Android Application Project

Transcription

1 Android Application Project Our Project Domains Android Application Cloud Computing Web Security IoT Data Mining / Web Mining BigData Hadoop Networking Arduino Image Processing Raspberry Pi Embedded Arduino Matlab NS 2 Cryptography VLSI

2 1. IEEE 2017: A Classroom Scheduling Service for Smart Classes Abstract: During past decades, the classroom scheduling problem has posed significant challenges to educational programmers and teaching secretaries. In order to alleviate the burden of the programmers, this paper presents Smart Class, which allows the programmers to solve this problem using web services. By introducing service-oriented architecture (SOA), Smart Class is able to provide classroom scheduling services with backstage design space exploration and greedy algorithms. Furthermore, the Smart Class architecture can be dynamically coupled to different scheduling algorithms to fit in specific demands. A typical case study demonstrates that Smart Class provides a new efficient paradigm to the traditional classroom scheduling problem, which could achieve high flexibility by software services reuse and ease the burden of educational programmers. Evaluation results on efficiency, overheads and scheduling performance demonstrate the Smart Class has lower scheduling overheads with higher efficiency. 2. IEEE 2017: GeoMoB A Geo Location based browser for secured Mobile Banking Abstract: With banks reaching its users via mobile banking, it is becoming one of the essential features that are demanded by almost every Smartphone user. Mobile banking via a mobile browser is similar to internet banking. Browsing-based threats for smart phones are just the same as those for personal computers, elevating the need to focus on mobile security. Among the several authentication schemes, geolocation authentication is gaining importance as it is found most suitable for mobile devices. In this paper, GeoMoB, a dedicated secure mobile browser for mobile banking that makes use of multifactor authentication is designed and developed. GeoMoB features a geo location based authentication scheme which ensures security of mobile transactions based on the user location. In addition to the existing two factor authentication scheme using user ID, password and OTP, the mobile number and geo location is used to authenticate the user. The geo location intimates the banks location from where the transaction is going to be performed thus helping banks to ensure secure transactions. The geo location of the user is acquired through the network provider and hence the need for using GSM is eliminated. The multifactor authentication used in GeoMoB ensures security while performing mobile transaction and prevents users from various attacks. 3. IEEE 2017: Privacy and Secure Medical Data Transmission and Analysis for Wireless Sensing Healthcare System Abstract: The convergence of Internet of Things (IoT), cloud computing and wireless bodyarea networks (WBANs) has greatly promoted the industrialization of e-/m-healthcare (electronic-/mobile-healthcare). However, the further flourishing of e-/m-healthcare still faces many challenges including information security and privacy preservation. To address these problems, a healthcare system (HES) framework is designed that collects medical data from WBANs, transmits them through an extensive wireless sensor network infrastructure

3 and finally publishes them into wireless personal area networks (WPANs) via a gateway. Furthermore, HES involves the GSRM (Groups of Send-Receive Model) scheme to realize key distribution and secure data transmission, the HEBM (Homomorphic Encryption Based on Matrix) scheme to ensure privacy and an expert system able to analyze the scrambled medical data and feed back the results automatically. 4. IEEE 2017: Knowledge-Enhanced Mobile Video Broadcasting (KMV-Cast) Framework with Cloud Support Abstract: The convergence of mobile communications and cloud computing facilitates the cross-layer network design and content-assisted communication. Mobile video broadcasting can benefit from this trend by utilizing joint source-channel coding and strong information correlation in clouds. In this paper, a knowledge-enhanced mobile video broadcasting (KMV-Cast) is proposed. The KMV-Cast is built on a linear video transmission instead of traditional digital video system, and exploits the hierarchical Bayesian model to integrate the correlated information into the video reconstruction at the receiver. The correlated information is distilled to obtain its intrinsic features, and the Bayesian estimation algorithm is used to maximize the video quality. The KMV-Cast system consists of both likelihood broadcasting and prior knowledge broadcasting. 5. IEEE 2017: Efficient and Privacy-preserving Min and k-th Min Computations in Mobile Sensing Systems Abstract: Protecting the privacy of mobile phone user participants is extremely important for mobile phone sensing applications. In this paper, we study how an aggregator can expeditiously compute the minimum value or the k-th minimum value of all users data without knowing them. We construct two secure protocols using probabilistic coding schemes and a cipher system that allows homomorphic bitwise XOR computations for our problems. Following the standard cryptographic security definition in the semi-honest model, we formally prove our protocols security. The protocols proposed by us can support time-series data and need not to assume the aggregator is trusted. Moreover, different from existing protocols that are based on secure arithmetic sum computations, our protocols are based on secure bitwise XOR computations, thus are more efficient. 6. IEEE 2017: A Lightweight Secure Data Sharing Scheme for Mobile Cloud Computing Abstract: With the popularity of cloud computing, mobile devices can store/retrieve personal data from anywhere at any time. Consequently, the data security problem in mobile cloud becomes more and more severe and prevents further development of mobile cloud. There are substantial studies that have been conducted to improve the cloud security. However, most of them are not applicable for mobile cloud since mobile devices only have limited computing resources and power. Solutions with low computational overhead are in great need for mobile cloud applications. In this paper, we propose a

