ABSTRACT
Today's smartphones are shipped with various embedded motion sensors, such as the accelerometer, gyroscope, and orientation sensors. These motion sensors are useful in supporting the mobile UI innovation and motion-based commands. However, they also bring potential risks of leaking user's private information as they allow third party applications to monitor the motion changes of smartphones.
In this paper, we study the feasibility of inferring a user's tap inputs to a smartphone with its integrated motion sensors. Specifically, we utilize an installed trojan application to stealthily monitor the movement and gesture changes of a smartphone using its on-board motion sensors. When the user is interacting with the trojan application, it learns the motion change patterns of tap events. Later, when the user is performing sensitive inputs, such as entering passwords on the touchscreen, the trojan application applies the learnt pattern to infer the occurrence of tap events on the touchscreen as well as the tapped positions on the touchscreen.
For demonstration, we present the design and implementation of TapLogger, a trojan application for the Android platform, which stealthily logs the password of screen lock and the numbers entered during a phone call (e.g., credit card and PIN numbers). Statistical results are presented to show the feasibility of such inferences and attacks.
- Apple: shuffle songs on iphone, http://www.apple.com/iphone/features/ipod.htmlGoogle Scholar
- Electronic Arts: Need for speed shift on iphone, http://itunes.apple.com/us/app/need-for-speed-shift/id337641298?mt=8Google Scholar
- Aviv, A.J., Gibson, K., Mossop, E., Blaze, M., Smith, J.M.: Smudge attacks on smartphone touch screens. In: Proceedings of the 4th USENIX conference on Offensive technologies. pp. 1--7. WOOT'10 (2010) Google ScholarDigital Library
- BlackBerry: Ui and navigation - development guide - blackberry java sdk - 7.0 betaGoogle Scholar
- Cai, L., Chen, H.: Touchlogger: Inferring keystrokes on touch screen from smartphone motion. In: Proc. of HotSec'11 (2011) Google ScholarDigital Library
- Cai, L., Machiraju, S., Chen, H.: Defending against sensor-sniffing attacks on mobile phones. In: The First ACM SIGCOMM Workshop on Networking, Systems, Applications on Mobile Handhelds (MobiHeld) (2009) Google ScholarDigital Library
- Chang, C.C., Lin, C.J.: Libsvm: A library for support vector machines. ACM Trans. Intell. Syst. Technol. 2, 27:1--27:27 (May 2011) Google ScholarDigital Library
- Das, T., Mohan, P., Padmanabhan, V.N., Ramjee, R., Sharma, A.: PRISM: platform for remote sensing using smartphones. In: Proceedings of the international conf. on Mobile systems, applications, and services (2010) Google ScholarDigital Library
- Android Developers: SensorEvent specification, http://developer.android.com/reference/android/hardware/SensorEvent.htmlGoogle Scholar
- Developers, A.: Handling UI events, http://developer.android.com/guide/topics/ui/ui-events.htmlGoogle Scholar
- Dietz, M., Shekhar, S., Pisetsky, Y., Shu, A., Wallach, D.S.: Quire: Lightweight provenance for smart phone operating systems. In: Proc. of Usenix Security'11 Google ScholarDigital Library
- Android Dveloper: InputMethodManager, http://developer.android.com/reference/android/view/inputmethod/InputMethodManager.htmlGoogle Scholar
- Emmanuel Owusu, Jun Han, S.D.A.P.J.Z.: ACCessory: Keystroke Inference using Accelerometers on Smartphones. In: Procceedings of Workshop on Mobile Computing Systems and Applications (HotMobile) (2012) Google ScholarDigital Library
- Facebook: Facebook on android, https://market.android.com/details?id=com.facebook.katana&hl=enGoogle Scholar
- Felt, A.P., Wang, H.J., Moshchuk, A., Hanna, S., Chin, E.: Permission re-delegation: Attacks and defenses. In: Proc. of Usenix Security'11 Google ScholarDigital Library
- Golle, P., Partridge, K.: On the anonymity of home/work location pairs. In: Proceedings of the 7th International Conference on Pervasive Computing. pp. 390--397. Pervasive '09, Springer-Verlag, Berlin, Heidelberg (2009) Google ScholarDigital Library
- Hardy, N.: The confused deputy: (or why capabilities might have been invented). SIGOPS Oper. Syst. Rev. 22, 36--38 (October 1988) Google ScholarDigital Library
- Hoh, B., Gruteser, M., Xiong, H., Alrabady, A.: Enhancing security and privacy in traffic-monitoring systems. IEEE Pervasive Computing 5, 38--46 (October 2006) Google ScholarDigital Library
- FitnessKeeper Inc.: RunKeeper application, runkeeper.comGoogle Scholar
- Jun Han, Emmanuel Owusu, T.L.N.A.P.J.Z.: ACComplice: Location Inference using Accelerometers on Smartphones. In: Proceedings of COMSNETS'12 (2012)Google Scholar
- Krumm, J.: Inference attacks on location tracks. In: Proceedings of the 5th international conference on Pervasive computing. pp. 127--143. PERVASIVE'07, Springer-Verlag, Berlin, Heidelberg (2007) Google ScholarDigital Library
- Lane, N.D., Miluzzo, E., Lu, H., Peebles, D., Choudhury, T., Campbell, A.T.: A survey of mobile phone sensing. Comm. Mag. 48, 140--150 (September 2010) Google ScholarDigital Library
- Apple iOS Developer Library: Uiaccelerometer class reference, http://developer.apple.com/library/ios/#documentation/UIKit/Reference/UIAccelerometer_Class/Reference/UIAccelerometer.htmlGoogle Scholar
