Abstract:We report the first active acoustic side-channel attack. Speakers are used to emit human inaudible acoustic signals and the echo is recorded via microphones, turning the acoustic system of a smart phone into a sonar system. The echo signal can be used to profile user interaction with the device. For example, a victim's finger movements can be inferred to steal Android unlock patterns. In our empirical study, the number of candidate unlock patterns that an attacker must try to authenticate herself to a Samsung … Show more
“…For example, acoustics can reflect, and travel through a variety of mediums and at varying distances. Taking advantage of these properties, inaudible acoustics emitted from a smartphone can bounce off nearby moving objects, and the corresponding echo can carry target information used to infer the object's movements [26], [27]. An MDM scenario can be similarly applied to use emitted signals to detect the oscillation of a person's chest to infer heart and breathing rate [17].…”
Section: B Applications Of Side-channel Attacks In Cybmentioning
confidence: 99%
“…The side-channel attack frameworks offer a more structured approach to the use of side-channels with the following concepts common to all instances of side-channel attacks (as depicted within Figure 2 ): System structure: the logical components [4] Method: named attack strategies including differential analysis correlation , and transformation to frequency or other domains [5] , [35] Modelling/Profiling: uses a training phase to characterise a target system before attacking [4] , or for developing a template based on extensive traces [36] Modality: includes timing [37] , [38] , power usage [5] , [10] , electromagnetic radiation [5] , [22] , magnetic field [30] , acoustic [20] , [27] , visible light [32] , infra-red [39] , and vibration [21] , [23] Access: level of physical access; invasive, semi-invasive, or non-invasive [5] , [40] Remote versus local: modalities that can be measured from a distance allow for remote sensing [5] , [22] Control: active modification to cause side-channel leakage (feeding in a particular input) [5] , [8] , [34] , or passively accepting leaked data [5] Subsequent sections identify examples of side-channel sensing in MDM and develop a corresponding systematic categorisation appropriate to the MDM domain. …”
Section: Side-channel Attacks In Cybmentioning
confidence: 99%
“…Modality: includes timing [37] , [38] , power usage [5] , [10] , electromagnetic radiation [5] , [22] , magnetic field [30] , acoustic [20] , [27] , visible light [32] , infra-red [39] , and vibration [21] , [23]…”
Information within systems can be extracted through side-channels; unintended communication channels that leak information. The concept of side-channel sensing is explored, in which sensor data is analysed in non-trivial ways to recover subtle, hidden or unexpected information. Practical examples of side-channel sensing are well known in domains such as cybersecurity (CYB), but are not formally recognised within the domain of medical diagnostics and monitoring (MDM). This paper reviews side-channel usage within CYB and MDM, identifying techniques and methodologies applicable to both domains. We establish a systematic structure for the use of side-channel sensing in MDM that is comparable to existing structures in CYB, and promote cross-domain transferability of knowledge, mindsets, and techniques.
