Matyunin, Nikolay (2022)
Sensor-Based Covert Channels on Mobile Devices.
Technische Universität Darmstadt
doi: 10.26083/tuprints-00021975
Ph.D. Thesis, Primary publication, Publisher's Version
Text
Matyunin - Sensor-based Covert Channels on Mobile Devices.pdf Copyright Information: CC BY-SA 4.0 International - Creative Commons, Attribution ShareAlike. Download (12MB) |
Item Type: | Ph.D. Thesis | ||||
---|---|---|---|---|---|
Type of entry: | Primary publication | ||||
Title: | Sensor-Based Covert Channels on Mobile Devices | ||||
Language: | English | ||||
Referees: | Hollick, Prof. Dr. Matthias ; Katzenbeisser, Prof. Dr. Stefan | ||||
Date: | 2022 | ||||
Place of Publication: | Darmstadt | ||||
Collation: | xiii, 133 Seiten | ||||
Date of oral examination: | 4 July 2022 | ||||
DOI: | 10.26083/tuprints-00021975 | ||||
Abstract: | Smartphones have become ubiquitous in our daily activities, having billions of active users worldwide. The wide range of functionalities of modern mobile devices is enriched by many embedded sensors. These sensors, accessible by third-party mobile applications, pose novel security and privacy threats to the users of the devices. Numerous research works demonstrate that user keystrokes, location, or even speech can be inferred based on sensor measurements. Furthermore, the sensor itself can be susceptible to external physical interference, which can lead to attacks on systems that rely on sensor data. In this dissertation, we investigate how reaction of sensors in mobile devices to malicious physical interference can be exploited to establish covert communication channels between otherwise isolated devices or processes. We present multiple covert channels that use sensors’ reaction to electromagnetic and acoustic interference to transmit sensitive data from nearby devices with no dedicated equipment or hardware modifications. In addition, these covert channels can also transmit information between applications within a mobile device, breaking the logical isolation enforced by the operating system. Furthermore, we discuss how sensor-based covert channels can affect privacy of end users by tracking their activities on two different devices or across two different applications on the same device. Finally, we present a framework that automatically identifies covert channels that are based on physical interference between hardware components of mobile devices. As a result of the experimental evaluation, we can confirm previously known covert channels on smartphones, and discover novel sources of cross-component interference that can be used to establish covert channels. Focusing on mobile platforms in this work, we aim to show that it is of crucial importance to consider physical covert channels when assessing the security of the systems that rely on sensors, and advocate for holistic approaches that can proactively identify and estimate corresponding security and privacy risks. |
||||
Alternative Abstract: |
|
||||
Status: | Publisher's Version | ||||
URN: | urn:nbn:de:tuda-tuprints-219758 | ||||
Classification DDC: | 000 Generalities, computers, information > 004 Computer science | ||||
Divisions: | 20 Department of Computer Science > Security Engineering | ||||
Date Deposited: | 20 Oct 2022 12:17 | ||||
Last Modified: | 21 Oct 2022 13:14 | ||||
URI: | https://tuprints.ulb.tu-darmstadt.de/id/eprint/21975 | ||||
PPN: | 500655022 | ||||
Export: |
View Item |