Locational wireless and social media-based surveillance

The number of smartphones and tablets as well as the volume of traffic generated by these devices has been growing constantly over the past decade and this growth is predicted to continue at an increasing rate over the next five years. Numerous native features built into contemporary smart devices enable highly accurate digital fingerprinting techniques. Furthermore, software developers have been taking advantage of locational capabilities of these devices by building applications and social media services that enable convenient sharing of information tied to geographical locations. Mass online sharing resulted in a large volume of locational and personal data being publicly available for extraction. A number of researchers have used this opportunity to design and build tools for a variety of uses – both respectable and nefarious. Furthermore, due to the peculiarities of the IEEE 802.11 specification, wireless-enabled smart devices disclose a number of attributes, which can be observed via passive monitoring. These attributes coupled with the information that can be extracted using social media APIs present an opportunity for research into locational surveillance, device fingerprinting and device user identification techniques. This paper presents an in-progress research study and details the findings to date

Securing Health Sensing Using Integrated Circuit Metric

Convergence of technologies from several domains of computing and healthcare have aided in the creation of devices that can help health professionals in monitoring their patients remotely. An increase in networked healthcare devices has resulted in incidents related to data theft, medical identity theft and insurance fraud. In this paper, we discuss the design and implementation of a secure lightweight wearable health sensing system. The proposed system is based on an emerging security technology called Integrated Circuit Metric (ICMetric) that extracts the inherent features of a device to generate a unique device identification. In this paper, we provide details of how the physical characteristics of a health sensor can be used for the generation of hardware “fingerprints”. The obtained fingerprints are used to deliver security services like authentication, confidentiality, secure admission and symmetric key generation. The generated symmetric key is used to securely communicate the health records and data of the patient. Based on experimental results and the security analysis of the proposed scheme, it is apparent that the proposed system enables high levels of security for health monitoring in resource optimized manner

DolphinAtack: Inaudible Voice Commands

Speech recognition (SR) systems such as Siri or Google Now have become an increasingly popular human-computer interaction method, and have turned various systems into voice controllable systems(VCS). Prior work on attacking VCS shows that the hidden voice commands that are incomprehensible to people can control the systems. Hidden voice commands, though hidden, are nonetheless audible. In this work, we design a completely inaudible attack, DolphinAttack, that modulates voice commands on ultrasonic carriers (e.g., f > 20 kHz) to achieve inaudibility. By leveraging the nonlinearity of the microphone circuits, the modulated low frequency audio commands can be successfully demodulated, recovered, and more importantly interpreted by the speech recognition systems. We validate DolphinAttack on popular speech recognition systems, including Siri, Google Now, Samsung S Voice, Huawei HiVoice, Cortana and Alexa. By injecting a sequence of inaudible voice commands, we show a few proof-of-concept attacks, which include activating Siri to initiate a FaceTime call on iPhone, activating Google Now to switch the phone to the airplane mode, and even manipulating the navigation system in an Audi automobile. We propose hardware and software defense solutions. We validate that it is feasible to detect DolphinAttack by classifying the audios using supported vector machine (SVM), and suggest to re-design voice controllable systems to be resilient to inaudible voice command attacks.Comment: 15 pages, 17 figure

Smartphone-based food diagnostic technologies: A review

A new generation of mobile sensing approaches offers significant advantages over traditional platforms in terms of test speed, control, low cost, ease-of-operation, and data management, and requires minimal equipment and user involvement. The marriage of novel sensing technologies with cellphones enables the development of powerful lab-on-smartphone platforms for many important applications including medical diagnosis, environmental monitoring, and food safety analysis. This paper reviews the recent advancements and developments in the field of smartphone-based food diagnostic technologies, with an emphasis on custom modules to enhance smartphone sensing capabilities. These devices typically comprise multiple components such as detectors, sample processors, disposable chips, batteries and software, which are integrated with a commercial smartphone. One of the most important aspects of developing these systems is the integration of these components onto a compact and lightweight platform that requires minimal power. To date, researchers have demonstrated several promising approaches employing various sensing techniques and device configurations. We aim to provide a systematic classification according to the detection strategy, providing a critical discussion of strengths and weaknesses. We have also extended the analysis to the food scanning devices that are increasingly populating the Internet of Things (IoT) market, demonstrating how this field is indeed promising, as the research outputs are quickly capitalized on new start-up companies

