Defending against sensor-sniffing attacks on mobile phones

Cai, Lin; Machiraju, Sridhar; Chen, Hao

doi:10.1145/1592606.1592614

Cited by 62 publications

(52 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The security and effectiveness of such techniques have been studied in previous works [26], [17], [3], [12], [22], [10]. Cai et al [6] discussed properties of a privacy protecing sensors. Although these mechanisms have proved to be effective against a large number of attacks, they are not effective against side channel attacks that bypass them.…”

Section: Mitigationmentioning

confidence: 99%

Single-stroke language-agnostic keylogging using stereo-microphones and domain specific machine learning

Narain

Sanatinia

Noubir

2014

Proceedings of the 2014 ACM Conference on Security and Privacy in Wireless &Amp; Mobile Networks

View full text Add to dashboard Cite

Mobile phones are equipped with an increasingly large number of precise and sophisticated sensors. This raises the risk of direct and indirect privacy breaches. In this paper, we investigate the feasibility of keystroke inference when user taps on a soft keyboard are captured by the stereoscopic microphones on an Android smartphone. We developed algorithms for sensor-signals processing and domain specific machine learning to infer key taps using a combination of stereo-microphones and gyroscopes. We implemented and evaluated the performance of our system on two popular mobile phones and a tablet: Samsung S2, Samsung Tab 8 and HTC One. Based on our experiments, and to the best of our knowledge, our system (1) is the first to exceed 90% accuracy requiring a single attempt, (2) operates on the standard Android QWERTY and number keyboards, and (3) is language agnostic. We show that stereo-microphones are a much more effective side channel as compared to the gyroscope, however, their data can be combined to boost the accuracy of prediction. While previous studies focused on larger key sizes and repetitive attempts, we show that by focusing on the specifics of the keyboard and creating machine learning models and algorithms based on keyboard areas combined with adequate filtering, we can achieve an accuracy of 90% -94% for much smaller key sizes in a single attempt. We also demonstrate how such attacks can be instrumentalized by a malicious application to log the keystrokes of other sensitive applications. Finally, we describe some techniques to mitigate these attacks.

show abstract

Section: Mitigationmentioning

confidence: 99%

Single-stroke language-agnostic keylogging using stereo-microphones and domain specific machine learning

Narain

Sanatinia

Noubir

2014

Proceedings of the 2014 ACM Conference on Security and Privacy in Wireless &Amp; Mobile Networks

View full text Add to dashboard Cite

show abstract

“…Cai et al [33] explores the vulnerability of attackers sniffing sensors on smartphones. TaintDroid [34] modifies the Android system and framework to establish system-wide dynamic taint tracking and analysis for sensitive data including data from sensors.…”

Section: Related Workmentioning

confidence: 99%

Sensor Guardian: prevent privacy inference on Android sensors

Bai

Yin

Wang

2017

EURASIP J. on Info. Security

View full text Add to dashboard Cite

Privacy inference attacks based on sensor data is an emerging and severe threat on smart devices, in which malicious applications leverage data from innocuous sensors to infer sensitive information of user, e.g., utilizing accelerometers to infer user's keystroke. In this paper, we present Sensor Guardian, a privacy protection system that mitigates this threat on Android by hooking and controlling applications' access to sensors. Sensor Guardian inserts hooks into applications by statically instrumenting their APK (short for Android Package Kit) files and enforces control policies in these hooks at runtime. Our evaluation shows that Sensor Guardian can effectively and efficiently mitigate the privacy inference threat on Android sensors, with negligible overhead during both static instrumentation and runtime control.

show abstract

“…Sniffing attacks have been talked about in [3]. They explore the vulnerability where attackers snoop on users by sniffing on their mobile phone sensors, such as the microphone, camera, and GPS receiver.…”

Section: Related Workmentioning

confidence: 99%

“…It is also assumed that the attacker has no physical access to the device but can receive the sensor date through voice or data channels. More details about this can be found in the paper by L Cai [3]. A number of viruses have been created to exploit the vulnerabilities that exist on today's mobile devices.…”

Section: Possible Privacy Related Attacksmentioning

confidence: 99%