“…For example, acoustics can reflect, and travel through a variety of mediums and at varying distances. Taking advantage of these properties, inaudible acoustics emitted from a smartphone can bounce off nearby moving objects, and the corresponding echo can carry target information used to infer the object's movements [26], [27]. An MDM scenario can be similarly applied to use emitted signals to detect the oscillation of a person's chest to infer heart and breathing rate [17].…”
Section: B Applications Of Side-channel Attacks In Cybmentioning
confidence: 99%
“…The side-channel attack frameworks offer a more structured approach to the use of side-channels with the following concepts common to all instances of side-channel attacks (as depicted within Figure 2 ): System structure: the logical components [4] Method: named attack strategies including differential analysis correlation , and transformation to frequency or other domains [5] , [35] Modelling/Profiling: uses a training phase to characterise a target system before attacking [4] , or for developing a template based on extensive traces [36] Modality: includes timing [37] , [38] , power usage [5] , [10] , electromagnetic radiation [5] , [22] , magnetic field [30] , acoustic [20] , [27] , visible light [32] , infra-red [39] , and vibration [21] , [23] Access: level of physical access; invasive, semi-invasive, or non-invasive [5] , [40] Remote versus local: modalities that can be measured from a distance allow for remote sensing [5] , [22] Control: active modification to cause side-channel leakage (feeding in a particular input) [5] , [8] , [34] , or passively accepting leaked data [5] Subsequent sections identify examples of side-channel sensing in MDM and develop a corresponding systematic categorisation appropriate to the MDM domain. …”
Section: Side-channel Attacks In Cybmentioning
confidence: 99%
“…Modality: includes timing [37] , [38] , power usage [5] , [10] , electromagnetic radiation [5] , [22] , magnetic field [30] , acoustic [20] , [27] , visible light [32] , infra-red [39] , and vibration [21] , [23]…”
Information within systems can be extracted through side-channels; unintended communication channels that leak information. The concept of side-channel sensing is explored, in which sensor data is analysed in non-trivial ways to recover subtle, hidden or unexpected information. Practical examples of side-channel sensing are well known in domains such as cybersecurity (CYB), but are not formally recognised within the domain of medical diagnostics and monitoring (MDM). This paper reviews side-channel usage within CYB and MDM, identifying techniques and methodologies applicable to both domains. We establish a systematic structure for the use of side-channel sensing in MDM that is comparable to existing structures in CYB, and promote cross-domain transferability of knowledge, mindsets, and techniques.
“…The column threshold (i.e., 3) is set empirically (by changing it randomly between 1 and 100) for detecting the changes occurring due to user's fingers and hand. A similar method is also used in [16] and [17] to track the finger movements and use them for detecting 2 − D gestures and snooping the unlock patterns of mobile devices, respectively. Figure 16 shows the newly generated matrix by comparing the columns of the correlation matrix shown in Figure 15 in accordance with the aforementioned method.…”
In this paper, we present a novel user identification mechanism for smart spaces called Echo-ID (referred to as E-ID). Our solution relies on inaudible sound signals for capturing the user's behavioral tapping/typing characteristics while s/he types the PIN on a PIN-PAD, and uses them to identify the corresponding user from a set of N enrolled inhabitants. E-ID proposes an all-inclusive pipeline that generates and transmits appropriate sound signals, and extracts a user-specific imprint from the recorded signals (E-Sign). For accurate identification of the corresponding user given an E-Sign sample, E-ID makes use of deep-learning (i.e., CNN for feature extraction) and SVM classifier (for making the identification decision). We implemented a proof of the concept of E-ID by leveraging the commodity speaker and microphone. Our evaluations revealed that E-ID can identify the users with an average accuracy of 93% to 78% from an enrolled group of 2-5 subjects, respectively.
“…Android's graphical password has been studied in many contexts, including for security (e. g., smudges [8], [13], shoulder surfing [43], [4], [18], other side-channel attacks [50], [14], [48], [49]), user choice [37], [1], [28], selection aids [36], [15], and under modifications [3], [35]. As mentioned, there has been a number of proposals for pattern strength meters [1], [33], [31], which we will describe in more detail in the following section.…”
A common method for helping users select stronger authentication secrets, e. g., passwords, is to deploy a visual strength meter that provides feedback to the user while performing password selection. Recent work considered the accuracy of strength meters for passwords, but there is limited work on understanding the accuracy of strength meters for other knowledge-based authentication types, particularly Android's graphical pattern unlock, despite there being multiple strength meters proposed for patterns in the literature. In this work, we present a preliminary analysis of the accuracy of strength meters for Android patterns, applying the same set of techniques from previous work. Using datasets of patterns collected in several user studies as a baseline, we compare strength meter estimations using weighted Spearman correlation. Overall, we find that strength estimations based on visual properties of the patterns (such as length, intersections, overlapping nodes, and similar) provide strength estimations that have low correlation with the real guessability of Android patterns. Motivated by these findings, we describe a set of research questions and experiments that are in progress that question whether the accuracy of a meter should even be the driving factor for nudging users to more secure choices.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.