Home > Research > Publications & Outputs > SonarSnoop

Research

Associated organisational units

Links

Text available via DOI:

Keywords

View graph of relations

SonarSnoop: active acoustic side-channel attacks

Research output: Contribution to Journal/MagazineJournal articlepeer-review

Published

Standard

SonarSnoop: active acoustic side-channel attacks. / Cheng, Peng; Bagci, Ibrahim; Roedig, Utz et al.
In: International Journal of Information Security, Vol. 19, 01.03.2020, p. 213-228.

Research output: Contribution to Journal/MagazineJournal articlepeer-review

Harvard

Cheng, P, Bagci, I, Roedig, U & Yan, J 2020, 'SonarSnoop: active acoustic side-channel attacks', International Journal of Information Security, vol. 19, pp. 213-228. https://doi.org/10.1007/s10207-019-00449-8

APA

Cheng, P., Bagci, I., Roedig, U., & Yan, J. (2020). SonarSnoop: active acoustic side-channel attacks. International Journal of Information Security, 19, 213-228. https://doi.org/10.1007/s10207-019-00449-8

Vancouver

Cheng P, Bagci I, Roedig U, Yan J. SonarSnoop: active acoustic side-channel attacks. International Journal of Information Security. 2020 Mar 1;19:213-228. Epub 2019 Jul 5. doi: 10.1007/s10207-019-00449-8

Author

Cheng, Peng ; Bagci, Ibrahim ; Roedig, Utz et al. / SonarSnoop : active acoustic side-channel attacks. In: International Journal of Information Security. 2020 ; Vol. 19. pp. 213-228.

Bibtex

@article{5a289f039ef14a9ca8a11577271ed430,
title = "SonarSnoop: active acoustic side-channel attacks",
abstract = "We report the first active acoustic side-channel attack. Speakers are used to emit human inaudible acoustic signals, and the echo is recorded via microphones, turning the acoustic system of a smart phone into a sonar system. The echo signal can be used to profile user interaction with the device. For example, a victim{\textquoteright}s finger movements can be inferred to steal Android unlock patterns. In our empirical study, the number of candidate unlock patterns that an attacker must try to authenticate herself to a Samsung S4 phone can be reduced by up to 70% using this novel acoustic side channel. The attack is entirely unnoticeable to victims. Our approach can be easily applied to other application scenarios and device types. Overall, our work highlights a new family of security threats.",
keywords = "side-channel attack, acoustic system, active sonar, mobile device",
author = "Peng Cheng and Ibrahim Bagci and Utz Roedig and Jeff Yan",
year = "2020",
month = mar,
day = "1",
doi = "10.1007/s10207-019-00449-8",
language = "English",
volume = "19",
pages = "213--228",
journal = "International Journal of Information Security",
issn = "1615-5262",
publisher = "Springer Verlag",

}

RIS

TY - JOUR

T1 - SonarSnoop

T2 - active acoustic side-channel attacks

AU - Cheng, Peng

AU - Bagci, Ibrahim

AU - Roedig, Utz

AU - Yan, Jeff

PY - 2020/3/1

Y1 - 2020/3/1

N2 - We report the first active acoustic side-channel attack. Speakers are used to emit human inaudible acoustic signals, and the echo is recorded via microphones, turning the acoustic system of a smart phone into a sonar system. The echo signal can be used to profile user interaction with the device. For example, a victim’s finger movements can be inferred to steal Android unlock patterns. In our empirical study, the number of candidate unlock patterns that an attacker must try to authenticate herself to a Samsung S4 phone can be reduced by up to 70% using this novel acoustic side channel. The attack is entirely unnoticeable to victims. Our approach can be easily applied to other application scenarios and device types. Overall, our work highlights a new family of security threats.

AB - We report the first active acoustic side-channel attack. Speakers are used to emit human inaudible acoustic signals, and the echo is recorded via microphones, turning the acoustic system of a smart phone into a sonar system. The echo signal can be used to profile user interaction with the device. For example, a victim’s finger movements can be inferred to steal Android unlock patterns. In our empirical study, the number of candidate unlock patterns that an attacker must try to authenticate herself to a Samsung S4 phone can be reduced by up to 70% using this novel acoustic side channel. The attack is entirely unnoticeable to victims. Our approach can be easily applied to other application scenarios and device types. Overall, our work highlights a new family of security threats.

KW - side-channel attack

KW - acoustic system

KW - active sonar

KW - mobile device

U2 - 10.1007/s10207-019-00449-8

DO - 10.1007/s10207-019-00449-8

M3 - Journal article

VL - 19

SP - 213

EP - 228

JO - International Journal of Information Security

JF - International Journal of Information Security

SN - 1615-5262

ER -