Betul Soysal scite author profile

Abstract-Side-channel attacks revealing the sensitive user data through the motion sensors (such as accelerometer, gyroscope, and orientation sensors) emerged as a new trend in the smartphone security. In this respect, recent studies have examined feasibility of inferring user's tap input by utilizing the motion sensor readings and propounded that some user secrets can be deduced by adopting the different side-channel attacks. More precisely, in this kind of attacks, a malware processes outputs of these sensors to exfiltrate victims private information such as PINs, passwords or unlock patterns. In this paper, we describe a new side-channel attack on smartphones that aims to predict the age interval of the user. Unlike the previous works, our attack does not directly deal with recovering a target user's some secret, rather its sole purpose is determining whether she is a child or an adult. The main idea behind our study relies on the key observation that the characteristics of children and adults differ in hand holding and touching the smartphones. Consequently, we show that there is an apparent correlation between the motion sensor readings and these characteristics that build up our attack strategy. In order to exhibit efficiency of the proposed attack, we have developed an Android application named as BalloonLogger that evaluates accelerometer sensor data and perform child/adult detection with a success rate of 92.5%. To the best of our knowledge, in this work, for the first time, we point out such a security breach.

show abstract

Minimum On-the-node Data Security for the Next-generation Miniaturized Wireless Biomedical Devices

Vakhter

Soysal²,

Schaumont

et al. 2020

View full text Add to dashboard Cite

New cross correlation attack methods on the Montgomery Ladder implementation of RSA

Kuzu

Soysal

Sahinoglu

et al. 2013

View full text Add to dashboard Cite

Side channel analysis on android smartphones

Davarcı

Soysal

Erguler

et al. 2016

View full text Add to dashboard Cite

Özetçe -Akıllı telefonlar son yıllarda insan hayatının ayrılmaz bir bileşeni haline gelmiştir. Fakat akıllı telefonların artan yaygınlıgı bazı güvenlik problemlerine neden olabilmektedir. Örnegin, kullanıcılar rehber,şifre ve diger kimlik bilgilerini telefonlarında saklayabilmektedirler. Çeşitli özelliklere ek olarak, akıllı telefonlar ivmeölçer ve jiroskop gibi birçok hareket sensörüne sahiptir. Bundan dolayı, akıllı telefonların yetenekleri arttıkça akıllı telefonlara yönelik kötü amaçlı yazılımlar da artmaktadır. Android işletim sisteminin akıllı telefon pazarının lideri oldugu bilinen bir gerçektir. Bu durum maalesef saldırganların Android platformuna yönelmesine neden olmaktadır. Ayrıca, saldırganlar akıllı telefonlardaki hareket sensörlerini yan kanal bilgi kaynagı olarak kullanıp kullanıcının özel bilgilerini elde edebilmektedirler. Literatürde hareket sensörlerinin yan kanal olarak nasıl kullanıldıgını gösteren birçok çalışma mevcuttur. Bu çalışmanın ana amacı, ivmeölçer sensörünün yan kanal bilgi kaynagı olarak kullanılarak kullanıcının yaş aralıgının tespit edilebileceginin gösterilmesidir. Kullanıcının ekrana dokunuşları analiz edilerek kullanıcının çocuk veya yetişkin oldugu yüksek bir oranda tespit edilmiştir. Elde edilen bu bilgi, saldırganlara kötü amaçlı eylemleri için ek imkanlar sunabilmektedir.Anahtar Kelimeler-Android, akıllı telefonlar, hareket sensörleri, ivmeölçer, yan kanal, veri güvenligi, kötü amaçlı yazılım.Abstract-In recent years, smartphones have become inseparable components of people's daily life. However, the great popularity of smartphones causes some security problems. For example, users may store their contact lists, passwords and other credentials in their smartphones. In addition to various features, smartphones also have various motion sensors like accelerometer and gyroscope. Therefore, number of malwares focused on smartphones goes up while capabilities of smartphones increase. It is well-known fact that Android is the leader of smartphone market. This unluckily leads attackers to the Android platform. Furthermore, attackers use motion sensors as a sidechannel information to obtain user's private data. There are several studies in the literature which show how motion sensors can be used as a side-channel. In this study, the main object is to determine user's age interval by using accelerometer sensor as a side-channel. We show that by analyzing user's tap event on the touchscreen we can determine whether the user is child or adult. This is actually our great contribution to the literature because this information may give attackers extra avenues for their malicious activities.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Betul Soysal

Threat Modeling and Risk Analysis for Miniaturized Wireless Biomedical Devices

Age group detection using smartphone motion sensors

Minimum On-the-node Data Security for the Next-generation Miniaturized Wireless Biomedical Devices

New cross correlation attack methods on the Montgomery Ladder implementation of RSA

Side channel analysis on android smartphones

Contact Info

Product

Resources

About