Skip to main content
Book cover

International Conference on Collaborative Computing: Networking, Applications and Worksharing

CollaborateCom 2015: Collaborative Computing: Networking, Applications, and Worksharing pp 221–233Cite as

SSG: Sensor Security Guard for Android Smartphones

Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST,volume 163)

Abstract

The smartphone sensors provide extraordinary user experience in various Android apps, e.g. sport apps, gravity sensing games. Recent works have been proposed to launch powerful sensor-based attacks such as location tracing and sound eavesdropping. The use of sensors does not require any permission in Android apps, so these attacks are very difficult to be noticed by the app users. Furthermore, the combination of various kinds of sensors generates numerous types of attacks which are hard to be systematically studied.

To better address the attacks, we have developed a taxonomy on sensor-based attacks from five aspects. In this work, we propose a sensor API hooking and information filtering framework, Sensor Security Guard (SSG). Unlike any rough hooking framework, this system provides fine-grained processing for different security levels set by the users, or by default. The sensor data is blocked, forged or processed under different mode strategies and then returned to the apps. In addition, according to the taxonomy, SSG develops fine-grained corresponding countermeasures. We evaluate the usability of SSG on 30 popular apps chosen from Google Market. SSG does not cause any crash of either the Android system or the apps while working. The result indicated that SSG could significantly preserve the users’ privacy with acceptable energy lost.

Keywords

  • Hook
  • Sensor API
  • Android
  • Security

Major program of Shanghai Science and Technology Commission (Grant No: 15511103002): Research on Mobile Smart Device Application Security Testing and Evaluating.

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-319-28910-6_20
  • Chapter length: 13 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   64.99
Price excludes VAT (USA)
  • ISBN: 978-3-319-28910-6
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   84.00
Price excludes VAT (USA)
Learn about institutional subscriptions
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.
Fig. 6.
Fig. 7.
Fig. 8.
Fig. 9.
Fig. 10.
Fig. 11.
Fig. 12.
Fig. 13.
Fig. 14.

References

  1. Cydia substrate. http://www.cydiasubstrate.com/

  2. Nike+ running applications. http://www.nike.com/us/en_us/c/running/nikeplus/gps-app

  3. Al-Haiqi, A., Ismail, M., Nordin, R.: On the best sensor for keystrokes inference attack on android. Procedia Technology (2013)

    Google Scholar 

  4. Bojinov, H., Michalevsky, Y., Nakibly, G., Boneh, D.: Mobile device identification via sensor fingerprinting (2014). arXiv:1408.1416

  5. Cai, L., Chen, H.: Touchlogger: inferring keystrokes on touch screen from smartphonemotion. In: 6th Proceedings of HotSec (2011)

    Google Scholar 

  6. Currie, D.: Shedding some light on voice authentication (2009)

    Google Scholar 

  7. A. Das, N. Borisov, and M. Caesar.Exploring ways to mitigate sensor-based smartphone fingerprinting.arXiv preprint arXiv:1503.01874, 2015

  8. Dey, S., Roy, N., Xu, W., Choudhury, R.R., Nelakuditi, S.: Accelprint: imperfections of accelerometers make smartphones trackable. In: 21st Proceedings of the Network and Distributed System Security Symposium (NDSS) (2014)

    Google Scholar 

  9. Han, J., Owusu, E., Nguyen, L.T., Perrig, A., Zhang, J.: Accomplice: location inference using accelerometers on smartphones. In: 4th Proceedings of Communication Systems and Networks (COMSNETS) (2012)

    Google Scholar 

  10. Lee, S.-W., Mase, K.: Activity and location recognition using wearable sensors. IEEE Pervasive Comput. (2002)

    Google Scholar 

  11. Mäntyjärvi, J., Lindholm, M., Vildjiounaite, E., Mäkelä, S.-M., Ailisto. H.: Identifying users of portable devices from gait pattern with accelerometers. In: 30th Proceedings of Acoustics, Speech, and Signal Processing (ICASSP 2005) (2005)

    Google Scholar 

  12. Michalevsky, Y., Boneh, D., Nakibly, G.: Gyrophone: recognizing speech from gyroscope signals. In: 23rd Proceedings of USENIX Security Symposium. USENIX Association (2014)

    Google Scholar 

  13. Mohan, P., Padmanabhan, V.N., Ramjee, R.: Nericell: rich monitoring of road and traffic conditions using mobilesmartphones. In: 6th Proceedings of ACM Conference on Embedded Network Sensor Systems (2008)

    Google Scholar 

  14. Spreitzer, R.: Pin skimming: exploiting the ambient-light sensor in mobile devices. In: 4th Proceedings of ACM Workshop on Security and Privacy in Smartphones & Mobile Devices (2014)

    Google Scholar 

  15. Wang, H., Lymberopoulos, D., Liu, J.: Sensor-based user authentication. In: Abdelzaher, T., Pereira, N., Tovar, E. (eds.) EWSN 2015. LNCS, vol. 8965, pp. 168–185. Springer, Heidelberg (2015)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Lab of Cryptology and Computer Security, Shanghai Jiao Tong University, Shanghai, China

    Bodong Li, Yuanyuan Zhang, Chen Lyu, Juanru Li & Dawu Gu

Authors
  1. Bodong Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yuanyuan Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Chen Lyu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Juanru Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Dawu Gu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bodong Li .

Editor information

Editors and Affiliations

  1. School of Computer Science & Engineering, The University of Aizu, Aizuwakamatsu, Japan

    Song Guo

  2. School of Computer Science &Technology, Huazhong University of Science and Tech, Wuhan, China

    Xiaofei Liao

  3. School of Computer Science & Technology, Huazhong University of Science and Tech, Wuhan, China

    Fangming Liu

  4. Dept. of Computer Science & Engineering, Shanghai Jiao Tong University, Shanghai, China

    Yanmin Zhu

Rights and permissions

Reprints and Permissions

Copyright information

© 2016 Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Li, B., Zhang, Y., Lyu, C., Li, J., Gu, D. (2016). SSG: Sensor Security Guard for Android Smartphones. In: Guo, S., Liao, X., Liu, F., Zhu, Y. (eds) Collaborative Computing: Networking, Applications, and Worksharing. CollaborateCom 2015. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 163. Springer, Cham. https://doi.org/10.1007/978-3-319-28910-6_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-28910-6_20

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-28909-0

  • Online ISBN: 978-3-319-28910-6

  • eBook Packages: Computer ScienceComputer Science (R0)