SonarSnoop: active acoustic side-channel attacks

Peng Cheng, Ibrahim Ethem Bagci, Utz Roedig, Jeff Yan

Research output: Contribution to journalArticlepeer-review

9 Citations (Scopus)
11 Downloads (Pure)

Abstract

We report the first active acoustic side-channel attack. Speakers are used to emit human inaudible acoustic signals, and the echo is recorded via microphones, turning the acoustic system of a smart phone into a sonar system. The echo signal can be used to profile user interaction with the device. For example, a victim's finger movements can be inferred to steal Android unlock patterns. In our empirical study, the number of candidate unlock patterns that an attacker must try to authenticate herself to a Samsung S4 phone can be reduced by up to 70% using this novel acoustic side-channel. The attack is entirely unnoticeable to victims. Our approach can be easily applied to other application scenarios and device types. Overall, our work highlights a new family of security threats.

Original languageEnglish
Pages (from-to)213-228
Number of pages16
JournalInternational Journal of Information Security
Volume19
Issue number2
Early online date25 Jul 2019
DOIs
Publication statusPublished - 1 Apr 2020

Keywords

  • acoustic system
  • active sonar
  • mobile device
  • side-channel attack

Fingerprint

Dive into the research topics of 'SonarSnoop: active acoustic side-channel attacks'. Together they form a unique fingerprint.

Cite this