25 research outputs found
On the security of mobile sensors
PhD ThesisThe age of sensor technology is upon us. Sensor-rich mobile devices
are ubiquitous. Smart-phones, tablets, and wearables are increasingly
equipped with sensors such as GPS, accelerometer, Near Field Communication
(NFC), and ambient sensors. Data provided by such sensors, combined
with the fast-growing computational capabilities on mobile platforms,
offer richer and more personalised apps. However, these sensors
introduce new security challenges to the users, and make sensor management
more complicated.
In this PhD thesis, we contribute to the field of mobile sensor security by
investigating a wide spectrum of open problems in this field covering attacks
and defences, standardisation and industrial approaches, and human
dimensions. We study the problems in detail and propose solutions.
First, we propose âTap-Tap and Payâ (TTP), a sensor-based protocol to
prevent the Mafia attack in NFC payment. The Mafia attack is a special
type of Man-In-The-Middle attack which charges the user for something
more expensive than what she intends to pay by relaying transactions
to a remote payment terminal. In TTP, a user initiates the payment by
physically tapping her mobile phone against the reader. We observe that
this tapping causes transient vibrations at both devices which are measurable
by the embedded accelerometers. Our observations indicate that
these sensor measurements are closely correlated within the same tapping,
and different if obtained from different tapping events. By comparing the
similarity between the two measurements, the bank can distinguish the
Mafia fraud apart from a legitimate NFC transaction. The experimental
results and the user feedback suggest the practical feasibility of TTP. As
compared with previous sensor-based solutions, ours is the only one that
works even when the attacker and the user are in nearby locations or share
similar ambient environments. Second, we demonstrate an in-app attack based on a real world problem
in contactless payment known as the card collision or card clash. A card
collision happens when more than one card (or NFC-enabled device) are
presented to the payment terminalâs field, and the terminal does not know
which card to choose. By performing experiments, we observe that the
implementation of contactless terminals in practice matches neither EMV
nor ISO standards (the two primary standards for smart card payment)
on card collision. Based on this inconsistency, we propose âNFC Payment
Spyâ, a malicious app that tracks the userâs contactless payment transactions.
This app, running on a smart phone, simulates a card which
requests the payment information (amount, time, etc.) from the terminal.
When the phone and the card are both presented to a contactless
terminal (given that many people use mobile case wallets to travel light
and keep wallet essentials close to hand), our app can effectively win the
race condition over the card. This attack is the first privacy attack on
contactless payments based on the problem of card collision. By showing
the feasibility of this attack, we raise awareness of privacy and security
issues in contactless payment protocols and implementation, specifically
in the presence of new technologies for payment such as mobile platforms.
Third, we show that, apart from attacking mobile devices by having access
to the sensors through native apps, we can also perform sensor-based
attacks via mobile browsers. We examine multiple browsers on Android
and iOS platforms and study their policies in granting permissions to
JavaScript code with respect to access to motion and orientation sensor
data. Based on our observations, we identify multiple vulnerabilities,
and propose âTouchSignaturesâ and âPINLogger.jsâ, two novel attacks in
which malicious JavaScript code listens to such sensor data measurements.
We demonstrate that, despite the much lower sampling rate (comparing to
a native app), a remote attacker is able to learn sensitive user information
such as physical activities, phone call timing, touch actions (tap, scroll,
hold, zoom), and PINs based on these sensor data. This is the first report
of such a JavaScript-based attack. We disclosed the above vulnerability to
the community and major mobile browser vendors classified the problem
as high-risk and fixed it accordingly.
Finally, we investigate human dimensions in the problem of sensor management.
Although different types of attacks via sensors have been known for many years, the problem of data leakage caused by sensors has remained
unsolved. While working with W3C and browser vendors to fix
the identified problem, we came to appreciate the complexity of this problem
in practice and the challenge of balancing security, usability, and functionality.
We believe a major reason for this is that users are not fully
aware of these sensors and the associated risks to their privacy and security.
