Leveraging adjusted user behavior in the detection and prevention of outgoing malicious SMSs in Android devices

In this paper, we propose OnDroid, a prevention system to defend against outgoing malicious SMSs in Android devices. OnDroid is user-friendly as it considers the user's little understanding of the Android system. It also considers multiple threat scenarios and requires less interaction with the user. For each SMS-sending operation, OnDroid first checks if the mobile device state mismatches the user's behavior. If so, the operation is blocked. Otherwise, it is delayed for a while and the user is notified to confirm or reject the operation. If the SMS is considered normal, the user does not need to take any action and the SMS is sent when the delay expires. Efficiency analysis shows that malicious SMS operations might be missed when the user is unavailable. To deal with this issue, we propose a method by which the user behavior can be adjusted to achieve 100% of malicious SMS prevention. Formal analysis as well as comparative study show that OnDroid offers a good tradeoff between security efficiency and usability.