4 lightweight data sharing scheme (LDSS) for mobile cloud computing. It adopts CP-ABE, an access control technology used in normal cloud environment, but changes the structure of access control tree to make it suitable for mobile cloud environments. LDSS moves a large portion of the computational intensive access control tree transformation in CP-ABE from mobile devices to external proxy servers. Furthermore, to reduce the user revocation cost, it introduces attribute description fields to implement lazy-revocation, which is a thorny issue in program based CP-ABE systems. The experimental results show that LDSS can effectively reduce the overhead on the mobile device side when users are sharing data in mobile cloud environments. 7. IEEE 2017: Privacy-Preserving Location-Proximity for Mobile Apps Abstract: Location Based Services (LBS) have seen alarming privacy breaches in recent years. While there has been much recent progress by the research community on developing privacy-enhancing mechanisms for LBS, their evaluation has been often focused on the privacy guarantees, while the question of whether these mechanisms can be adopted by practical LBS applications has received limited attention. This paper studies the applicability of Privacy-Preserving Location Proximity (PPLP) protocols in the setting of mobile apps. We categorize popular location social apps and analyze the tradeoffs of privacy and functionality with respect to PPLP enhancements. To investigate the practical performance trade-offs, we present an in-depth case study of an Android application that implements InnerCircle, a state-of-the-art protocol for privacypreserving location proximity. This study indicates that the performance of the privacy-preserving application for coarsegrained precision is comparable to real applications with the same feature set. 8. IEEE 2017: Monet: A User-oriented Behavior-based Malware Variants Detection System for Android Abstract: Android, the most popular mobile OS, has around 78% of the mobile market share. Due to its popularity, it attracts many malware attacks. In fact, people have discovered around one million new malware samples per quarter [1], and it was reported [2] that over 98% of these new malware samples are in fact derivatives (or variants) from existing malware families. In this paper, we first show that runtime behaviors of malware s core functionalities are in fact similar within a malware family. Hence, we propose a framework to combine runtime behavior with static structures to detect malware variants. We present the design and implementation of MONET, which has a client and a backend server module. The client module is a lightweight, in device app for behavior monitoring and signature generation, and we realize this using two novel interception techniques. The backend server is responsible for large scale malware detection. We collect 3723 malware samples and top 500 benign apps to carry out extensive experiments of detecting malware variants and defending against malware transformation. Our experiments show that MONET can achieve around 99% accuracy in detecting malware variants. Furthermore, it can defend against 10 different obfuscation and transformation techniques, while only incurs around 7% performance overhead and about 3% battery