Fiber Loop Ringdown — a Time-Domain Sensing Technique for Multi-Function Fiber Optic Sensor Platforms: Current Status and Design Perspectives

Fiber loop ringdown (FLRD) utilizes an inexpensive telecommunications light source, a photodiode, and a section of single-mode fiber to form a uniform fiber optic sensor platform for sensing various quantities, such as pressure, temperature, strain, refractive index, chemical species, biological cells, and small volume of fluids. In FLRD, optical losses of a light pulse in a fiber loop induced by changes in a quantity are measured by the light decay time constants. FLRD measures time to detect a quantity; thus, FLRD is referred to as a time-domain sensing technique. FLRD sensors have near real-time response, multi-pass enhanced high-sensitivity, and relatively low cost (i.e., without using an optical spectral analyzer). During the last eight years since the introduction of the original form of fiber ringdown spectroscopy, there has been increasing interest in the FLRD technique in fiber optic sensor developments, and new application potential is being explored. This paper first discusses the challenging issues in development of multi-function, fiber optic sensors or sensor networks using current fiber optic sensor sensing schemes, and then gives a review on current fiber optic sensor development using FLRD technique. Finally, design perspectives on new generation, multi-function, fiber optic sensor platforms using FLRD technique are particularly presented

Factory Calibration Fingerprinting of Sensors

Device fingerprinting aims to generate a distinctive signature, or fingerprint, that uniquely identifies individual computing devices. Fingerprints may be a privacy concern since apps and websites can use them to track user activity online. To protect user privacy, both Android and iOS have included a variety of measures to prevent such tracking. In this paper we present a new type of fingerprinting, factory calibration fingerprinting, that bypasses existing tracking protection. Our attack recovers embedded per-device factory calibration data from the accelerometer, gyroscope, and magnetometer sensors that are pervasive in modern smartphones by careful analysis of the sensor output alone. We discuss the factory calibration behaviour of each sensor and show that the calibration fingerprint is fast to generate, does not change over time or after a factory reset, and can be used to track users across apps and websites without any special permission from the user. We find the calibration fingerprint is very likely to be globally unique for iOS devices, with an estimated 67 bits of entropy for the iPhone 6S. In addition, we have analysed 146 Android device models from 11 vendors and found the attack also works on recent Google Pixel devices. For Pixel 4/4 XL, we estimate the calibration fingerprint provides about 57 bits of entropy. Following our disclosures, Apple deployed a mitigation in iOS 12.2 and Google in Android 11. We analyse Apple's fix and show that the mitigation is imperfect although it is likely to be sufficient in most threat models.China Scholarship Counci

