SonarSnoop: active acoustic side-channel attacks

cb
Thumbnail Image
Files
Date
2019-07-05
Authors
Cheng, Peng
Bagci, Ibrahim Ethem
Roedig, Utz
Yan, Jeff
Journal Title
Journal ISSN
Volume Title
Publisher
Springer Verlag
Published Version
10.1007/s10207-019-00449-8
Research Projects
Organizational Units
Journal Issue
Abstract
We report the first active acoustic side-channel attack. Speakers are used to emit human inaudible acoustic signals, and the echo is recorded via microphones, turning the acoustic system of a smart phone into a sonar system. The echo signal can be used to profile user interaction with the device. For example, a victim’s finger movements can be inferred to steal Android unlock patterns. In our empirical study, the number of candidate unlock patterns that an attacker must try to authenticate herself to a Samsung S4 phone can be reduced by up to 70% using this novel acoustic side-channel. The attack is entirely unnoticeable to victims. Our approach can be easily applied to other application scenarios and device types. Overall, our work highlights a new family of security threats.
Description
Keywords
Side-channel attack , Acoustic system , Active sonar , Mobile device
Citation
Cheng, P., Bagci, I. E., Roedig, U. and Yan, J. (2019) 'SonarSnoop: active acoustic side-channel attacks', International Journal of Information Security. (16pp.) DOI: 10.1007/s10207-019-00449-8
Link to publisher’s version
https://link.springer.com/article/10.1007%2Fs10207-019-00449-8
URI
https://hdl.handle.net/10468/8524
Collections
Computer Science - Journal Articles
Copyright
©The Author(s) 2019. This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.