POWERFUL: Mobile app fingerprinting via power analysis

Chen, Yimin; Jin, Xiaocong; Sun, Jing; Zhang, Rui; Zhang, Yanchao

doi:10.1109/infocom.2017.8057232

Cited by 27 publications

(15 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Yang et al [37] and Chen et al [5] use power trace to infer browsed websites and active apps respectively. While their goals are similar to ours, their methods are inapplicable to malicious battery settings because they focus on a closed-world setup.…”

Section: Related Workmentioning

confidence: 99%

Power to peep-all: Inference Attacks by Malicious Batteries on Mobile Devices

Lifshits

Forte

Hoshen

et al. 2018

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Mobile devices are equipped with increasingly smart batteries designed to provide responsiveness and extended lifetime. However, such smart batteries may present a threat to users’ privacy. We demonstrate that the phone’s power trace sampled from the battery at 1KHz holds enough information to recover a variety of sensitive information. We show techniques to infer characters typed on a touchscreen; to accurately recover browsing history in an open-world setup; and to reliably detect incoming calls, and the photo shots including their lighting conditions. Combined with a novel exfiltration technique that establishes a covert channel from the battery to a remote server via a web browser, these attacks turn the malicious battery into a stealthy surveillance device. We deconstruct the attack by analyzing its robustness to sampling rate and execution conditions. To find mitigations we identify the sources of the information leakage exploited by the attack. We discover that the GPU or DRAM power traces alone are sufficient to distinguish between different websites. However, the CPU and power-hungry peripherals such as a touchscreen are the primary sources of fine-grain information leakage. We consider and evaluate possible mitigation mechanisms, highlighting the challenges to defend against the attacks. In summary, our work shows the feasibility of the malicious battery and motivates further research into system and application-level defenses to fully mitigate this emerging threat.

show abstract

Section: Related Workmentioning

confidence: 99%

Power to peep-all: Inference Attacks by Malicious Batteries on Mobile Devices

Lifshits

Forte

Hoshen

et al. 2018

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

show abstract

“…Browser fingerprinting has historically been used by companies to uniquely identify website visitors [15]. In the context of Android, multiple studies have investigated potential techniques for app fingerprinting, leveraging network traffic patterns [9,44,45,52], power consumption [5], memory footprints [22], and UI states [4].…”

Section: Related Workmentioning

confidence: 99%

Leave my apps alone!

Scoccia

Kanj

Malavolta

et al. 2020

Proceedings of the IEEE/ACM 7th International Conference on Mobile Software Engineering and Systems

View full text Add to dashboard Cite

To enable app interoperability, the Android platform exposes installed application methods (IAMs), i.e., APIs that allow developers to query for the list of apps installed on a user's device. It is known that information collected through IAMs can be used to precisely deduce end-users interests and personal traits, thus raising privacy concerns. In this paper, we present a large-scale empirical study investigating the presence of IAMs in Android apps and their usage by Android developers. Our results highlight that: (i) IAMs are widely used in commercial applications while their popularity is limited in open-source ones; (ii) IAM calls are mostly performed in included libraries code; (iii) more than one-third of libraries that employ IAMs are advertisement libraries; (iv) a small number of popular advertisement libraries account for over 33% of all usages of IAMs by bundled libraries; (v) developers are not always aware that their apps include IAMs calls. Based on the collected data, we confirm the need to (i) revise the way IAMs are currently managed by the Android platform, introducing either an ad-hoc permission or an opt-out mechanism and (ii) improve both developers and end-users awareness with respect to the privacy-related concerns raised by IAMs.

show abstract

“…Various methods have been leveraged, for instance, power usage [5], system behavior [6], and network traffic [7,8]. In [5,6], the authors developed malicious Android Apps to collect system information, such as current, voltage, network state, CPU and memory usage, from a victim's device. The collected data were analyzed and machine learning techniques were used to identify the Apps on the victim's device.…”

Section: App Fingerprintingmentioning

confidence: 99%

“…Compared with their approaches, our work does not require to maliciously deploy an additional App [5,6] or a traffic sniff device [7,8] to collect data on the victim's device. Therefore, our approach can launch the sniffing attack easily by incentivizing users to visit our website.…”

Section: App Fingerprintingmentioning

confidence: 99%

“…Recent studies introduced several attacks due to the malicious use of magnetometer and motion sensor. For instance, a range of works [1,2,5] raised the idea of cyber-vulnerability in 3D printing where a piece of malicious software can infer the design files by sniffing magnetometer. Furthermore, two recent work [3,4] proposed to utilize motion sensors in smart devices to infer a user's typed words or passwords.…”

Section: Sensorsmentioning

confidence: 99%

See 1 more Smart Citation

DeepMag+: Sniffing mobile apps in magnetic field through deep learning

Ning

Xin

Jiang

et al. 2020

Pervasive and Mobile Computing

View full text Add to dashboard Cite

This paper reports a new side-channel attack to smartphones using the unrestricted magnetic sensor data. We demonstrate that attackers can effectively infer the Apps being used on a smartphone with an accuracy of over 80%, through training a deep Convolutional Neural Networks (CNN). Various signal processing strategies have been studied for feature extractions, including a tempogram based scheme. Moreover, by further exploiting the unrestricted motion sensor to cluster magnetometer data, the sniffing accuracy can increase to as high as 98%. To mitigate such attacks, we propose a noise injection scheme that can effectively reduce the App sniffing accuracy to only 15% and at the same time has a negligible effect on benign Apps.

show abstract

POWERFUL: Mobile app fingerprinting via power analysis

Cited by 27 publications

References 19 publications

Power to peep-all: Inference Attacks by Malicious Batteries on Mobile Devices

Power to peep-all: Inference Attacks by Malicious Batteries on Mobile Devices

Leave my apps alone!

DeepMag+: Sniffing mobile apps in magnetic field through deep learning

Contact Info

Product

Resources

About