis of the permission information and the received permission
information. Dynamic analysis installs and runs apk files in virtual machines and checks
the order and the number of times it called the API. It determines the riskiness of the
application through comparative analysis with malicious action patterns. When the internet
API is called and the international mobile equipment identity (IMEI) and international
mobile subscriber identity (IMSI) are manipulated, it is perceived as information leak
malicious code aimed at smart phone information leakage. If SPAM-related phone num-
bers are called using the call API or if SMS or the multi-media message service (MMS)
API are called and SPAM-related words are searched, it is perceived as an excessive
charge-inducing type of malicious code.
The inspector consists of classification units and alert units. A classification unit is a
module that categorizes malicious files and processes based on analysis information. An
alert unit is a module that offers warnings to users according to the risk level.

4.3 Service Scenario

This section explains about the Detection and Protection Service Scenario in order to detect
malicious acts and protect the mobile device. Table 2 shows Acronyms used in the Service
Scenario. Also, Fig. 4 shows a Service Scenario that detects malicious acts in a mobile
platform.

Table 2 Description of acronym

Acronym Description

Pat_data Permission analysis tool information

Nm_data Network related information
Fm_data File related information
Mm_data Process, registry, driver related information
Ubi_data User behavior information
Ret_val() Response function regarding request

123
Intelligent Security Model of Smart Phone Based on Human

7$+
2#6 0/ /5/ // (/
&$
2CVAFCVC

4GVAXCN
6TWG^(CNUG
0OAFCVC

/OAFCVC
4GVAXCN
6TWG^(CNUG
4GVAXCN

6TWG^(CNUG
(OAFCVC
7DKAFCVC
4GVAXCN
6TWG^(CNUG

7DKAFCVC

4GVAXCN

6TWG^(CNUG
2CVAFCVC^0OAFCVC ^
/OAFCVC ^(OAFCVC ^
7DKAFCVC

Fig. 4 Scenarios for intelligent detection and protection in smart phone

Step 1 PAT ? MSM: Pat_data, MSM ? PAT: Ret_val(True|False)

The permission analysis tool information of the installed application will be report to the
Mobile Security Manager (MSM). Then, the response on whether it has succeeded or
failed should be received.
Step 2 NM ? MSM: Nm_data, MSM ? NM: Ret_val(True|False)
The network monitoring information of mobile will be report to the mobile security
manager (MSM). Then, the response on whether it has succeeded or failed should be
received.
Step 3 MM ? MSM: Mm_data, MSM ? MM: Ret_val(True|False)
The Memory Monitoring information of mobile will be report to the Mobile Security
Manager (MSM). Then, the response on whether it has succeeded or failed shall be
received.
Step 4 FM ? MSM: Fm_data, MSM ? FM: Ret_val(True|False)
All monitoring information of the files in the mobile will be report to the Mobile
Security Manager (MSM). Then, the response on whether it has succeeded or failed
should be received.
Step 5 UBI ? UBI: Ubi_data
User behavior information will be collected, and the data should be standardized, which
should be saved in the User Behavior Information DataBase (UBI DB).
Step 6 UBI ? MSM: Ubi_data, MSM ? UBI: Ret_val(True|False)
The user behavior information will be reported to the Mobile Security Manager (MSM).
Then, the response on whether it has succeeded or failed should be received.
Step 7 MSM ? MSM: Pat_data|Nm_data|Mm_data|Fm_data|Ubi_data
The Mobile Security Manager (MSM) will organize and analyze the collected
information. If an unusual behavior and malicious activity is caught during the process

123
 D. Moon et al.

Table 3 Comparison analysis

Security consideration ISMSP Mu et al. [24] Louk et al. [25] Seo et al. [27]

Confidentiality Supported Not supported Partially supported Partially supported

Integrity Supported Not supported Partially supported Partially supported
Availability Middle Weak Weak Weak

of analyzing data, the MSM shall determine the risk level and stop the system. Also, the
MSM provide an analysis report that would be sent to the cloud computing platform.