Therefore, we study user understanding of mobile sensors, specifically
their risk perceptions. This is the only research to date that studies risk
perceptions for a comprehensive list of mobile sensors (25 in total). We
interview multiple participants from a range of backgrounds by providing
them with multiple self-declared questionnaires. The results indicate that
people in general do not have a good understanding of the complexities
of these sensors; hence making security judgements about these sensors
is not easy for them. We discuss how this observation, along with other
factors, renders many academic and industry solutions ineffective. This
makes the security and privacy issues of mobile sensors and other sensorenabled
technologies an important topic to be investigated further
"My sex-related data is more sensitive than my financial data and I want the same level of security and privacy": User Risk Perceptions and Protective Actions in Female-oriented Technologies
The digitalization of the reproductive body has engaged myriads of
cutting-edge technologies in supporting people to know and tackle their
intimate health. Generally understood as female technologies (aka
female-oriented technologies or 'FemTech'), these products and systems collect
a wide range of intimate data which are processed, transferred, saved and
shared with other parties. In this paper, we explore how the "data-hungry"
nature of this industry and the lack of proper safeguarding mechanisms,
standards, and regulations for vulnerable data can lead to complex harms or
faint agentic potential. We adopted mixed methods in exploring users'
understanding of the security and privacy (SP) of these technologies. Our
findings show that while users can speculate the range of harms and risks
associated with these technologies, they are not equipped and provided with the
technological skills to protect themselves against such risks. We discuss a
number of approaches, including participatory threat modelling and SP by
design, in the context of this work and conclude that such approaches are
critical to protect users in these sensitive systems
How Can and Would People Protect From Online Tracking?
Online tracking is complex and users find itchallenging to protect themselves from it. While the aca-demic community has extensively studied systems andusers for tracking practices, the link between the dataprotection regulations, websitesâ practices of presentingprivacy-enhancing technologies (PETs), and how userslearn about PETs and practice them is not clear. Thispaper takes a multidimensional approach to find such alink. We conduct a study to evaluate the 100 top EUwebsites, where we find that information about PETsis provided far beyond the cookie notice. We also findthat opting-out from privacy settings is not as easy asopting-in and becomes even more difficult (if not impos-sible) when the user decides to opt-out of previously ac-cepted privacy settings. In addition, we conduct an on-line survey with 614 participants across three countries(UK, France, Germany) to gain a broad understand-ing of usersâ tracking protection practices. We find thatusers mostly learn about PETs for tracking protectionvia their own research or with the help of family andfriends. We find a disparity between what websites offeras tracking protection and the ways individuals reportto do so. Observing such a disparity sheds light on whycurrent policies and practices are ineffective in support-ing the use of PETs by users
A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards
With recent developments in deep learning, the ubiquity of micro-phones and
the rise in online services via personal devices, acoustic side channel attacks
present a greater threat to keyboards than ever. This paper presents a
practical implementation of a state-of-the-art deep learning model in order to
classify laptop keystrokes, using a smartphone integrated microphone. When
trained on keystrokes recorded by a nearby phone, the classifier achieved an
accuracy of 95%, the highest accuracy seen without the use of a language model.
When trained on keystrokes recorded using the video-conferencing software Zoom,
an accuracy of 93% was achieved, a new best for the medium. Our results prove
the practicality of these side channel attacks via off-the-shelf equipment and
algorithms. We discuss a series of mitigation methods to protect users against
these series of attacks.Comment: This paper was already accepted in 2023 IEEE European Symposium on
Security and Privacy Workshop, SiLM'23 (EuroS&PW
On secure E-voting over blockchain
This paper discusses secure methods to conduct e-voting over a blockchain in three different settings: decentralized voting, centralized remote voting and centralized polling station voting. These settings over almost all voting scenarios that occur in practice. A proof-of-concept implementation for decentralized voting over Ethereumâs blockchain is presented. This work demonstrates the suitable use of a blockchain not just as a public bulletin board, but more importantly, as a trustworthy
computing platform that enforces the correct execution of the voting protocol in a publicly verifiable manner. We also discuss scaling up a blockchain-based voting application for national elections. We show that for national-scale elections the major verifiability problems can be addressed without having to depend on any blockchain. However, a blockchain remains a viable option to realize a public bulletin board, which has the advantage of being a âpreventiveâ measure to stop retrospective changes on previously published records as opposed to a âdetectiveâ measure like the use of mirror websites
On Secure E-Voting over Blockchain
