Research Student Profile

Home People Profile...

Dr Fudong Li PhD

Research Student

Brief biographical information

fudong.li@plymouth.ac.uk

Access thesis on-line

Behaviour Profiling for Mobile Devices

With more than 5 billion users globally, mobile devices have become ubiquitous in our daily life.
The modern mobile handheld device is capable of providing many multimedia services through a
wide range of applications over multiple networks as well as on the handheld device itself. These
services are predominantly driven by data, which is increasingly associated with sensitive
information. Such a trend raises the security requirement for reliable and robust verification
techniques of users.


This thesis explores the end-user verification requirements of mobile devices and proposes a novel
Behaviour Profiling security framework for mobile devices. The research starts with a critical
review of existing mobile technologies, security threats and mechanisms, and highlights a broad
range of weaknesses. Therefore, attention is given to biometric verification techniques which have
the ability to offer better security. Despite a large number of biometric works carried out in the
area of transparent authentication systems (TAS) and Intrusion Detection Systems (IDS), each have
a set of weaknesses that fail to provide a comprehensive solution. They are either reliant upon a
specific behaviour to enable the system to function or only capable of providing security for
network based services. To this end, the behaviour profiling technique is identified as a potential
candidate to provide high level security from both authentication and IDS aspects, operating in a
continuous and transparent manner within the mobile host environment.


This research examines the feasibility of a behaviour profiling technique through mobile users
general applications usage, telephone, text message and multi-instance application usage with the
best experimental results Equal Error Rates (EER) of 13.5%, 5.4%, 2.2% and 10% respectively.
Based upon this information, a novel architecture of Behaviour Profiling on mobile devices is
proposed. The framework is able to provide a robust, continuous and non-intrusive verification
mechanism in standalone, TAS or IDS modes, regardless of device hardware configuration. The
framework is able to utilise user behaviour to continuously evaluate the system security status of
the device. With a high system security level, users are granted with instant access to sensitive
services and data, while with lower system security levels, users are required to reassure their
identity before accessing sensitive services.


The core functions of the novel framework are validated through the implementation of a
simulation system. A series of security scenarios are designed to demonstrate the effectiveness of
the novel framework to verify legitimate and imposter activities. By employing the smoothing
function of three applications, verification time of 3 minutes and a time period of 60 minutes of
the degradation function, the Behaviour Profiling framework achieved the best performance with
False Rejection Rate (FRR) rates of 7.57%, 77% and 11.24% for the normal, protected and overall
applications respectively and with False Acceptance Rate (FAR) rates of 3.42%, 15.29% and 4.09%
for their counterparts.

Dr Fudong Li

Director of studies: Dr Nathan L Clarke
Other supervisors: Dr Maria Papadaki, Dr Paul S Haskell-Dowland

Journal papers

An Automated Approach for Digital Forensic Analysis of Heterogeneous Big Data
Mohammed H, Clarke NL, Li F
The Journal of Digital Forensics, Security and Law: JDFSL, Volume 11 Issue 2 Pages 137-152, 2016
More details | External link available

Leveraging Biometrics for Insider Misuse Identification
Alruban A, Clarke NL, Li F, Furnell SM
International Journal on Cyber Situational Awareness (IJCSA), Vol. 1, No. 1, 2016, article 7, 2016
More details | External link available

A suspect-oriented intelligent and automated computer forensic analysis
Al Fahdi M, Clarke NL, Li F, Furnell SM
Digital Investigation, Volume 18, pp. 65-76, 2016
More details | External link available

Active Authentication: The Panacea of Access Control
Clarke NL, Li F
Journal of Information System Security, Volume 11, Number 3, pp185-199, ISSN 1551-0123, 2015
More details | External link available

End-to-middle-to-end solution for IMS media plane security
Fajardo JO, Liberal F, Li F, Clarke NL, Mkwawa IH
Electronic Commerce Research, Springer US, 2014
More details | External link available