5 overhead. More importantly, MONET will automatically alert users with intrusion details so to prevent further malicious behaviors. 9. IEEE 2017: Efficient Multi-Factor Authenticated Key Exchange Scheme for Mobile Communications Abstract: Authenticated key exchange (AKE) is one of the most important applications in applied cryptography, where a user interacts with a server to set up a session key where pre-registered information (aka. authentication factor), such as a password or biometrics, of the user is stored. While single-factor AKE is widely used in practice, higher security concerns call for multi-factor AKE (MFAKE) schemes, e.g. combining both passwords and biometrics simultaneously. However, in some casually designed schemes, security is even weakened in the sense that leakage of one authentication factor will defeat the whole MFAKE protocol. Furthermore, an inevitable by-product arise that the usability of the protocol often drop greatly. To summarize, the existing multi-factor protocols did not provide enough security and efficiency simultaneously. In this paper, we make one step ahead by proposing a very efficient MFAKE protocol. We define the security model and give the according security analysis. We also implement our protocol on a smartphone and a cloud server. The theoretic comparisons and the experimental results show that our scheme achieves both security and usability. 10. IEEE 2017: My Privacy My Decision: Control of Photo Sharing on Online Social Networks Abstract: Photo sharing is an attractive feature which popularizes Online Social Networks (OSNs). Unfortunately, it may leak users privacy if they are allowed to post, comment, and tag a photo freely. In this paper, we attempt to address this issue and study the scenario when a user shares a photo containing individuals other than himself/herself (termed cophoto for short). To prevent possible privacy leakage of a photo, we design a mechanism to enable each individual in a photo be aware of the posting activity and participate in the decision making on the photo posting. For this purpose, we need an efficient facial recognition (FR) system that can recognize everyone in the photo. However, more demanding privacy setting may limit the number of the photos publicly available to train the FR system. To deal with this dilemma, our mechanism attempts to utilize users private photos to design a personalized FR system specifically trained to differentiate possible photo co-owners without leaking their privacy. We also develop a distributed consensus based method to reduce the computational complexity and protect the private training set. We show that our system is superior to other possible approaches in terms of recognition ratio and efficiency. Our mechanism is implemented as a proof of concept Android application on Facebook s platform. 11. IEEE 2017: P-Lint: A Permission Smell Detector for Android Applications

6 Abstract: Android is built upon a permission-based structure, where apps require access to specific permissions in order to carry out specific functionalities. While Android has provided a set of best practices intended to aid the developer in properly defining and manipulating these permissions on their source code, developers do not always adhere to these guidelines. Although some of the resulting issues may be minor and lead to slight user confusion, other mistakes may create more serious privacy and security related issues. We ve defined improper usage of these permission best practices to be permission smells to indicate possible permissions related syntactic issues and have created a tool P-Lint to assist in the identification of these smells on the source code. P-Lint s goal is to not only help developers create better, more secure apps by providing guidance on properly using permissions, but also in allowing researchers to better understand the common permission smells through empirical analysis on existing apps. P-Lint is publicly available on the project website: IEEE 2017: Searching Trajectories by Regions of Interest Abstract: With the increasing availability of moving-object tracking data, trajectory search is increasingly important. We propose and investigate a novel query type named trajectory search by regions of interest (TSR query). Given an argument set of trajectories, a TSR query takes a set of regions of interest as a parameter and returns the trajectory in the argument set with the highest spatial-density correlation to the query regions. This type of query is useful in many popular applications such as trip planning and recommendation, and location based services in general. TSR query processing faces three challenges: how to model the spatial-density correlation between query regions and data trajectories, how to effectively prune the search space, and how to effectively schedule multiple so-called query sources. To tackle these challenges, a series of new metrics are defined to model spatialdensity correlations. An efficient trajectory search algorithm is developed that exploits upper and lower bounds to prune the search space and that adopts a query-source selection strategy, as well as integrates a heuristic search strategy based on priority ranking to schedule multiple query sources. The performance of TSR query processing is studied in extensive experiments based on real and synthetic spatial data. 13. IEEE 2017: ZapDroid: Managing Infrequently Used Applications on Smartphones Abstract: User surveys have shown that a typical user has over a hundred apps on her smart phone, but stops using many of them. We conduct a user study to identify such unused apps, which we call zombies, and show via experiments that zombie apps consume significant resources on a user s smart phone and access her private information. We then design and build ZapDroid, which enables users to detect and silo zombie apps in an effective way to prevent their undesired activities. If and when the user wishes to resume using such an app, ZapDroid restores the app quickly and effectively. Our evaluations show that: (i) ZapDroid saves twice the energy from unwanted zombie app behaviors as compared to apps from the Play Store that kill background unwanted processes, and (ii) it