5 Performance Evaluation

This section compares performances between the intelligent security model of smart phone
(ISMSP) suggested in this paper and those from the previous researches Mu et al. [24],
Louk et al. [25], and Seo et al. [27] by examining their security considerations related to
confidentiality, integrity, and availability. The comparison analysis results are presented as
supported, partially supported, and not supported about confidentiality and
integrity, as is shown in Table 3. And the results are also showed as good, middle,
and weak about availability in Table 3.
Mu [24] suggested a security method for responding to diverse mobile-related threats.
Although each security method is excellent as far as the relevant threat is concerned, it
lacks comprehensive security methods in cases of diverse combined threat attacks. As a
result, it has limitations in confidentiality because the security method does not consider
integrity and usability, and reliability on the detection of the threat or attack itself is also
limited. In Louk [25], an excellent detection method is described using database storage
from aspects of application operation detection and static code analysis. However, there is
a possibility of false warning as this method depends only on static analysis, and because it
only considers application operation, response to integrity and usability that guarantees
detection of threats and attacks is not sufficient. Seo et al. [27] computes risk levels
according to access conditions in case of suspicious malicious applications and detects
malicious code through static analysis. Although this type of method is superior for static
analysis of applications with high-risk levels, it has difficulties finding malicious code
within low-risk applications. To secure reliability, it is necessary to take into account the
insufficient logical grounds for malicious code decision making.
The system where the model suggested in this paper is applied investigates information
about the actual file monitoring, process monitoring, and network monitoring as well as
user content and the pattern and frequency of user behavior. Malicious code was detected
by conducting not only static, but also dynamic analyses. In addition to these detection
schemes, it is capable of distinguishing changing intelligent malicious code with its
inherent monitoring function for integrity guarantee.

6 Conclusion

As smart devices are developed following advancements in IT, various services and works
became possible using networks such as Wi-Fi and WiBro (wireless broadband), in
addition to the 3G network, without restrictions on time and space. Although these smart

123
Intelligent Security Model of Smart Phone Based on Human

devices spread rapidly because of the numerous convenient functions available, the risk of
diverse malicious code also increases as these devices become targets for malicious
attacks, which are becoming increasingly intelligent and transforming into diverse types,
including information leaks, illegal billing, and illegal use of information. The prevalence
and damage done by mobile crimes is ever increasing.
This paper suggests an intelligent security model of smart phone to provide security,
integrity, usability, and reliability of service environments. The suggested model detects
malicious actions using actual file monitoring, process monitoring, and network monitoring
information, as well as users behavior-based data, including user contents, usage patterns,
and usage times. It also provides reliability to users by supplying them with a static and
dynamic analyzer of Android-based applications that can effectively respond to intelligent
malicious code by supporting malicious code analysis.
Future researches will involve instant response to malicious code through compre-
hensive pattern collection and analysis of smart phone users connected to cloud infras-
tructure. For this, a reinforced security model able to prevent private information leaks and
a response model that prevents dissemination of malicious code will be studied within
cloud infrastructure that performs static and dynamic analyses.

Acknowledgments This work was supported by Institute for Information and Communications Tech-
nology Promotion (IITP) Grant funded by the Korea government (MSIP) (No. B0101-15-1293, Cyber
targeted attack recognition and trace-back technology based-on long-term historic analysis of multi-source
data).

References
1. Jeong, Y.-S., Kim, H.-W., & Jang, H. J. (2013). Adaptive resource management scheme for monitoring
of CPS. Journal of Supercomputing, 66(1), 5769.
2. Gil, J.-M., Park, J. H., & Jeong, Y.-S. (2013). Data center selection based on neuro-fuzzy inference
systems in cloud computing environments. Journal of Supercomputing, 66(3), 11941214.
3. Pattaranantakul, M., Sanguannam, K., Sangwongngam, P., & Vorakulpipat, C. (2015). Efficient key
management protocol for secure RTMP video streaming toward trusted quantum network. ETRI
Journal, 37(4), 696706.
4. Degefa, F. B., & Won, D. (2013). Extended key management scheme for dynamic group in multi-cast
communication. Journal of Convergence, 4(4), 713.
5. Malkawi, M. I. (2013). The art of software systems development: Reliability, availability, maintain-
ability, performance (RAMP). Human-Centric Computing and Information Sciences, 3(22), 117.
6. Lee, S.-H., & Lee, I.-Y. (2013). A secure index management scheme for providing data sharing in cloud
storage. Journal of Information Processing Systems, 9(2), 287300.
7. Shrivastava, N., & Kumar, G. (2013). A survey on cost effective multi-cloud storage in cloud com-
puting. International Journal of Advanced Research in Computer Engineering and Technology, 2(4),
14051409.
8. Truong, T.-T., Tran, M.-T., & Duong, A.-D. (2012). Improvement of the more efficient & secure ID-
based remote mutual authentication with key agreement scheme for mobile devices on ECC. Journal of
Convergence, 3(2), 2536.
9. Dahane, A., Berrached, N.-E., & Loukil, A. (2015). A virtual laboratory to practice mobile wireless
sensor networks: A case study on energy efficient and safe weighted clustering algorithm. Journal of
Information Processing Systems, 11(2), 205228.
10. Singh, R., Singh, P., & Duhan, M. (2014). An effective implementation of security based algorithmic
approach in mobile adhoc networks. Human-Centric Computing and Information Sciences, 4(7), 114.
11. Kim, H.-W., Kim, J.-H., Park, J. H., & Jeong, Y.-S. (2014). Time pattern locking scheme for secure
multimedia contents in human-centric device. The Scientific World Journal, 2014, 19.
12. Gaonkar, P. E., Bojewar, S., & Das, J. A. (2013). A survey: Data storage technologies. International
Journal of Engineering Science and Innovative Technology, 2(2), 547554.

