Touchtone leakage attacks via smartphone sensors: mitigation without hardware modification
This addresses a security vulnerability for smartphone users by proposing deployable mitigations against acoustic leakage attacks, though it is incremental as it builds on existing mitigation ideas.
The paper tackles the problem of smartphone motion sensors being used to eavesdrop on touchtones, exposing sensitive information, and analyzes mitigation strategies, showing that a low-pass filter reduces sensor data by 83% but only cuts attack accuracy by less than 1%, while anti-aliasing filters preserve data and reduce accuracy by 50.1%.
Smartphone motion sensors provide a concealed mechanism for eavesdropping on acoustic information, like touchtones, emitted by a device. Eavesdropping on touchtones exposes credit card information, banking pins, and social security card numbers to malicious 3rd party apps requiring only motion sensor data. This paper's primary contribution is an analysis rooted in physics and signal processing theory of several eavesdropping mitigations, which could be implemented in a smartphone update. We verify our analysis imperially to show how previously suggested mitigations, i.e. a low-pass filter, can undesirably reduce the motion sensor data to all applications by 83% but only reduce an advanced adversary's accuracy by less than one percent. Other designs, i.e. anti-aliasing filters, can fully preserve the motion sensor data to support benign application functionality while reducing attack accuracy by 50.1%. We intend for this analysis to motivate the need for deployable mitigations against acoustic leakage on smartphone motion sensors, including but not limited to touchtones, while also providing a basis for future mitigations to improve upon.