Active authentication for mobile devices utilising behaviour profiling
Li F, Clarke NL, Papadaki M, Dowland PS
International Journal of Information Security, Volume 13, Issue 3, pp229-244, ISSN:1615-5262, 2014
More details | External link available

Misuse Detection for Mobile Devices Using Behaviour Profiling
Li F, Clarke NL, Papadaki M, Dowland PS
International Journal of Cyber Warfare & Terrorism, Volume 1, Issue 1, pp43-55, ISSN: 1947-3435, 2011
More details | External link available

7 Journal papers

Conference papers

Insider Misuse Identification using Transparent Biometrics
Clarke NL, Li F, Alruban A, Furnell SM
Proceedings of the 50th Hawaii International Conference on System Sciences, January 04 - 07, Hawaii USA, 2017
More details | External link available

User profiling from network traffic via novel application-level interactions
Alotibi G, Clarke NL, Li F, Furnell SM
11th International Conference for Internet Technology and Secured Transactions (ICITST), pp 279-285, Barcelona, Spain, 2016
More details | External link available

Activity Recognition using wearable computing
Al-Naffakh N, Clarke NL, Dowland PS, Li F
11th International Conference for Internet Technology and Secured Transactions (ICITST), pp. 189-195, Barcelona, Spain, 2016
More details | External link available

Proactive Biometric-Enabled Forensic Imprinting
Alruban A, Clarke NL, Li F, Furnell SM
International Conference on Cyber Incident Response, Coordination, Containment & Control (Cyber Incident 2016), June 13-14, London, UK, 2016
Winner of the Best Paper Award (Cyber Incident 2016)
More details

Information Security and Practice: The User's Perspective
Clarke NL, Li F, Furnell SM, Stengel I, Ganis G
Proceedings of the 11th International Conference On Cyber Warfare and Security (ICCWS-2016), pp81-89, ISSN:2048-9870, ISBN:9781910810835, 17-18 March 2016, Boston, USA, 2016
More details

Active Authentication: The Panacea of Access Control?
Clarke NL, Li F
Proceedings of the 14th Annual Security Conference, May 19-21, Las Vegas, USA, 2015
More details

Forensic Investigation of Network Traffic: A Study into the Derivation of Application-Level features from Network-Level Metadata
Li F, Clarke NL, Alotibi G, Joy D
6th Annual International Conference on ICT: Big data, Could and Security (ICT-BDCS 2015), 27-28 July, ISSN: 2382-5669, pp68-73, 2015
More details | External link available

Behavioral-Based Feature Abstraction from Network Traffic
Alotibi G, Li F, Clarke NL, Furnell SM
10th International Conference on Cyber warfare and Security, Kruger National Park, South Africa, 24-25 March, pp1-9, ISBN 978-1-910309-97-1, 2015
More details

A User-oriented Network Forensic Analyser: The Design of a High-Level Protocol Analyser
Joy D, Li F, Clarke NL, Furnell SM
Proceedings of the 12th Australian Digital Forensics Conference, 1-3 December, ECU Joondalup Campus, Perth, Western Australia, pp 84-93, ISBN 978-0-7298-0719-7, 2014
More details

Performance Evaluation of A Technology Independent Security Gateway for Next Generation Networks
Li F, Clarke NL, Furnell SM, Mkwawa IH
Wireless and Mobile Computing, Networking and Communications (WiMob), IEEE 10th International Conference on Emergency Networks for Public Protection and Disaster Relief, 8-10 October 2014 in Larnaca, Cyprus, page 281-286, 2014
More details | External link available

Performance-driven evaluation for deploying IMS-based interoperability scenarios
Fajardo JO, Liberal F, Li F, Clarke NL, Mkwawa IH, Sun L
IEEE International Conference on Communications (IEEE ICC 2014), 10-14 June 2014, Sydney, Australia, pp.3019-3024, 2014
More details | External link available

