A fine-grained analysis of user activity on mobile applications: The sensitivity level perception
International Journal for Information Security Research
School of Science / ECU Security Research Institute
Mobile devices contain different levels of data and applications such as photos, text messages, emails and mobile banking applications. Each process within each application has a different level of sensitivity; thus, protection needs to be considered in this context after initial access to the mobile device. The main aim of this research is to investigate when to authenticate the mobile user by focusing on the sensitivity level of each intra-process (within the application) and understanding whether a certain user action in a process may require protection. To accomplish this, the 10 most popular mobile categories were analysed to gain a comprehensive understanding of how to categorise the applications in terms of their sensitivity level. Building upon this analysis, the results show that 78% of 125 user actions are considered sensitive processes. This paper also demonstrates that existing authentication systems lack adequate security solutions to unauthorised access to the mobile device. Consequently, this indicates the need for a robust and usable access control approach to establish a transparent and a continuous authentication system.