123
 D. Moon et al.

13. Dong, B., Zheng, Q., Tian, F., Chao, K., Ma, R., & Anane, R. (2012). An optimized approach for storing
and accessing small files on cloud storage. Journal of Network and Computer Applications, 35(6),
18471862.
14. Chattopadhyay, M., Dan, P. K., & Mazumdar, S. (2014). Comparison of visualization of optimal
clustering using self-organizing map and growing hierarchical self-organizing map in cellular manu-
facturing system. Applied Soft Computing, 22, 528543.
15. Mohammed, J. (2014). Evolution of the next generation of technologies: Mobile and ubiquitous
computing. International Journal of Advanced Research in Science, Engineering and Technology, 1(5),
247253.
16. Park, J. H., Kim, H.-W., & Jeong, Y.-S. (2014). Efficiency sustainability resource visual simulator for
clustered desktop virtualization based on cloud infrastructure. Sustainability, 6, 80798091.
17. Kim, H.-W., Park, J. H., & Jeong, Y.-S. (2015). Human-centric storage resource mechanism for big data
on cloud service architecture. Journal of Supercomputing. doi:10.1007/s11227-015-1390-3.
18. Duan, H., Yu, S., Mei, M., Zhan, W., & Li, L. (2015). CSTORE: A desktop-oriented distributed public
cloud storage system. Computers and Electrical Engineering. doi:10.1016/j.compeleceng.2014.11.001.
19. Suarez-Tangil, G., Conti, M. (2014). Detecting targeted smart phone malware with behavior-triggering
stochastic models. In Proceedings of 19th European symposium on research in computer security, 711
(pp. 183201). Wroclaw, Poland.
20. Raveendranath, R., Rajamani, V., & Datta, S. K. (2014) Android malware attacks and countermeasures:
Current and future directions. In Proceedings of 2014 international conference on control, instru-
mentation, communication and computational technologies, 1011 (pp. 137143). IEEE, Kanyakumari.
21. Luo, T., Hao, H., Du, W., Wang, Y., & Yin, H. (2011). Attacks on WebView in the android system. In
Proceedings of 27th annual computer security applications conference, 59 (pp. 343352). Orlando,
FL, USA.
22. Zhou, Y., & Jiang, X. (2012). Dissecting android malware: Characterization and evolution. In Pro-
ceedings of 2012 IEEE symposium on security and privacy, 2023 (pp. 95109). IEEE, San Francisco,
CA.
23. Kim, H., Smith, J., & Shin, K. G. (2010). Detecting energy-greedy anomalies and mobile malware
variants. In Proceedings of the international conference on mobile systems, applications, and services,
1518 (pp. 239252). ACM, Breckenridge, Colorado, USA.
24. Mu, J., Cui, A., & Rao, J. (2013). Android mobile security-threats and protection. In Proceedings of
international conference on computer, networks and communication engineering (ICCNCE 2013),
2324 (pp. 683686). Atlantis Press, Beijing, China.
25. Louk, M., Lim, H., & Lee, H. (2014). An Analysis of security system for intrusion in smart phone
environment. The Scientific World Journal, 2014 (pp. 112), Article ID 983901.
26. Mohd Foozy, C. F., Ahmad, R., & Abdollah, M. F. (2013). Phishing detection taxonomy for mobile
device. International Journal of Computer Science Issues, 10(1), 338344.
27. Seo, S.-H., Gupta, A., Sallam, A. M., Bertino, E., & Yim, K. (2014). Detecting mobile malware threats
to homeland security through static analysis. Journal of Network and Computer Applications, 38,
4353.

Daesung Moon received his M.S. degree in Department of Computer

Engineering from Busan National University, Busan, Republic of
Korea, in 2001. He received his Ph.D. degree in computer science from
Korea University, Seoul, Republic of Korea, in 2007. He joined the
Electronics and Telecommunications Research Institute, Daejeon,
Republic of Korea, in 2000, where he is currently a senior researcher.
He is also an associate professor in the Department of Information
Security Engineering at University of Science and Technology (UST),
Korea. His research interests include network security, data mining,
biometrics, and image processing.

