SonarSnoop : active acoustic side-channel attacks

Cheng, Peng and Bagci, Ibrahim Ethem and Roedig, Utz and Yan, Jeff (2018) SonarSnoop : active acoustic side-channel attacks. Other. arXiv.org, Ithaca, N.Y.. (https://arxiv.org/abs/1808.10250)

[thumbnail of Cheng-etal-arXiv-2018-SonarSnoop-active-acoustic-side-channel-attacks]
Preview
Text. Filename: Cheng_etal_arXiv_2018_SonarSnoop_active_acoustic_side_channel_attacks.pdf
Preprint

Download (3MB)| Preview

Abstract

We report the first active acoustic side-channel attack. Speakers are used to emit human inaudible acoustic signals and the echo is recorded via microphones, turning the acoustic system of a smart phone into a sonar system. The echo signal can be used to profile user interaction with the device. For example, a victim's finger movements can be inferred to steal Android phone unlock patterns. In our empirical study, the number of candidate unlock patterns that an attacker must try to authenticate herself to a Samsung S4 Android phone can be reduced by up to 70% using this novel acoustic side-channel. Our approach can be easily applied to other application scenarios and device types. Overall, our work highlights a new family of security threats.