- Lineberry, A.: Android touch-event hijacking (2010), http://blog.mylookout.com/2010/12/android-touch-event-hijacking/Google Scholar
- LLC, A.: Kindle on android, https://market.android.com/details?id=com.amazon.kindle&hl=enGoogle Scholar
- Ltd., R.M.: Angry birds on android, https://market.android.com/details?id=com.rovio.angrybirdsGoogle Scholar
- Maggi, F., Volpatto, A., Gasparini, S., Boracchi, G., Zanero, S.: Poster: Fast, automatic iphone shoulder surfing. In: Proc. of the 18th Conference on Computer and Communication Security (CCS) (2011) Google ScholarDigital Library
- Marquardt, P., Verma, A., Carter, H., Traynor, P.: (sp)iphone: decoding vibrations from nearby keyboards using mobile phone accelerometers. In: Proceedings of the 18th ACM conference on Computer and communications security. pp. 551--562. CCS '11, ACM (2011) Google ScholarDigital Library
- Meier, R.: Professional Android 2 Application Development. Wiley Publishing, Inc. (2009) Google ScholarDigital Library
- Raguram, R., White, A.M., Goswami, D., Monrose, F., Frahm, J.M.: ispy: automatic reconstruction of typed input from compromising reflections. In: Proceedings of the 18th ACM conference on Computer and communications security. pp. 527--536. CCS '11, ACM (2011) Google ScholarDigital Library
- Ravindranath, L., Newport, C., Balakrishnan, H., Madden, S.: Improving wireless network performance using sensor hints. In: Proceedings of USENIX conference on Networked systems design and implementation (2011) Google ScholarDigital Library
- Reddy, S., Mun, M., Burke, J., Estrin, D., Hansen, M., Srivastava, M.: Using mobile phones to determine transportation modes. ACM Trans. Sen. Netw. 6, 13:1--13:27 (March 2010) Google ScholarDigital Library
- Ross, S.M.: Introduction to Probability and Statistics for Engineers and Scientiests. Academic Press, 2nd edn. (1999)Google Scholar
- Saffer, D.: Designing Gestural Interfaces. O'Reilly (2008) Google ScholarDigital Library
- Schlegel, R., Zhang, K., Zhou, X., Intwala, M., Kapadia, A., Wang, X.: Soundminer: A stealthy and context-aware sound trojan for smartphones. In: Proceedings of the 18th Annual Network and Distributed System Security Symposium (NDSS) (2011)Google Scholar
- Siewiorek, D., Smailagic, A., Furukawa, J., Krause, A., Moraveji, N., Reiger, K., Shaffer, J., Wong, F.L.: Sensay: A context-aware mobile phone. In: Proceedings of the 7th IEEE International Symposium on Wearable Computers. pp. 248--. ISWC '03, IEEE Computer Society (2003) Google ScholarDigital Library
- Takeuchi, S., Tamura, S., Hayamizu, S.: Human action recognition using acceleration information based on hidden markov model. In: Proc of 2009 APSIAPA Annual Summit and Conference (2009)Google Scholar
- Thiagarajan, A., Biagioni, J., Gerlich, T., Eriksson, J.: Cooperative transit tracking using smart-phones. In: Proceedings of the 8th ACM Conference on Embedded Networked Sensor Systems. pp. 85--98. SenSys '10 (2010) Google ScholarDigital Library
- USA Today: Hello, big brother: Digital sensors are watching us, http://www.usatoday.com/tech/news/2011-01-26-digitalsensors26_CV_N.htmGoogle Scholar
- wikipedia: Comparison of smartphones, http://en.wikipedia.org/wiki/Comparison_of_smartphonesGoogle Scholar
- Wikipedia: ios jailbreaking, http://en.wikipedia.org/wiki/IOS_jailbreakingGoogle Scholar
- Xu, N., Zhang, F., Luo, Y., Jia, W., Xuan, D., Teng, J.: Stealthy video capturer: a new video-based spyware in 3g smartphones. In: Proceedings of the second ACM conference on Wireless network security (2009) Google ScholarDigital Library
- Zhou, Y., Zhang, X., Jiang, X., Freeh, V.W.: Taming information-stealing smartphoneapplications (on android). In: Proc. of TRUST'11 Google ScholarDigital Library
Index Terms
- TapLogger: inferring user inputs on smartphone touchscreens using on-board motion sensors
Recommendations
SemaDroid: A Privacy-Aware Sensor Management Framework for Smartphones
CODASPY '15: Proceedings of the 5th ACM Conference on Data and Application Security and PrivacyWhile mobile sensing applications are booming, the sensor management mechanisms in current smartphone operating systems are left behind -- they are incomprehensive and coarse-grained, exposing a huge attack surface for malicious or aggressive third ...
Developing mobile apps using cross-platform frameworks: a case study
HCI'13: Proceedings of the 15th international conference on Human-Computer Interaction: human-centred design approaches, methods, tools, and environments - Volume Part IIn last few years, a huge variety of frameworks for the mobile cross-platform development have been released to deliver quick and overall better solutions. Most of them are based on different approaches and technologies; therefore, relying on only one ...
PScout: analyzing the Android permission specification
CCS '12: Proceedings of the 2012 ACM conference on Computer and communications securityModern smartphone operating systems (OSs) have been developed with a greater emphasis on security and protecting privacy. One of the mechanisms these systems use to protect users is a permission system, which requires developers to declare what ...
Comments