7 effectively prevents zombie apps from using undesired permissions. In addition, ZapDroid is energy-efficient, consuming less % of the battery per day. 14. IEEE 2016: Dummy-Based User Location Anonymization Under Real- World Constraints Abstract: According to the growth of mobile devices equipped with a GPS receiver, a variety of location-based services (LBSs) have been launched. Since location information may reveal private information, preserving location privacy has become a significant issue. Previous studies proposed methods to preserve a users' privacy; however, most of them do not take physical constraints into consideration. In this paper, we focus on such constraints and propose a location privacy preservation method that can be applicable to a real environment. In particular, our method anonymizes the user's location by generating dummies which we simulate to behave like real human. It also considers traceability of the user's locations to quickly recover from an accidental reveal of the user's location. We conduct an experiment using five users' real GPS trajectories and compared our method with previous studies. The results show that our method ensures to anonymize the user's location within a pre-determined range. It also avoids fixing the relative positions of the user and dummies, which may give a hint for an LBS provider to identify the real user. In addition, we conducted a user experiment with 22 participants to evaluate the robustness of our method against humans. We asked participants to observe movements of a user and dummies and try to and the real user. As a result, we conformed that our method can anonymize the users' locations even against human's observation. 15. IEEE 2016: SBVLC: Secure Barcode-Based Visible Light Communication for Smartphones Abstract: 2D barcodes have enjoyed a significant penetration rate in mobile applications. This is largely due to the extremely low barrier to adoption almost every camera-enabled smartphone can scan 2D barcodes. As an alternative to NFC technology, 2D barcodes have been increasingly used for security-sensitive mobile applications including mobile payments and personal identification. However, the security of barcode-based communication in mobile applications has not been systematically studied. Due to the visual nature, 2D barcodes are subject to eavesdropping when they are displayed on the smartphone screens. On the other hand, the fundamental design principles of 2D barcodes make it difficult to add security features. In this paper, we propose SBVLC a secure system for barcode-based visible light communication (VLC) between smartphones. We formally analyze the security of SBVLC based on geometric models and propose physical security enhancement mechanisms for barcode communication by manipulating screen view angles and leveraging user-induced motions. We then develop three secure data exchange schemes that encode information in barcode streams. These schemes are useful in many security-sensitive mobile applications including private information sharing, secure device pairing, and contactless payment. SBVLC is evaluated through extensive experiments on both Android and ios smartphones.

8 16. IEEE 2016: Mobile attendance using Near Field Communication and One- Time Password Abstract: This paper introduces a Near Field Communication (NFC) supported College M- Attendance system for University Students. Near Field Communication (NFC) is one of the latest technologies in radio communications and being a subset of RFID technology, it is growing at an enormous pace. NFC technology provides the fastest way to communicate between two devices and it happens within a fraction of a second. It has several applications in Mobile Communications and transactions. An NFC-supported College M- Attendance system for University Students is discussed as one potential use of this technology. The proposed framework replaces manual roll calls and hence, making it resilient to forgery. It gives parents and professors information about the students' attendance. The marking of attendance is quick, unsupervised, and makes use of a One Time Password (OTP) to enhance the security of the system and takes away the possibility of proxy attendance. This paper discusses NFC as a technology that is more secure and convenient than the prevalent technology of Bluetooth, and also elaborates on the proposed framework of the M-Attendance system that makes use of this advantage that NFC has over other technologies. 17. IEEE 2016: Context-Aware Mobile Cloud Computing and Its Challenges Abstract: Cloud computing is gaining popularity due to virtually unlimited resources, low capital cost, ease of adoption, flexible resource provisioning, and high scalability. Considering these benefits, researchers envision the usage of cloud computing for mobile devices to overcome the ever-increasing computational and energy demands of smartphone applications. However, this requires specialized context-ware application development models that can facilitate the development of cloud-enabled applications capable of making context-aware computation offloading decisions. This article provides an overview of mobile cloud computing technology, focusing on its context-awareness aspects and challenges. 18. IEEE 2016: STAMP: Enabling Privacy-Preserving Location Proofs for Mobile Users Abstract: Location-based services are quickly becoming immensely popular. In addition to services based on users' current location, many potential services rely on users' location history, or their spatial-temporal provenance. Malicious users may lie about their spatialtemporal provenance without a carefully designed security system for users to prove their past locations. In this paper, we present the Spatial-Temporal provenance Assurance with Mutual Proofs (STAMP) scheme. STAMP is designed for ad-hoc mobile users generating location proofs for each other in a distributed setting. However, it can easily accommodate trusted mobile users and wireless access points. STAMP ensures the integrity and nontransferability of the location proofs and protects users' privacy. A semi-trusted Certification Authority is used to distribute cryptographic keys as well as guard users against collusion by