An Evaluation of Behavioural Profiling on Mobile Devices
Li F, Wheeler R, Clarke NL
Proceedings of the Second International Conference HAS 2014, Held as Part of HCI International 2014, Heraklion, Crete, Greece, June 22-27, pp330-339 in Human Aspects of Information Security, Privacy, and Trust, Lecture Notes in Computer Science, Volume 8533, 2014
More details | External link available

Data Carving using Artificial Headers
Daniel R, Clarke NL, Li F
Proceedings of the 13th Annual Security Conference, Las Vegas, USA, 2014
More details

User Requirements for Future Wideband Critical Communications
Liberal F, Ramos M, Fajardo JO, Goi N, Bizkarguenaga A, Mesogiti I, Theodoropoulou E, Lyberopoulos G, Koumaras H, Sun L, Clarke NL, Li F
Proceeding of the International Workshop on Emergency Telecommunications Systems (ETS 2013), Wrexham, UK, 12 September, pp341-348, 2013
More details

A Technology Independent Security Gateway for Future Emergency Telecommunication Systems (ETS)
Li F, Clarke NL, Furnell SM, Fajardo JO, Liberal F, Sidibe M
Proceeding of the International Workshop on Emergency Telecommunications Systems (ETS 2013), Wrexham, UK, 12 September, pp299-308, 2013
More details

A Technology Independent Security Gateway for Real-Time Multimedia Communication
Li F, Clarke NL, Furnell SM
Proceedings of the 7th International Conference on Network and System Security (NSS2013), 3-4 June 2013, Madrid, Spain, pp14-25, 2013
More details

Multimodal Biometric Surveillance using a Kinect Sensor
Savage R, Clarke NL, Li F
Proceedings of the 12th Annual Security Conference, April, Las Vegas, USA, 2013
More details | Download PDF

Behaviour Profiling for Transparent Authentication for Mobile Devices
Li F, Clarke NL, Papadaki M, Dowland PS
Proceedings of the 10th European Conference on Information Warfare and Security (ECIW), Tallinn, Estonia 7-8 July, pp307-314, 2011
Awarded best PhD paper.
More details

Behaviour Profiling on Mobile Devices
Li F, Clarke NL, Papadaki M, Dowland PS
International Conference on Emerging Security Technologies, 6-8 September, Canterbury, UK, pp77-82, 2010
More details | External link available

Intrusion Detection System for Mobile Devices: Investigation on Calling Activity
Li F, Clarke NL, Papadaki M
Proceedings of the 8th Security Conference, April, Las Vegas, USA, 2009
More details | Download PDF

User Perception of the Security & Privacy Concerns of RFID Technology
Li F, Clarke NL, Bolan C
Proceedings of the International Symposium on Human Aspects of Information Security & Assurance (HAISA 2007), Plymouth, UK, ISBN: 978-1-84102-174-4, pp156-169, 2007
Can be ordered on-line.
More details | Download PDF

21 Conference papers

Posters

A Framework of User Identification From Network Traffic
Alotibi G, Clarke NL, Furnell SM, Li F
Proceedings of The 8th Saudi Students Conference, January 31 - February 1, 2015
More details | Download PDF

1 Posters

Internal publications

Public Opinion Towards RFID Technology
Li F, Clarke NL
Advances in Communications, Computing, Networks and Security 5, ISBN: 978-1-84102-257-4, pp29-38, 2008
Can be ordered on-line.
More details | Download PDF

Intrusion Detection System for Mobile Devices: Preliminary Investigation
Li F, Clarke NL, Papadaki M
Proceedings of the Fourth Collaborative Research Symposium on Security, E-learning, Internet and Networking (SEIN 2008), Wrexham, UK, ISBN: 978-1-84102-196-6, pp21-31, 2008
Can be ordered on-line.
More details | Download PDF

2 Internal publications

31 publication(s) - all categories.