Abstract
Smartphones are increasingly equipped with sensitive accelerometers that can analyse acoustic vibrations on a physical surface. This allows them to gain a covert understanding of the surrounding environment by combining accelerometer sampling with sophisticated signal processing techniques. In this work, we analyse keyboard-sniffing attacks based on acoustic (vibration) covert channels, launched from a malicious application installed on a smartphone. An important requirement of such attacks is access to reliable acoustic signals that can be distinguished from the noise floor by applying appropriate signal processing techniques. Our analysis indicates that state-of-the-art attack techniques are fragile; injecting randomised noise (jamming) via the vibration medium into the accelerometer, reduces the efficiency of the attack from 80% to random guessing. We conclude that our work presents an important step towards disabling the covert channel and ensuring full security.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Marquardt, P., Verma, A., Carter, H., Traynor, P. (sp)iPhone: Decoding Vibrations From Nearby Keyboards Using Mobile Phone Accelerometers. In: Proceedings of ACM Conference on Computer and Communications Security, CCS (2011)
Berger, Y., Wool, A., Yeredor, A.: Dictionary Attacks Using Keyboard Acoustic Emanations. In: Proceedings of the ACM Conference on Computer and Communications Security, CCS (2006)
Cai, L., Machiraju, S., Chen, H.: Defending Against Sensor-Sniffing Attacks on Mobile Phones. In: Proceedings of ACM SIGCOMM Workshop on Networking, Systems, Applications on Mobile Handhelds, MobiHeld (2009)
Mobile that allows bosses to snoop on staff developed BBC NEWS- Technology. Web (July 27, 2010), http://news.bbc.co.uk/2/hi/technology/8559683.stm/
Owusu, E., Han, J., Das, S., Perrig, A., Zhang, J.: ACCessory: Password Inference using Accelerometers on Smartphones. In: HotMobile 2012 - The 13th International Workshop on Mobile Computing Systems and Applications (2012)
Asonov, D., Agrawal, R.: Keyboard Acoustic Emanations. In: Proceedings of the IEEE Symposium on Security and Privacy (2004)
I.S. on Subjective Measurements. IEEE recommended practices for speech quality measurements. IEEE Transactions on Audio and Electroacoustics 17, 227–246 (1969)
Nagaraja, S., Anderson, R.: The snooping dragon: social-malware surveillance of the Tibetan movement. In: technical report UCAM-CL-TR-746, University of Cambridge (2009)
Schlegel, R., Zhang, K., Zhou, X., Mehool, I., Kapadia, A., Wang, X.: Soundcomber: A stealthy and context-aware sound trojan for smartphones. In: Proceedings of the 18th Annual Network and Distributed System Security Symposium, NDSS 2011 (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Khurana, R., Nagaraja, S. (2013). Simple Defences against Vibration-Based Keystroke Fingerprinting Attacks. In: Christianson, B., Malcolm, J., Stajano, F., Anderson, J., Bonneau, J. (eds) Security Protocols XXI. Security Protocols 2013. Lecture Notes in Computer Science, vol 8263. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41717-7_16
Download citation
DOI: https://doi.org/10.1007/978-3-642-41717-7_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41716-0
Online ISBN: 978-3-642-41717-7
eBook Packages: Computer ScienceComputer Science (R0)