This article discusses secure methods to conduct e-voting over a blockchain in three different settings: decentralized voting, centralized remote voting, and centralized polling station voting. These settings cover almost all voting scenarios that occur in practice. A proof-of-concept implementation for decentralized voting over Ethereum's blockchain is presented. This work demonstrates the suitable use of a blockchain not just as a public bulletin board but, more importantly, as a trustworthy computing platform that enforces the correct execution of the voting protocol in a publicly verifiable manner. We also discuss scaling up a blockchain-based voting application for national elections. We show that for national-scale elections the major verifiability problems can be addressed without having to depend on any blockchain. However, a blockchain remains a viable option to realize a public bulletin board, which has the advantage of being a "preventive"measure to stop retrospective changes on previously published records as opposed to a "detective"measure like the use of mirror websites. CCS Concepts: âą Security and privacy
End-to-End Verifiable E-Voting Trial for Polling Station Voting
On 2 May 2019, during the UK local elections, an e-voting trial was conducted in Gateshead, using a touch-screen end-to-end verifiable e-voting system. This was the first trial of verifiable e-voting for polling station voting in the UK, and it presented a case study to envisage the future of e-voting
"my sex-related data is more sensitive than my financial data and i want the same level of security and privacy" : user risk perceptions and protective actions in female-oriented technologies
The digitalization of the reproductive body has engaged myriads of cutting-edge technologies in supporting people to know and tackle their intimate health. Generally understood as female technologies (aka female-oriented technologies or âFemTechâ), these products and systems collect a wide range of intimate data which are processed, transferred, saved and shared with other parties. In this paper, we explore how the âdata-hungry" nature of this industry and the lack of proper safeguarding mechanisms, standards, and regulations for vulnerable data can lead to complex harms or faint agentic potential. We adopted mixed methods in exploring usersâ understanding of the security and privacy (SP) of these technologies. Our findings show that while users can speculate the range of harms and risks associated with these technologies, they are not equipped and provided with the technological skills to protect themselves against such risks. We discuss a number of approaches, including participatory threat modelling and SP by design, in the context of this work and conclude that such approaches are critical to protect users in these sensitive systems.
Caring for Intimate Data in Fertility Technologies
Fertility tracking applications are technologies that collect sensitive information about their users i.e. reproductive potential. For many, these apps are an affordable solution when trying to conceive or managing their pregnancy. However, intimate data are not only collected but also shared beyond users knowledge or consent. In this paper, we explore the privacy risks that can originate from the mismanagement, misuse, and misappropriation of intimate data, which are entwined in individual life events and in public health issues such as abortion and (in)fertility. We look at differential vulnerabilities to enquire dataâs vulnerability and that of âdata subjectsâ. We introduce the General Data Protection Regulation (GDPR) and how it addresses fertility data. We evaluate the privacy of 30 top âfertility appsâ through their privacy notices and tracking practices. Lastly, we discuss the regulations and fertility data as critical to the future design of tracking technologies and privacy rights.
What Is This Sensor and Does This App Need Access to It?
Mobile sensors have already proven to be helpful in different aspects of people’s everyday lives such as fitness, gaming, navigation, etc. However, illegitimate access to these sensors results in a malicious program running with an exploit path. While the users are benefiting from richer and more personalized apps, the growing number of sensors introduces new security and privacy risks to end users and makes the task of sensor management more complex. In this paper, first, we discuss the issues around the security and privacy of mobile sensors. We investigate the available sensors on mainstream mobile devices and study the permission policies that Android, iOS and mobile web browsers offer for them. Second, we reflect the results of two workshops that we organized on mobile sensor security. In these workshops, the participants were introduced to mobile sensors by working with sensor-enabled apps. We evaluated the risk levels perceived by the participants for these sensors after they understood the functionalities of these sensors. The results showed that knowing sensors by working with sensor-enabled apps would not immediately improve the users’ security inference of the actual risks of these sensors. However, other factors such as the prior general knowledge about these sensors and their risks had a strong impact on the users’ perception. We also taught the participants about the ways that they could audit their apps and their permissions. Our findings showed that when mobile users were provided with reasonable choices and intuitive teaching, they could easily self-direct themselves to improve their security and privacy. Finally, we provide recommendations for educators, app developers, and mobile users to contribute toward awareness and education on this topic