9 a light-weight entropy-based trust evaluation approach. Our prototype implementation on the Android platform shows that STAMP is low-cost in terms of computational and storage resources. Extensive simulation experiments show that our entropy-based trust model is able to achieve high collusion detection accuracy. 19. IEEE 2016: PRISM: PRivacy-aware Interest Sharing and Matching in Mobile Social Networks Abstract: In a profile matchmaking application of mobile social networks, users need to reveal their interests to each other in order to find the common interests. A malicious user may harm a user by knowing his personal information. Therefore, mutual interests need to be found in a privacy preserving manner. In this paper, we propose an efficient privacy protection and interests sharing protocol referred to as PRivacy-aware Interest Sharing and Matching (PRISM). PRISM enables users to discover mutual interests without revealing their interests. Unlike existing approaches, PRISM does not require revealing the interests to a trusted server. Moreover, the protocol considers attacking scenarios that have not been addressed previously and provides an efficient solution. The inherent mechanism reveals any cheating attempt by a malicious user. PRISM also proposes the procedure to eliminate Sybil attacks. We analyze the security of PRISM against both passive and active attacks. Through implementation, we also present a detailed analysis of the performance of PRISM and compare it with existing approaches. The results show the effectiveness of PRISM without any significant performance degradation. 20. IEEE 2015: Just-in-Time Code Offloading for Wearable Computing Abstract: Wearable computing becomes an emerging computing paradigm for various recently developed wearable devices, such as Google Glass and the Samsung Galaxy Smart watch, which have significantly changed our daily life with new functions. To magnify the applications on wearable devices with limited computational capability, storage, and battery capacity, in this paper, we propose a novel three-layer architecture consisting of wearable devices, mobile devices, and a remote cloud for code offloading. In particular, we offload a portion of computation tasks from wearable devices to local mobile devices or remote cloud such that even applications with a heavy computation load can still be upheld on wearable devices. Furthermore, considering the special characteristics and the requirements of wearable devices, we investigate a code offloading strategy with a novel just-in-time objective, i.e., maximizing the number of tasks that should be executed on wearable devices with guaranteed delay requirements. Because of the NP-hardness of this problem as we prove, we propose a fast heuristic algorithm based on the genetic algorithm to solve it. Finally, extensive simulations are conducted to show that our proposed algorithm significantly outperforms the other three offloading strategies.

