The University of Southampton
×
Filter your search:
University of Southampton Institutional Repository

SonarSnoop: active acoustic side-channel attacks

SonarSnoop: active acoustic side-channel attacks
SonarSnoop: active acoustic side-channel attacks
We report the first active acoustic side-channel attack. Speakers are used to emit human inaudible acoustic signals and the echo is recorded via microphones, turning the acoustic system of a smart phone into a sonar system. The echo signal can be used to profile user interaction with the device. For example, a victim's finger movements can be inferred to steal Android phone unlock patterns. In our empirical study, the number of candidate unlock patterns that an attacker must try to authenticate herself to a Samsung S4 Android phone can be reduced by up to 70% using this novel acoustic side-channel. Our approach can be easily applied to other application scenarios and device types. Overall, our work highlights a new family of security threats.
cs.CR
Cheng, Peng
1e49aef0-36ef-4cda-af2a-9753881419c9
Bagci, Ibrahim Ethem
e1bbc020-49d6-4201-b40b-b80a049b4c11
Roedig, Utz
77ec02bf-0a48-4960-b02a-892f27501e6d
Yan, Jeff
a2c03187-3722-46c8-b73b-439eb9d1a10e
Cheng, Peng
1e49aef0-36ef-4cda-af2a-9753881419c9
Bagci, Ibrahim Ethem
e1bbc020-49d6-4201-b40b-b80a049b4c11
Roedig, Utz
77ec02bf-0a48-4960-b02a-892f27501e6d
Yan, Jeff
a2c03187-3722-46c8-b73b-439eb9d1a10e

[Unknown type: UNSPECIFIED]

Record type: UNSPECIFIED

Abstract

We report the first active acoustic side-channel attack. Speakers are used to emit human inaudible acoustic signals and the echo is recorded via microphones, turning the acoustic system of a smart phone into a sonar system. The echo signal can be used to profile user interaction with the device. For example, a victim's finger movements can be inferred to steal Android phone unlock patterns. In our empirical study, the number of candidate unlock patterns that an attacker must try to authenticate herself to a Samsung S4 Android phone can be reduced by up to 70% using this novel acoustic side-channel. Our approach can be easily applied to other application scenarios and device types. Overall, our work highlights a new family of security threats.

Text
1808.10250v1
Download (3MB)

More information

Published date: 30 August 2018
Keywords: cs.CR
Learn more about Cyber Security research

Identifiers

Local EPrints ID: 500794
URI: http://eprints.soton.ac.uk/id/eprint/500794
PURE UUID: 87953973-bec6-4a7e-97b8-a771ba03a1b0

Catalogue record

Date deposited: 13 May 2025 16:50
Last modified: 21 Aug 2025 04:42

Export record

Contributors

Author: Peng Cheng
Author: Ibrahim Ethem Bagci
Author: Utz Roedig
Author: Jeff Yan

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Library staff additional information
Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×