123
Intelligent Security Model of Smart Phone Based on Human

Ikkyun Kim received the B.C.E., M.S.C.E. and Ph.D degrees in

computer engineering from the Kyungpook National University,
Daegue, South Korea, in 1994, 1996 and 2009 respectively. Dr. Kim
has worked at ETRI (Electronics and Telecommunications Research
Institute) Daejeon, Korea since 1996. He has developed several net-
work-based intrusion detection systems and is currently working on
new anomaly detection method against zero-day attacks for network
security and Big-data analysis for security intelligence. His research
interests include DDoS protection mechanism, high-speed network
protection system, and cloud computing security.

Jae Woong Joo is now a M.S. student in Department Computer and

Engineering at Seoul National University of Science and Technology.
His research interests include Smartphone Security and Ubiquitous
Computing Security.

Hyung Jin Im is now a M.S. student in Department Computer and

Engineering at Seoul National University of Science and Technology.
His research interests include Embedded System Security and Ubiq-
uitous Computing Security.

123
 D. Moon et al.

Dr. Jong Hyuk Park received Ph.D. degrees in Graduate School of

Information Security from Korea University, Korea and Graduate
School of Human Sciences from Waseda University, Japan. From
December, 2002 to July, 2007, Dr. Park had been a research scientist of
R&D Institute, Hanwha S&C Co., Ltd., Korea. From September, 2007
to August, 2009, He had been a professor at the Department of
Computer Science and Engineering, Kyungnam University, Korea. He
is now a professor at the Department of Computer Science and
Engineering and Department of Interdisciplinary Bio IT Materials,
Seoul National University of Science and Technology (SeoulTech),
Korea. Dr. Park has published about 200 research papers in interna-
tional journals and conferences. He has been serving as chairs, pro-
gram committee, or organizing committee chair for many international
conferences and workshops. He is a founding steering chair of some
international conferencesMUE, FutureTech, CSA, UCAWSN, etc.
He is a president of the Future Technology Research Association
International (FTRA) and Korea Information Technology Convergence Society (KITCS). He is editor-in-
chief of Human-centric Computing and Information Sciences (HCIS) by Springer, International Journal of
Information Technology, Communications and Convergence (IJITCC) by InderScience, and Journal of
Convergence (JoC) by FTRA Publishing. He is Associate Editor/Editor of 14 international journals
including 8 journals indexed by SCI(E). In addition, he has been serving as a Guest Editor for international
journals by some publishers: Springer, Elsevier, John Wiley, Oxford University press, Hindawi, Emerald,
Inderscience. His research interests include security and digital forensics, Human-centric ubiquitous com-
puting, context awareness, multimedia services, etc. He got the best paper awards from ISA-08 and ITCS-11
conferences and the outstanding leadership awards from IEEE HPCC-09, ICA3PP-10, IEE ISPA-11, and
PDCAT-11. Furthermore, he got the outstanding research awards from the SeoulTech, 2014. Dr. Park s
research interests include Human-centric Ubiquitous Computing, Vehicular Cloud Computing, Information
Security, Digital Forensics, Secure Communications, Multimedia Computing, etc. He is a member of the
IEEE, IEEE Computer Society, KIPS, and KMMS.

Young-Sik Jeong is a professor in the Department of Multimedia

Engineering at Dongguk University in Korea. His research interests
include multimedia cloud computing, information security of cloud
computing, mobile computing, IoT(Internet of Things), and wireless
sensor network applications. He received his B.S. degree in Mathe-
matics and his M.S. and Ph.D. degrees in Computer Science and
Engineering from Korea University in Seoul, Korea in 1987, 1989, and
1993, respectively. He was a professor in the Department of Computer
Engineering at Wonkwang University in Korea from 1993 to 2012. He
worked and researched to Michigan State University and Wayne State
University as visiting professor in 1997 and 2004 respectively. Since
2002, he has been serving as an IEC/TC 100 Korean Technical
Committee member, as the IEC/TC 108 Chairman of Korean Tech-
nical Committee, and as an ISO/IEC JTC1 SC25 Korean Technical
Committee member. Also He is an EiC(Editor-in-Chief) of Journal of
Information Processing Systems, an associate editor of JoS (Journal of
Supercomputing), IJCS (International Journal of Communication Systems) and an editor of JIT (Journal of
Internet Technology), finally an associate editor of Journal of Human-centric Computing (HCIS). In
addition, he has been serving as a Guest Editor for international journals by some publishers: Springer,
Elsevier, John Wiley, Oxford Univ. Press, Hindawi, Emerald, Inderscience and so on. He is also is a member
of the IEEE. http://ucloud-lab.dongguk.edu.

123