âSonarSnoop: Active Acoustic Side-Channel Attacksâ, 2018-08-30 (; backlinks; similar)â :
We report the first active acoustic side-channel attack.
Speakers are used to emit human inaudible acoustic signals and the echo is recorded via microphones, turning the acoustic system of a smartphone into a sonar system. The echo signal can be used to profile user interaction with the device. For example, a victimâs finger movements can be inferred to steal Android phone unlock patterns.
In our empirical study, the number of candidate unlock patterns that an attacker must try to authenticate herself to a Samsung S4 Android phone can be reduced by up to 70% using this novel acoustic side-channel.
Our approach can be easily applied to other application scenarios and device types.
Overall, our work highlights a new family of security threats.