2018
DOI: 10.1515/popets-2018-0036
|View full text |Cite
|
Sign up to set email alerts
|

Power to peep-all: Inference Attacks by Malicious Batteries on Mobile Devices

Abstract: Mobile devices are equipped with increasingly smart batteries designed to provide responsiveness and extended lifetime. However, such smart batteries may present a threat to users’ privacy. We demonstrate that the phone’s power trace sampled from the battery at 1KHz holds enough information to recover a variety of sensitive information. We show techniques to infer characters typed on a touchscreen; to accurately recover browsing history in an open-world setup; and to reliably detect incoming calls, and the pho… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

1
35
0

Year Published

2019
2019
2023
2023

Publication Types

Select...
8
2

Relationship

0
10

Authors

Journals

citations
Cited by 29 publications
(38 citation statements)
references
References 21 publications
1
35
0
Order By: Relevance
“…Undersampling: Molka et al [61] used a physicallyconnected power meter to record a victim system's power consumption at a rate of 10 Hz, distinguishing loops of nops and other instructions. Attacks with similar sampling rates to ours were shown by Genkin et al [22], who recovered 4096-bit GnuPG RSA keys and program code via acoustic cryptanalysis, and Lifshits et al [52], who inferred sensitive data, including keystrokes, via a malicious battery storing power traces. These works sampled at ≈24 kHz (mobile phone attack) and 1 kHz, respectively.…”
Section: A Related Worksupporting
confidence: 75%
“…Undersampling: Molka et al [61] used a physicallyconnected power meter to record a victim system's power consumption at a rate of 10 Hz, distinguishing loops of nops and other instructions. Attacks with similar sampling rates to ours were shown by Genkin et al [22], who recovered 4096-bit GnuPG RSA keys and program code via acoustic cryptanalysis, and Lifshits et al [52], who inferred sensitive data, including keystrokes, via a malicious battery storing power traces. These works sampled at ≈24 kHz (mobile phone attack) and 1 kHz, respectively.…”
Section: A Related Worksupporting
confidence: 75%
“…Yang et al [38] showed that the transition between running apps leaves a side-channel in memory that can be used to determine what application was executing. Lifshits et al [22] installed a malicious, power monitoring battery in a smartphone in 11 order to identify various types of activity. Qin et al [29] also adopt a similar approach to smartphone website fingerprinting by using a malicious application which estimates the fluctuation of power data.…”
Section: Related Workmentioning
confidence: 99%
“…For example, it has been recently reported that some microchips were added to servers' motherboards during the manufacturing process without the knowledge of a major server vendor [63]. In other instances, ShadowPad was implanted into a software program developed by a third-party vendor, affecting hundreds of large businesses [45], while malicious batteries [53] and other hardware Trojans [76] are all known threats to data security. An even more striking example is that over 100,000 computers that had never been connected to any network were also implanted with information-stealing hardware Trojans by using a classified technology [68].…”
Section: Threat Modelmentioning
confidence: 99%