MEMS sensors as physical unclonable functions

A fundamental requirement of any crypto system is that secret-key material remains securely stored so that it is robust in withstanding attacks including physical tampering. In this context, physical unclonable functions (PUFs) have been proposed to store cryptographic secrets in a particularly secure manner. In this thesis, the feasibility of using microelectromechanical systems (MEMS) sensors for secure key storage purposes is evaluated for the first time. To this end, we investigated an off-the-shelf 3-axis MEMS gyroscope design and used its properties to derive a unique fingerprint from each sensor. We thoroughly examined the robustness of the derived fingerprints against temperature variation and aging. We extracted stable keys with nearly full entropy from the fingerprints. The security level of the extracted keys lies in a range between 27 bits and 150 bits depending on the applied test conditions and the used entropy estimation method. Moreover, we provide experimental evidence that the extractable key length is higher in practice when multiple wafers are considered. In addition, it is shown that further improvements could be achieved by using more precise measurement techniques and by optimizing the MEMS design. The robustness of a MEMS PUF against tampering and malicious read-outs was tested by three different types of physical attacks. We could show that MEMS PUFs provide a high level of protection due to the sensitivity of their characteristics to disassembly.Eine grundlegende Anforderung jedes Kryptosystems ist, dass der verwendete geheime Schlüssel sicher und geschützt aufbewahrt wird. Vor diesem Hintergrund wurden physikalisch unklonbare Funktionen (PUFs) vorgeschlagen, um kryptographische Geheimnisse besonders sicher zu speichern. In dieser Arbeit wird erstmals die Verwendbarkeit von mikroelektromechanischen Systemen (MEMS) für die sichere Schlüsselspeicherung anhand eines 3-achsigen MEMS Drehratensensor gezeigt. Dabei werden die Eigenschaften der Sensoren zur Ableitung eines eindeutigen Fingerabdrucks verwendet. Die Temperatur- und Langzeitstabilität der abgeleiteten Fingerabdrücke wurde ausführlich untersucht. Aus den Fingerabdrücken wurden stabile Schlüssel mit einem Sicherheitsniveau zwischen 27 Bit und 150 Bit, abhängig von den Testbedingungen und der verwendeten Entropie-Schätzmethode, extrahiert. Außerdem konnte gezeigt werden, dass die Schlüssellänge ansteigt, je mehr Wafer betrachtet werden. Darüber hinaus wurde die Verwendung einer präziseren Messtechnik und eine Optimierung des MEMS-Designs als potentielle Verbesserungsmaßnahmen identifiziert. Die Robustheit einer MEMS PUF gegen Manipulationen und feindseliges Auslesen durch verschiedene Arten von physikalischen Angriffen wurde untersucht. Es konnte gezeigt werden, dass MEMS PUFs aufgrund der Empfindlichkeit ihrer Eigenschaften hinsichtlich einer Öffnung des Mold-Gehäuses eine hohe Widerstandsfähigkeit gegenüber invasiven Angriffen aufweisen

Hardware and software fingerprinting of mobile devices

This dissertation presents novel and practical algorithms to identify the software and hardware components on mobile devices. In particular, we make significant contributions in two challenging areas: library fingerprinting, to identify third-party software libraries, and device fingerprinting, to identify individual hardware components. Our work has significant implications for the privacy and security of mobile platforms. Software-based library fingerprinting can be used to detect vulnerable libraries and uncover large-scale data collection activities. We develop a novel Android library finger-printing tool, LibID, to reliably identify specific versions of in-app third-party libraries. LibID is more effective against code obfuscation than prior art. When comparing LibID with other tools in identifying the correct library version using obfuscated F-Droid apps, LibID achieves an F1 score of more than 0.5 in all cases while prior work is below 0.25. We also demonstrate the utility of LibID by detecting the use of a vulnerable version of the OkHttp library in nearly 10% of the 3 958 popular apps on the Google Play Store. Hardware-based device fingerprinting allows apps and websites to invade user privacy by tracking user activity online as the user moves between apps or websites. In particular, we present a new type of device fingerprinting attack, the factory calibration fingerprinting attack, that recovers embedded per-device factory calibration data from motion sensors in a smartphone. We investigate the calibration behaviour of each sensor and show that the calibration fingerprint is fast to generate, does not change over time or after a factory reset, and can be obtained without any special user permissions. We estimate the entropy of the calibration fingerprint and find the fingerprint is very likely to be globally unique for iOS devices (~67 bits of entropy for iPhone 6S) and recent Google Pixel devices (~57 bits of entropy for Pixel 4/4 XL). By comparison, the fingerprint generated by previous work has at most 13 bits of entropy. Following our disclosures, Apple deployed a fix in iOS 12.2 and Google in Android 11. Both code obfuscation and factory calibration help to hide software and hardware idiosyncrasies from third-parties, but this dissertation demonstrates that reliable software and hardware fingerprints can still be generated given sufficient knowledge and a suitable approach. Our work has significant practical implications and can be used to improve platform security and protect user privacy.China Scholarship Council The Boeing Company Microsoft Researc