Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

Georgia Tech Turns iPhone Into spiPhone

19.10.2011
It’s a pattern that no doubt repeats itself daily in hundreds of millions of offices around the world: People sit down, turn on their computers, set their mobile phones on their desks and begin to work. What if a hacker could use that phone to track what the person was typing on the keyboard just inches away?

A research team at Georgia Tech has discovered how to do exactly that, using a smartphone accelerometer—the internal device that detects when and how the phone is tilted—to sense keyboard vibrations and decipher complete sentences with up to 80 percent accuracy. The procedure is not easy, they say, but is definitely possible with the latest generations of smartphones.

“We first tried our experiments with an iPhone 3GS, and the results were difficult to read,” said Patrick Traynor, assistant professor in Georgia Tech’s School of Computer Science. “But then we tried an iPhone 4, which has an added gyroscope to clean up the accelerometer noise, and the results were much better. We believe that most smartphones made in the past two years are sophisticated enough to launch this attack.”

Previously, Traynor said, researchers have accomplished similar results using microphones, but a microphone is a much more sensitive instrument than an accelerometer. A typical smartphone’s microphone samples vibration roughly 44,000 times per second, while even newer phones’ accelerometers sample just 100 times per second—two full orders of magnitude less often. Plus, manufacturers have installed security around a phone’s microphone; the phone’s operating system is programmed to ask users whether to give new applications access to most built-in sensors, including the microphone. Accelerometers typically are not protected in this way.

The technique works through probability and by detecting pairs of keystrokes, rather than individual keys (which still is too difficult to accomplish reliably, Traynor said). It models “keyboard events” in pairs, then determines whether the pair of keys pressed is on the left versus right side of the keyboard, and whether they are close together or far apart. After the system has determined these characteristics for each pair of keys depressed, it compares the results against a preloaded dictionary, each word of which has been broken down along similar measurements (i.e., are the letters left/right, near/far on a standard QWERTY keyboard). Finally, the technique only works reliably on words of three or more letters.

For example, take the word “canoe,” which when typed breaks down into four keystroke pairs: “C-A, A-N, N-O and O-E.” Those pairs then translate into the detection system’s code as follows: Left-Left-Near, Left-Right-Far, Right-Right-Far and Right-Left-Far, or LLN-LRF-RRF-RLF. This code is then compared to the preloaded dictionary and yields “canoe” as the statistically probable typed word. Working with dictionaries comprising about 58,000 words, the system reached word-recovery rates as high as 80 percent.

“The way we see this attack working is that you, the phone’s owner, would request or be asked to download an innocuous-looking application, which doesn’t ask you for the use of any suspicious phone sensors,” said Henry Carter, a PhD student in computer science and one of the study’s co-authors. “Then the keyboard-detection malware is turned on, and the next time you place your phone next to the keyboard and start typing, it starts listening.”

Mitigation strategies for this vulnerability are pretty simple and straightforward, Traynor said. First, since the study found an effective range of just three inches from a keyboard, phone users can simply leave their phones in their purses or pockets, or just move them further away from the keyboard. But a fix that puts less onus on users is to add a layer of security for phone accelerometers.

“The sampling rate for accelerometers is already pretty low, and if you cut it in half, you start to approach theoretical limitations that prevent eavesdropping. The malware simply does not have the data to work with,” Traynor said. “But most phone applications can still function even with that lower accelerometer rate. So manufacturers could set that as the default rate, and if someone downloads an application like a game that needs the higher sampling rate, that would prompt a permission question to the user to reset the accelerometer.”

In the meantime, Traynor said, users shouldn’t be paranoid that hackers are tracking their keystrokes through their iPhones.

“The likelihood of someone falling victim to an attack like this right now is pretty low,” he said. “This was really hard to do. But could people do it if they really wanted to? We think yes.”

The finding is reported in the paper, “(sp)iPhone: Decoding Vibrations From Nearby Keyboards Using Mobile Phone Accelerometers,” and will be presented Thursday, Oct. 20, at the 18th ACM Conference on Computer and Communications Security in Chicago. In addition to Carter, Traynor’s coauthors include Georgia Tech graduate student Arunabh Verman and Philip Marquardt of the MIT Lincoln Laboratory.

