research-article

Remotely wiping sensitive data on stolen smartphones

Authors:

Jiwu JingAuthors Info & Claims

ASIA CCS '14: Proceedings of the 9th ACM symposium on Information, computer and communications security

Pages 537 - 542

https://doi.org/10.1145/2590296.2590318

Published: 04 June 2014 Publication History

Abstract

Smartphones are playing an increasingly important role in personal life and carrying massive private data. Unfortunately, once the smartphones are stolen, all the sensitive information, such as contacts, messages, photos, credit card information and passwords, may fall into the hands of malicious people. In order to protect the private data, remote deletion mechanism is required to allow owners to wipe the sensitive data on the stolen phone remotely. Existing remote deletion techniques rely on the availability of either WiFi for Internet connection or SIM card for cellular network connection; however, these requirements may not be satisfied when the phones are stolen by some sophisticated adversaries. In this paper, we propose a new remote deletion mechanism that allows the phone owner to delete the private data remotely even if the WiFi is disabled and the SIM card is unplugged. The basic idea is to use emergency call mechanisms to establish a communication connection with a service provider to verify the state of the phone and perform remote deletion. We present a case study of our mechanism with the Universal Mobile Telecommunications System (UMTS) network.

References

[1]

AMTA. FAQs on mobile security. http://www.amta.org.au/pages/amta/FAQs.on.mobile.security.

[2]

Brian X. Chen. New York Asks Cellphone Carriers to Explain Why They Rejected Antitheft Switch. http://www.nytimes.com/2013/12/11/technology/new-york-asks-cellphone-carriers-to-explain-why-they-rejected-antitheft-switch.html.

[3]

ETSI. TS24.008 Mobile Radio Interface Layer 3 Specification. www.etsi.org/deliver/etsi_ts/124000_124099/124008/08.06.00_60/ts_124008v080600p.pdf.

[4]

Apple Inc. Find my iPhone, iPad, iPod touch, or Mac. www.apple.com/support/icloud/find-my-device/.

[5]

AVAST Inc. Avast Free Mobile Security. http://www.avast.com/en-us/free-mobile-security.

[6]

McAfee Inc. The lost smartphone problem. http://www.mcafee.com/us/resources/reports/rp-ponemon-lost-smartphone-problem.pdf.

[7]

Iulia Ion, Niharika Sachdeva, Ponnurangam Kumaraguru, and Srdjan Capkun. Home is safer than the cloud! : privacy concerns for consumer cloud storage. In Proceedings of the Seventh Symposium on Usable Privacy and Security, page 13. ACM, 2011.

Digital Library

[8]

Inwhee Joe and Yoonsang Lee. Design of remote control system for data protection and backup in mobile devices. In Interaction Sciences (ICIS), 2011 4th International Conference on, pages 189--193. IEEE, 2011.

[9]

Senthilraja R. G. Aghila Kuppusamy. A model for remote access and protection of smartphones using short message service. International Journal of Computer Science, Engineering and Information Technology (IJCSEIT), Vol.2, No.1, February 2012.

[10]

M Milian. Military to get secure Android phones. http://edition.cnn.com/2012/02/03/tech/mobile/government-android-phones/.

[11]

Lookout Mobile Security. Lost and Found: The challenges of finding your lost or stolen phone. https://blog.lookout.com/blog/2011/07/12/lost-and-found-the-challenges-of-finding-your-lost-or-stolen-phone/.

[12]

Avinash Srinivasan and Jie Wu. SafeCode--Safeguarding Security and Privacy of User Data on Stolen iOS Devices. In Cyberspace Safety and Security, pages 11--20. Springer, 2012.

Digital Library

[13]

Symantec Inc. Norton Mobile Security. https://antitheft.norton.com/.

[14]

Yang Tang, Phillip Ames, Sravan Bhamidipati, Ashish Bijlani, Roxana Geambasu, and Nikhil Sarda. CleanOS: Limiting mobile data exposure with idle eviction. In Proceedings of the USENIX Conference on Operating Systems Design and Implementation, Berkeley, CA, USA, 2012.

Digital Library

[15]

Joe Wilcox. Two stories of smartphones stolen. http://www.oddlytogether.com/post/485601927/two-stories-of-smartphones-stolen.

Cited By

Mandela NWangchuk TMbinda TDamedjate KMwendwa GMakopa J(2024)IMEI-based Mobile Device Tracking and Stolen Phone Identification System2024 11th International Conference on Computing for Sustainable Global Development (INDIACom)10.23919/INDIACom61295.2024.10498212(1115-1121)Online publication date: 28-Feb-2024
https://doi.org/10.23919/INDIACom61295.2024.10498212
Imanda HRasmussen K(2023)Nakula: Coercion Resistant Data Storage against Time-Limited AdversaryProceedings of the 18th International Conference on Availability, Reliability and Security10.1145/3600160.3600175(1-11)Online publication date: 29-Aug-2023
https://dl.acm.org/doi/10.1145/3600160.3600175
Alsunaidi SAlmuhaideb A(2021)A strong smartphone authentication model to control cellular network access using blockchainWireless Networks10.1007/s11276-021-02542-0Online publication date: 12-Mar-2021
https://doi.org/10.1007/s11276-021-02542-0
Show More Cited By

