Despite many applications, mobile cloud computing induces privacy concerns. In particular, when mobile device users offload the computation of a mobile app to the cloud, they may not want the cloud service provider (CSP) to know what kind of app they are using, since that information might be used to infer their personal activities and living habits. One possible way for the CSP to learn the type of an offloaded app is to observe the resource usage patterns of the app (e.g., CPU and memory usage), since different apps have different resource needs due to their distinct computation workloads.

To assess this risk, this paper answers the following question: Can the type of mobile app (e.g., email, web browsing, mobile game, etc.) used by a user be inferred from the resource usage pattern of the mobile app? We investigate the resource usage patterns of apps and whether the difference in resource usage pattern is sufficient to classify different types of apps.

Specifically, two privacy attacks under the same framework are proposed based on supervised learning algorithms. Then these attacks are implemented and tested in a mobile device and in a cloud computing environment. Experiments show that, when the resource usage patterns on a mobile device are used, the type of app can be inferred with high probabilities; when the resource usage patterns on a cloud server are used, the type of app can be inferred with accuracy much higher than random guess.

This is my Master Thesis. The paper version of it has been accepted in the 5th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering. The conference will be held on April 7-9, 2017 at Holiday Inn, San Francisco, California.

IEEE Explore link: http://ieeexplore.ieee.org/document/7944876/

You can find related PDF(s) below:

Above is the view of the room several minutes before I did my thesis defense.