About the Georgia Tech College of Computing

The Georgia Tech College of Computing is a national leader in the creation of real-world computing breakthroughs that drive social and scientific progress. With its graduate program ranked 10th nationally by U.S. News and World Report, the College’s unconventional approach to education is defining the new face of computing by expanding the horizons of traditional computer science students through interdisciplinary collaboration and a focus on human-centered solutions. For more information about the Georgia Tech College of Computing, its academic divisions and research centers, please visit http://www.cc.gatech.edu.

Contact
Michael Terrazas
Assistant Director of Communications
College of Computing at Georgia Tech
mterraza@cc.gatech.edu

Michael Terrazas | EurekAlert!
Further information:
http://www.cc.gatech.edu

More articles from Information Technology:

nachricht In a New Method for Searching Image Databases, a Hand-drawn Sketch Is all it Takes
31.05.2016 | Universität Basel

nachricht New technique controls autonomous vehicles on a dirt track
24.05.2016 | Georgia Institute of Technology

All articles from Information Technology >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: Attosecond camera for nanostructures

Physicists of the Laboratory for Attosecond Physics at the Max Planck Institute of Quantum Optics and the Ludwig-Maximilians-Universität Munich in collaboration with scientists from the Friedrich-Alexander-Universität Erlangen-Nürnberg have observed a light-matter phenomenon in nano-optics, which lasts only attoseconds.

The interaction between light and matter is of key importance in nature, the most prominent example being photosynthesis. Light-matter interactions have also...

Im Focus: Worldwide Success of Tyrolean Wastewater Treatment Technology

A biological and energy-efficient process, developed and patented by the University of Innsbruck, converts nitrogen compounds in wastewater treatment facilities into harmless atmospheric nitrogen gas. This innovative technology is now being refined and marketed jointly with the United States’ DC Water and Sewer Authority (DC Water). The largest DEMON®-system in a wastewater treatment plant is currently being built in Washington, DC.

The DEMON®-system was developed and patented by the University of Innsbruck 11 years ago. Today this successful technology has been implemented in about 70...

Im Focus: Computational high-throughput screening finds hard magnets containing less rare earth elements

Permanent magnets are very important for technologies of the future like electromobility and renewable energy, and rare earth elements (REE) are necessary for their manufacture. The Fraunhofer Institute for Mechanics of Materials IWM in Freiburg, Germany, has now succeeded in identifying promising approaches and materials for new permanent magnets through use of an in-house simulation process based on high-throughput screening (HTS). The team was able to improve magnetic properties this way and at the same time replaced REE with elements that are less expensive and readily available. The results were published in the online technical journal “Scientific Reports”.

The starting point for IWM researchers Wolfgang Körner, Georg Krugel, and Christian Elsässer was a neodymium-iron-nitrogen compound based on a type of...

Im Focus: Atomic precision: technologies for the next-but-one generation of microchips

In the Beyond EUV project, the Fraunhofer Institutes for Laser Technology ILT in Aachen and for Applied Optics and Precision Engineering IOF in Jena are developing key technologies for the manufacture of a new generation of microchips using EUV radiation at a wavelength of 6.7 nm. The resulting structures are barely thicker than single atoms, and they make it possible to produce extremely integrated circuits for such items as wearables or mind-controlled prosthetic limbs.

In 1965 Gordon Moore formulated the law that came to be named after him, which states that the complexity of integrated circuits doubles every one to two...

Im Focus: Researchers demonstrate size quantization of Dirac fermions in graphene

Characterization of high-quality material reveals important details relevant to next generation nanoelectronic devices

Quantum mechanics is the field of physics governing the behavior of things on atomic scales, where things work very differently from our everyday world.

All Focus news of the innovation-report >>>

Anzeige

Anzeige

Event News

Networking 4.0: International Laser Technology Congress AKL’16 Shows New Ways of Cooperations

24.05.2016 | Event News

Challenges of rural labor markets

20.05.2016 | Event News

International expert meeting “Health Business Connect” in France

19.05.2016 | Event News

 
Latest News

Better combustion for power generation

31.05.2016 | Power and Electrical Engineering

Stick insects produce bacterial enzymes themselves

31.05.2016 | Life Sciences

In a New Method for Searching Image Databases, a Hand-drawn Sketch Is all it Takes

31.05.2016 | Information Technology

VideoLinks
B2B-VideoLinks
More VideoLinks >>>