Home > Research > Publications & Outputs > SonarSnoop

Links

Text available via DOI:

View graph of relations

SonarSnoop: active acoustic side-channel attacks

Research output: Contribution to journalJournal article

E-pub ahead of print
<mark>Journal publication date</mark>5/07/2019
<mark>Journal</mark>International Journal of Information Security
Number of pages16
Publication statusE-pub ahead of print
Early online date5/07/19
Original languageEnglish

Abstract

We report the first active acoustic side-channel attack. Speakers are used to emit human inaudible acoustic signals, and the echo is recorded via microphones, turning the acoustic system of a smart phone into a sonar system. The echo signal can be used to profile user interaction with the device. For example, a victim’s finger movements can be inferred to steal Android unlock patterns. In our empirical study, the number of candidate unlock patterns that an attacker must try to authenticate herself to a Samsung S4 phone can be reduced by up to 70% using this novel acoustic side channel. The attack is entirely unnoticeable to victims. Our approach can be easily applied to other application scenarios and device types. Overall, our work highlights a new family of security threats.