research-article

Covert channels using mobile device's magnetic field sensors

Authors:

Nikolay Matyunin,

Sebastian Biedermann,

Stefan KatzenbeisserAuthors Info & Claims

2016 21st Asia and South Pacific Design Automation Conference (ASP-DAC)

Pages 525 - 532

https://doi.org/10.1109/ASPDAC.2016.7428065

Published: 01 January 2016 Publication History

Abstract

This paper presents a new covert channel using smartphone magnetic sensors. We show that modern smartphones are capable to detect the magnetic field changes induced by different computer components during I/O operations. In particular, we are able to create a covert channel between a laptop and a mobile device without any additional equipment, firmware modifications or privileged access on either of the devices. We present two encoding schemes for the covert channel communication and evaluate their effectiveness.

References

[1]

Android API. Sensors overview. https://developer.android.com/guide/topics/sensors/sensors_overview.html, 2015. [Accessed: 24.10.2015].

[2]

D. Agrawal, B. Archambeault, J. Rao, and P. Rohatgi. The em side channel(s). In Cryptographic Hardware and Embedded Systems, volume 2523, pages 29–45. 2003.

[3]

S. Biedermann, S. Katzenbeisser, and J. Szefer Hard drive side-channel attacks using smartphone magnetic field sensors. In R. Bhme and T. Okamoto, Financial Cryptography and Data Security, volume 8975 of Lecture Notes in Computer Science, pages 489–496. Springer Berlin Heidelberg, 2015.

[4]

R. Callan, A. Zajić and M. Prvulovic, A practical methodology for measuring the side-channel signal available to the attacker for instruction-level events. In Proceedings of the 47th Annual IEEE/ACM International Symposium on Microarchitecture, MICRO-47, pages 242–254, Washington, DC, USA, 2014. IEEE Computer Society.

[5]

B. Carrara and C. Adams. On acoustic covert channels between air-gapped systems. In Foundations and Practice of Security, pages 3–16. Springer, 2014.

[6]

L. Deshotels. Inaudible sound as a covert channel in mobile devices. In Proceedings of the 8th USENIX conference on Offensive Technologies, pages 16–16. USENIX Association, 2014.

[7]

K. Gandolfi, C. Mourtel, and F. Olivier. Electromagnetic analysis: Concrete results. In Cryptographic Hardware and Embedded Systems, pages 251–261. 2001.

Digital Library

[8]

M. Guri, A. Kachlon, O. Hasson, G. Kedma, Y. Mirsky, and Y. Elovici. Gsmem: Data exfiltration from air-gapped computers over gsm frequencies. In 24th USENIX Security Symposium (USENIX Security 15), pages 849–864, Washington, D.C., Aug. 2015. USENIX Association.

[9]

M. Guri, G. Kedma, A. Kachlon, and Y. Elovici. Airhopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies. In Malicious and Unwanted Software: The Americas (MALWARE), 2014 9th International Conference on, pages 58–67. IEEE, 2014.

[10]

M. Hanspach and M. Goetz. On covert acoustical mesh networks in air. arXiv preprint arXiv:14 06. 1213, 2014.

[11]

M. Hanspach and M. Goetz. Recent developments in covert acoustical communications. In Sicherheit, pages 243–254, 2014.

[12]

H. Hotelling. Analysis of a complex of statistical variables into principal components. Journal of educational psychology, 24(6): 417, 1933.

[13]

G. Hulot, C. Finlay, C. Constable, N. Olsen, and M. Mandea. The magnetic field of planet earth. Space science reviews. 152(1–4): 159–222, 2010.

[14]

W. Jones. A compass in every smartphone. IEEE Spectrum, 2(47): 12–13, 2010.

[15]

J.-J. Quisquater and D. Samyde. Electromagnetic analysis (ema): Measures and counter-measures for smart cards. In Proceedings of the Int. Conference on Research in Smart Cards: Smart Card Programming and Security, pages 200–210, 2001.

[16]

N. Rao. Fundamentals of Electromagnetics for Electrical and Computer Engineering. Pearson Education, 2011.

[17]

B. Wilson and Z. Ghassemlooy. Pulse time modulation techniques for optical communications: a review. IEE Proceedings J (Optoelectronics), 140(6): 346–358, 1993.

[18]

A. Zajic and M. Prvulovic. Experimental demonstration of electromagnetic information leakage from modern processor-memory systems. Electromagnetic Compatibility, IEEE Transactions on, 56(4): 885–893, 2014.