10 21. IEEE 2015: Energy Cost Models of Smartphones for Task Offloading to the Cloud Abstract: Task offloading from smartphones to the cloud is a promising strategy to enhance the computing capability of smartphones and prolong their battery life. However, task offloading introduces a communication cost for those devices. Therefore, the consideration of the communication cost is crucial for the effectiveness of task offloading. To make task offloading beneficial, one of the challenges is to estimate the energy consumed in communication activities of task offloading. Accurate energy estimation models will enable these devices to make the right decisions as to whether or not to perform task offloading, based on the energy cost of the communication activities. Simply put, if the offloading process consumes less energy than processing the task on the device itself, then the task is offloaded to the cloud. To design an energy-aware offloading strategy, we develop energy models of the WLAN, third-generation, and fourth-generation interfaces of smartphones. These models make smartphone scapable of accurately estimating the energy cost of task offloading. We validate the models by conducting an extensive set of experiments on five smartphones from different vendors. The experimental results show that our estimation models accurately estimate the energy required to offload tasks. 22. IEEE 2015: Context-Based Access Control Systems for Mobile Devices Abstract: Mobile Android applications often have access to sensitive data and resources on the user device. Misuse of this data by malicious applications may result in privacy breaches and sensitive data leakage. An example would be a malicious application surreptitiously recording a confidential business conversation. The problem arises from the fact that Android users do not have control over the application capabilities once the applications have been granted the requested privileges upon installation. In many cases, however, whether an application may get a privilege depends on the specific user context and thus we need a context-based access control mechanism by which privileges can be dynamically granted or revoked to applications based on the specific context of the user. In this paper we propose such an access control mechanism. Our implementation of context differentiates between closely located sub-areas within the same location. We have modified the Android operating system so that context-based access control restrictions can be specified and enforced. We have performed several experiments to assess the efficiency of our access control mechanism and the accuracy of context detection. 23. IEEE 2015: Avatar: Mobile Distributed Computing in the Cloud Abstract: Avatar is a system that leverages cloud resources to support fast, scalable, reliable, and energy efficient distributed computing over mobile devices. An avatar is a peruser software entity in the cloud that runs apps on behalf of the user's mobile devices. The avatars are instantiated as virtual machines in the cloud that run the same operating system with the mobile devices. In this way, avatars provide resource isolation and execute an unmodified app component, which simplifies technology adoption. Avatar apps execute over distributed and synchronized (mobile device, avatar) pairs to achieve a global goal. The

11 three main challenges that must be overcome by the Avatar system are: creating a highlevel programming model and a middleware that enable effective execution of distributed applications on a combination of mobile devices and avatars, re-designing the cloud architecture and protocols to support billions of mobile users and mobile apps with very different characteristics from the current cloud work loads, and explore new approaches that balance privacy guarantees with app efficiency/usability. We have built a basic Avatar prototype on Android devices and Android x86 virtual machines. An application that searches for a lost child by analyzing the photos taken by people at a crowded public event runs on top of this prototype. 24. IEEE 2015: Developing an efficient digital image watermarking for smartphones Abstract: In recent years, Smartphone usage has been increasing rapidly to the point where it surpassed all other electronic devices. Multimedia sharing and Image/Video capturing are amongst the most utilized functionalities of smartphones. Smartphones and Internet availability made the capture, transmission and storage of digital data very easy and convenient. The simplicity, connectivity, and strong capabilities of such devices make it very hard to protect the privacy and Intellectual Property (IP) of digital multimedia. While all types of digital multimedia are at risk, digital images are severely affected. Editing and converting digital images can be done quite easily, and hence protecting them becomes even harder. Digital image watermarking is a technique used to authenticate and protect the IP of digital images. In this paper we propose an efficient and flexible digital watermarking system that runs on Android devices. The system uses RAW images (a feature of the most recent Android software, called Lollipop) to embed a watermark at an early stage before any modification and conversion of the image. The system incorporates publickey cryptography for increased protection. A simple and robust water marking technique is utilized for efficiency. Other watermarking techniques are offered for flexibility. Finally, the system uses the inherent features of the Android operating system to run in parallel and be available to other applications. 25. IEEE 2015: Sesame: a secure and convenient mobile solution for passwords Abstract: Passwords are the main and most common method of remote authentication. However, they have their own frustrating challenges. Users tend to forget passwords that are chosen to be hard to guess.password managers are an approach to keeping our passwords safe. However, they mainly rely on one master password to secure all of our passwords. If this master password is compromised then all other passwords can be recovered. In this work, we introduce Sesame: a secure yet convenient mobile-based, voiceactivated password manager. It combines all different methods of user authentication to create a more robust digital vault for personal data. Each password is encrypted with a new fresh key on the user's mobile device for maximum security. The keys are stored in our servers in a protected format. The user has the option of backing up the encrypted

12 passwords in any cloud service. To view a password, the user only needs to utter the name of a web service, and speaker and speech recognition are applied for authentication. Only the key for that service is sent to the mobile application and the password is decrypted and displayed. The biggest advantage of Sesame is that the user need not assume any trust to neither our servers nor any cloud storage. Also, there is no need to enter a master password every time since speaker recognition is used. However, as an alternative to voice, users can view their passwords using a master password in case voice is not available. We provide a brief analysis of the security of our solution that has been implemented on Android platform and freely available on Google Play. Sesame is an ideal and practical solution for mobile password managers. 26. IEEE 2014: NFC based applications for visually impaired people - A review Abstract: Recent technological developments provide technical assistance that enables supporting people with visual disabilities in their everyday tasks and improve their quality of life. Considering that about 90% of the world visually impaired people live in developing countries, particularly in the local context, in Saudi Arabia, there is a lack of assistive tools and adapted environment supporting people with visual disabilities. To overcome this problem, a wide variety of relatively inexpensive applications adapt Near Field Communications (NFC) tagging technology in the development of assistive tools for people with visual disabilities. In this article, we will systematically review the current adaptation of NFC technology for visually disabled people and introduce NFC practical applications to help them overcome challenging tasks that they may encounter every day. 27. IEEE 2014: NFC based secure mobile healthcare system Abstract: With the recent increase in usage of mobile devices especially in developing countries, they can be used for an efficient healthcare management. In this work, we have proposed a novel architecture for improving healthcare system with the help of Android based mobile devices with NFC [1] and Bluetooth interfaces, smartcard technology on tamper resistant secure element (SE) for storing credentials and secure data, and a Health Secure service on a hybrid cloud for security and health record management. The main contribution of this paper is proposal of applications for i) Secure Medical Tags for reducing medical errors and ii) Secure Health card for storing Electronic Health Record (EHR) based on Secure NFC Tags, mobile device using NFC P2P Mode or Card Emulation Mode. We have also briefly mentioned a basic security framework requirement for the applications. Since NFC NDEF format is prone to security attacks [2], we have utilized low level APIs on Android based mobile devices, to securely access NFC tags such as MIFARE Classic tags with NFC-A (ISO A) properties. Simple touch of NFC enabled mobile devices can benefit both the patient as well as the medical doctors by providing a robust and secure health flow. It can also provide portability of devices and usability for health management in emergency situation, overpopulated hospitals and remote locations. 28. IEEE 2014: Anti-theft application for android based devices

13 Abstract: This paper presents a technique to improve anti-theft for android based mobile phones by using different services like MMS instead of SMS. As the use of smartphones, tablets, phablets based on android operating system is increasing, many scenarios related with anti-theft have already been proposed and many software based on anti-theft have also been developed, but most of these software are not freely available and it's difficult to identify the thief by using these software's e.g. GPS Tracking. We put forward a new scheme, which enhances the present scenario, based on new technologies like Multimedia Messages. The scenario proposed in this work is totally dependent on the hardware of your smartphone like camera (front & back) and support for multimedia messages. Once this software is installed, it will work in the background, stores the current SIM number in a variable and keeps checking continuously for SIM change, whenever SIM gets changed from mobile, it will take snapshots and record a video in the background i.e., without taking user permission and then it will send an MMS, and number of snap shots, to an alternate mobile number and an id, which was provided during installation. The enviable advantage of this software is that it is very easy to configure and it keeps running in the background without interrupting the user. To some extent it helps the owner to identify the thief. 29. IEEE 2014: Privacy-Preserving Optimal Meeting Location Determination on Mobile Devices Abstract: Equipped with state-of-the-art smartphones and mobile devices, today's highly interconnected urban population is increasingly dependent on these gadgets to organize and plan their daily lives. These applications often rely on current (or preferred) locations of individual users or a group of users to provide the desired service, which jeopardizes their privacy; users do not necessarily want to reveal their current (or preferred) locations to the service provider or to other, possibly untrusted, users. In this paper, we propose privacypreserving algorithms for determining an optimal meeting location for a group of users. We perform a thorough privacy evaluation by formally quantifying privacy-loss of the proposed approaches. In order to study the performance of our algorithms in a real deployment, we implement and test their execution efficiency on Nokia smartphones. By means of a targeted user-study, we attempt to get an insight into the privacy-awareness of users in location-based services and the usability of the proposed solutions. 30. IEEE 2014: How Long to Wait? Predicting Bus Arrival Time With Mobile Phone Based Participatory Sensing Abstract: The bus arrival time is primary information to most city transport travelers. Excessively long waiting time at bus stops often discourages the travelers and makes them reluctant to take buses. In this paper, we present a bus arrival time prediction system based on bus passengers' participatory sensing. With commodity mobile phones, the bus passengers' surrounding environmental context is effectively collected and utilized to estimate the bus traveling routes and predict bus arrival time at various bus stops. The proposed system solely relies on the collaborative effort of the participating users and is independent from the bus operating companies, so it can be easily adopted to support

