In today's daily life, hand held devices such as mobile phones, PDA's, tablets have become essential for communication, information storage, and access to multiple services and applications. Until few years back, mobile phones were used only for communication purpose such as for sending messages, calling other users, receiving calls, and the like. As mobile devices and technologies embedded therein have developed and evolved, usage of the devices for storing different data, text, audio, photos, etc has increased multifold. With smart phones now storming into the market, various advanced features, which were once only provided by computers and laptops, are now being provided to users through such smart phones. Furthermore, along with path-breaking development in handheld device technologies, threat of anomalies such as from data theft, device theft, viruses, interne based threats, are also increasing.
Along with the development in handheld device technologies, development related to safety and security of handheld devices is also gaining prominence. For instance, it is usually the user who goes to a police station and complains about his phone being lost or stolen and it is based on this information that the police takes the next action. Further, users typically realize about the phone being stolen or lost only after 2-3 days of the event happening and therefore by the time the user registers a complaint, it is already too late. Existing security methods also include tracking mobile phones based on SIM cards present in phones. However, this method also has drawbacks as the thief may remove the SIM card from the mobile phone and not allow it to be remotely accessible. Yet another method includes assigning a password to the mobile phone, which needs to be entered every time the phone is started. This method also has drawbacks as the thief is generally able to reset the phone settings or can hack into the phone through other alternative means. Furthermore, advanced security methods such as finger prints, signature based intrusion detection systems, face recognition systems, voice based verification and the like have also been proposed and implemented for improving the security of phone. However, these security methods too have many drawbacks and principally function post the phone has been stolen, which actually the users come to discover about only after many hours or days of the mishap. Recent smart phones, PDA's and tablets have been incorporated with advanced algorithms, which are configured to monitor user's usage pattern based on user's location and record the location at a predetermined time period and match with usage history stored in a database. Upon finding any variation in the usage behavior, the algorithm identifies or detects that the phone has been stolen or lost and generates an alert to the user by sending a mail or message to user specified contacts. Certain modifications and changes have been made in the algorithms to increase the security of the phones and further improve the efficiency of early detection of such an anomaly.
An article published by Buthpitiya et al. titled “n-gram Geo-Trace Modeling”, discusses an algorithm present in a smart phone that can sense location of the smart phone and detect anomalies in user behavior to detect theft of the phone. The algorithm records user location data at particular time period and identifies GPS coordinates such as longitude and latitude of the location. The location coordinates are quantized and partitions of equal sized squares are made. Quantizing can be carried out to identify smaller granular location coordinates. For a particular fixed time period, user location is then identified and labeled with a tag and stored in a database. Stored tags are compared to the current calculated user position for the particular time period to detect anomalies in user's location, wherein if variation in the user location is identified beyond a threshold, the system identifies that the smart phone has been stolen or lost.
Another, more generic example includes an article published by Tandon et al. titled “Spatio-temporal Anomaly Detection for Mobile Devices”, which discusses an algorithm that detects anomalies in mobile devices. In the algorithm of Tandon, mobile device location is captured by cell towers and transmitted to a centralized server. All ID's received from plurality of cell towers are observed and learned over a period of time. If the phone is stolen and used by a thief, it indicates different location and time, upon which anomaly flag is raised. The network operator can lock the phone identifying that the phone is stolen and the phone can be unlocked by network operator or by the user by entering PIN.
U.S. patent application 2009/0249443 to Flitzgerald et al. titled “Methods for monitoring the unauthorized use of a device” filed internationally on Apr. 1, 2008, discusses detecting stolen, lost, or unauthorized use of a device and further discusses altering the functionality of the device in response to such use by identifying the location. The current location of the device is compared with a list of locations stored in a database of a server where the device is allowed to be operated.
However, none of the above systems and methods take into account user's phone usage context such as SMS interactions, calling interactions, email interactions, browsing patterns, among others and mobility patterns such as location coordinates with respect to time so as to detect an anomaly in the handheld device and instead merely rely in changes in location to detect such an anomaly, which leads of lower overall efficiency, lag in anomaly detection, and low accuracy in anomaly detection.
Furthermore, existing systems and methods focus on generating bounding regions for anomaly detection along with learning geo-tracks of people, which make the existing solutions computationally expensive and time consuming. Few systems also use route modeling that deal with additional attributes such as speed and direction information which are generally not available on mobile phones.
There is therefore a need for a system and method that can, with higher efficiency and accuracy, detect anomalies in a handheld device based on current device usage context, mobility pattern, or behavior of a handheld device.