Index Terms

Remotely wiping sensitive data on stolen smartphones
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Unblocking Stolen Mobile Devices Using SS7-MAP Vulnerabilities: Exploiting the Relationship between IMEI and IMSI for EIR Access
TRUSTCOM '15: Proceedings of the 2015 IEEE Trustcom/BigDataSE/ISPA - Volume 01

The increase in usage of mobile phones and the relative increase in the number of mobile phone thefts have imposed an overhead on securely retrieving the stolen or missing devices. While the mobile security researchers try to figure out various ...
honeyM: a framework for implementing virtual honeyclients for mobile devices
WiSec '10: Proceedings of the third ACM conference on Wireless network security

This paper presents honeyM, a framework for deploying virtual mobile device honeyclients. Honeyclients provide the ability discover early warnings about novel attacks and ex- ploitations and are typically deployed to protect wired infrastructure. In a ...
Unblocking Stolen Mobile Devices Using SS7-MAP Vulnerabilities: Exploiting the Relationship between IMEI and IMSI for EIR Access
TRUSTCOM '15: Proceedings of the 2015 IEEE Trustcom/BigDataSE/ISPA - Volume 01

The increase in usage of mobile phones and the relative increase in the number of mobile phone thefts have imposed an overhead on securely retrieving the stolen or missing devices. While the mobile security researchers try to figure out various ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ASIA CCS '14: Proceedings of the 9th ACM symposium on Information, computer and communications security

June 2014

556 pages

ISBN:9781450328005

DOI:10.1145/2590296

General Chair:
Shiho Moriai
NICT, Japan
,
Program Chairs:
Trent Jaeger
Penn State University, USA
,
Kouichi Sakurai
Kyushu University, Japan

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 June 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

ASIA CCS '14

Sponsor:

SIGSAC

ASIA CCS '14: 9th ACM Symposium on Information, Computer and Communications Security

June 4 - 6, 2014

Kyoto, Japan

Acceptance Rates

ASIA CCS '14 Paper Acceptance Rate 50 of 255 submissions, 20%;

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

12
Total Citations
View Citations
453
Total Downloads

Downloads (Last 12 months)22
Downloads (Last 6 weeks)1

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Mandela NWangchuk TMbinda TDamedjate KMwendwa GMakopa J(2024)IMEI-based Mobile Device Tracking and Stolen Phone Identification System2024 11th International Conference on Computing for Sustainable Global Development (INDIACom)10.23919/INDIACom61295.2024.10498212(1115-1121)Online publication date: 28-Feb-2024
https://doi.org/10.23919/INDIACom61295.2024.10498212
Imanda HRasmussen K(2023)Nakula: Coercion Resistant Data Storage against Time-Limited AdversaryProceedings of the 18th International Conference on Availability, Reliability and Security10.1145/3600160.3600175(1-11)Online publication date: 29-Aug-2023
https://dl.acm.org/doi/10.1145/3600160.3600175
Alsunaidi SAlmuhaideb A(2021)A strong smartphone authentication model to control cellular network access using blockchainWireless Networks10.1007/s11276-021-02542-0Online publication date: 12-Mar-2021
https://doi.org/10.1007/s11276-021-02542-0
Chen JHengartner UKhan HMannan MCapkun SRoesner F(2020)ChaperoneProceedings of the 29th USENIX Conference on Security Symposium10.5555/3489212.3489231(325-342)Online publication date: 12-Aug-2020
https://dl.acm.org/doi/10.5555/3489212.3489231
Alsunaidi SAlmuhaideb A(2019)Security Methods Against Potential Physical Attacks on Smartphones2019 2nd International Conference on Computer Applications & Information Security (ICCAIS)10.1109/CAIS.2019.8769458(1-6)Online publication date: May-2019
https://doi.org/10.1109/CAIS.2019.8769458
Groß STiwari AHammer C(2018)ThiefTrap – An Anti-theft Framework for AndroidSecurity and Privacy in Communication Networks10.1007/978-3-319-78813-5_9(167-184)Online publication date: 11-Apr-2018
https://doi.org/10.1007/978-3-319-78813-5_9
Leom MChoo KHunt R(2016)Remote Wiping and Secure Deletion on Mobile Devices: A ReviewJournal of Forensic Sciences10.1111/1556-4029.1320361:6(1473-1492)Online publication date: 21-Sep-2016
https://doi.org/10.1111/1556-4029.13203
Chang SLu TSong H(2016)SmartDog: Real-Time Detection of Smartphone Theft2016 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData)10.1109/iThings-GreenCom-CPSCom-SmartData.2016.61(223-228)Online publication date: Dec-2016
https://doi.org/10.1109/iThings-GreenCom-CPSCom-SmartData.2016.61
Yu ZHuang LGuo HXu H(2016)i-Shield: A System to Protect the Security of Your SmartphoneKnowledge Science, Engineering and Management10.1007/978-3-319-47650-6_36(453-464)Online publication date: 5-Oct-2016
https://doi.org/10.1007/978-3-319-47650-6_36
Alshammari NMylonas ASedky MChampion JBauer C(2015)Exploring the Adoption of Physical Security Controls in SmartphonesProceedings of the Third International Conference on Human Aspects of Information Security, Privacy, and Trust - Volume 919010.5555/2991236.2991265(287-298)Online publication date: 2-Aug-2015
https://dl.acm.org/doi/10.5555/2991236.2991265
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents