Personal Privacy Protection Framework Based on Hidden Technology for Smartphones

Abstract

Smartphones are increasingly used for storing a large amount of sensitive used data. Users can protect their sensitive data through encryption and locking screen. A pattern lock is one of the ways to lock a screen. This method is used by most users because of its ease of use and memorization. However, a pattern lock with low security level is inadequate to protect the sensitive data of the user when it encounters a brute force or other physical attack (e.g., smudge attack). Furthermore, it bypasses all of the protection measures of mobile device when users are coerced into disclosing their passwords. Steganographic techniques and deniable encryption are designed to protect the sensitive data of the user as well as secure communications and can hide sensitive data on a disk or during communication with other devices. To overcome these deficiencies that mobile devices present, we present a novel, practical safe framework called MobiMimosa that is based on plausible deniable encryption. MobiMimosa enables multiple hidden encryption volumes and dynamic mounting of hidden volumes, which facilitates the transfer of sensitive data from a normal volume to a hidden volume. Simultaneously, to meet the personalized needs of the security of the mobile device, MobiMimosa enables a strategy to be set that can trigger the uninstalling of a sensitive app and the destruction of sensitive data. MobiMimosa also greatly alleviates corruption of the cross-volume boundary that is present in previous smartphone PDE schemes. We implemented a prototype system on the android device.