14 universal bus service systems without requesting support from particular bus operating companies. Instead of referring to GPS-enabled location information, we resort to more generally available and energy efficient sensing resources, including cell tower signals, movement statuses, audio recordings, etc., which bring less burden to the participatory party and encourage their participation. We develop a prototype system with different types of Android-based mobile phones and comprehensively experiment with the NTU campus shuttle buses as well as Singapore public buses over a 7-week period. The evaluation results suggest that the proposed system achieves outstanding prediction accuracy compared with those bus operator initiated and GPS supported solutions. We further adopt our system and conduct quick trial experiments with London bus system for 4 days, which suggests the easy deployment of our system and promising system performance across cities. At the same time, the proposed solution is more generally available and energy friendly. 31. IEEE 2013: SPOC: A Secure and Privacy-Preserving Opportunistic Computing Framework for Mobile-Healthcare Emergency Abstract: With the pervasiveness of smart phones and the advance of wireless body sensor networks (BSNs),mobile Healthcare (m-healthcare), which extends the operation of Healthcare provider into a pervasive environment for better health monitoring, has attracted considerable interest recently. However, the flourish of m-healthcare still faces many challenges including information security and privacy preservation. In this paper, we propose a secure and privacy-preserving opportunistic computingframework, called SPOC, for m-healthcare emergency. With SPOC, smart phone resources including computing power and energy can be opportunistically gathered to process the computing-intensive personal health information (PHI) during m-healthcare emergency with minimal privacy disclosure. In specific, to leverage the PHI privacy disclosure and the high reliability of PHI process and transmission in m-healthcare emergency, we introduce an efficient user-centric privacy access control in SPOC framework, which is based on an attribute-based access control and a new privacy-preserving scalar product computation (PPSPC) technique, and allows a medical user to decide who can participate in the opportunistic computing to assist in processing his overwhelming PHI data. Detailed security analysis shows that the proposed SPOC framework can efficiently achieve user-centric privacy access control in m-healthcare emergency. In addition, performance evaluations via extensive simulations demonstrate the SPOC's effectiveness in term of providing high-reliable-phi process and transmission while minimizing the privacy disclosure during m-healthcare emergency. 32. IEEE 2013: Wireless sensor networks using Android Virtual Devices and Near Field Communication peer-to-peer emulation Abstract: Several new Android smartphones support Near Field Communication (NFC). The Android SDK provides an NFC API that can be used to develop NFC applications that conduct peer-to-peer (P2P) data exchange. The Android emulator does not support P2P communication between instances of the Android Virtual Device (AVD). In addition to this constraint, P2P experimentation on actual smartphones is difficult due to limited NFC support. To fill the gap created by this minimal support, we propose the Java Mail NFC API

15 (JNFC). JNFC uses the Java Mail API to emulate the functionality of the Android NFC P2P API. To evaluate the performance of JNFC, we created the DroidWSN Wireless Sensor Network (WSN) model and implemented it as an Android application. We design and conduct an experiment for our DroidWSN model to measure the execution time of our Android application WSN on AVDs. We compare our simulation results against those from a similar experiment that measured the execution time of a WSN composed of Sun SPOT wireless devices. While the execution time of our DroidWSN model is slower, we assert that our design is more simple and flexible than that of our comparison study. We conclude that this benefit and the factors of JNFC cost (it is open source), the quality and quantity of Android smartphone sensors, and imminent Android smartphone support for NFC P2P, combine to make JNFC and the Android AVD a platform for NFC and WSN research. Our study also emphasizes the need for Google to create Android NFC P2P and sensor emulation APIs.