Cited By

Dong GWu JDe Gortari Briseno JSingh AFeng JSarker ASehatbakhsh NSrivastava MOkoshi TKo JLiKamWa R(2024)RefreshChannels: Exploiting Dynamic Refresh Rate Switching for Mobile Device AttacksProceedings of the 22nd Annual International Conference on Mobile Systems, Applications and Services10.1145/3643832.3661864(359-371)Online publication date: 3-Jun-2024
https://dl.acm.org/doi/10.1145/3643832.3661864
Frank FXiong WAnagnostopoulos NSchaller AArul TKoushanfar FKatzenbeisser SRührmair USzefer J(2023)Abusing Commodity DRAMs in IoT Devices to Remotely Spy on TemperatureIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.327125218(2991-3005)Online publication date: 1-Jan-2023
https://dl.acm.org/doi/10.1109/TIFS.2023.3271252
Burton TRasmussen KKim YKim JLivraga GPark N(2021)Private Data Exfiltration from Cyber-Physical Systems Using Channel State InformationProceedings of the 20th Workshop on Workshop on Privacy in the Electronic Society10.1145/3463676.3485606(223-235)Online publication date: 15-Nov-2021
https://dl.acm.org/doi/10.1145/3463676.3485606
Show More Cited By

Index Terms

Covert channels using mobile device's magnetic field sensors
1. Security and privacy
  1. Cryptography
  2. Systems security

Index terms have been assigned to the content through auto-classification.

Recommendations

Towards using embedded magnetic field sensor for around mobile device 3D interaction
MobileHCI '10: Proceedings of the 12th international conference on Human computer interaction with mobile devices and services

We present a new technique based on using embedded compass (magnetic) sensor for efficient use of 3D space around a mobile device for interaction with the device. Around Device Interaction (ADI) enables extending interaction space of small mobile and ...
Low-attention forwarding for mobile network covert channels
CMS'11: Proceedings of the 12th IFIP TC 6/TC 11 international conference on Communications and multimedia security

In a real-world network, different hosts involved in covert channel communication run different covert channel software as well as different versions of such software, i.e. these systems use different network protocols for a covert channel. A program ...
Covert Timing Channels for IoT over Mobile Networks

Various security threats have prompted covert timing channels to become an important alternative for the transmission of confidential information in an untrusted Internet of Things (IoT). This article aims to demonstrate the susceptibility of IoT to ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

2016 21st Asia and South Pacific Design Automation Conference (ASP-DAC)

780 pages

Copyright © 2016.

Publisher

IEEE Press

Publication History

Published: 01 January 2016

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 31 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Dong GWu JDe Gortari Briseno JSingh AFeng JSarker ASehatbakhsh NSrivastava MOkoshi TKo JLiKamWa R(2024)RefreshChannels: Exploiting Dynamic Refresh Rate Switching for Mobile Device AttacksProceedings of the 22nd Annual International Conference on Mobile Systems, Applications and Services10.1145/3643832.3661864(359-371)Online publication date: 3-Jun-2024
https://dl.acm.org/doi/10.1145/3643832.3661864
Frank FXiong WAnagnostopoulos NSchaller AArul TKoushanfar FKatzenbeisser SRührmair USzefer J(2023)Abusing Commodity DRAMs in IoT Devices to Remotely Spy on TemperatureIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.327125218(2991-3005)Online publication date: 1-Jan-2023
https://dl.acm.org/doi/10.1109/TIFS.2023.3271252
Burton TRasmussen KKim YKim JLivraga GPark N(2021)Private Data Exfiltration from Cyber-Physical Systems Using Channel State InformationProceedings of the 20th Workshop on Workshop on Privacy in the Electronic Society10.1145/3463676.3485606(223-235)Online publication date: 15-Nov-2021
https://dl.acm.org/doi/10.1145/3463676.3485606
Xiong WSzefer J(2021)Survey of Transient Execution Attacks and Their MitigationsACM Computing Surveys10.1145/344247954:3(1-36)Online publication date: 8-May-2021
https://dl.acm.org/doi/10.1145/3442479
Shao ZIslam MRen S(2020)Your Noise, My SignalProceedings of the ACM on Measurement and Analysis of Computing Systems10.1145/33794734:1(1-39)Online publication date: 5-Jun-2020
https://dl.acm.org/doi/10.1145/3379473

View Options

View options

Figures

Tables

Media

View Table of Conten