We know what you're doing! Application detection using thermal data
Modern mobile and embedded devices have high computing power which allows them to be used for multiple purposes. Therefore, applications with low security restrictions may execute on the same device as applications handling highly sensitive information. In such a setup, a security risk occurs if it...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Schloss Dagstuhl -- Leibniz-Zentrum fuer Informatik
2021-08-01
|
| Series: | Leibniz Transactions on Embedded Systems |
| Subjects: | |
| Online Access: | https://drops.dagstuhl.de/storage/07lites/lites_vol007/lites_vol007_issue001/LITES.7.1.2/LITES.7.1.2.pdf |
| _version_ | 1827283552293617664 |
|---|---|
| author | Miedl, Philipp Ahmed, Rehan Thiele, Lothar |
| author_facet | Miedl, Philipp Ahmed, Rehan Thiele, Lothar |
| author_sort | Miedl, Philipp |
| collection | DOAJ |
| description | Modern mobile and embedded devices have high computing power which allows them to be used for multiple purposes. Therefore, applications with low security restrictions may execute on the same device as applications handling highly sensitive information. In such a setup, a security risk occurs if it is possible that an application uses system characteristics to gather information about another application on the same device.In this work, we present a method to leak sensitive runtime information by just using temperature sensor readings of a mobile device. We employ a Convolutional-Neural-Network, Long Short-Term Memory units and subsequent label sequence processing to identify the sequence of executed applications over time. To test our hypothesis we collect data from two state-of-the-art smartphones and real user usage patterns. We show an extensive evaluation using laboratory data, where we achieve labelling accuracies up to 90% and negligible timing error. Based on our analysis we state that the thermal information can be used to compromise sensitive user data and increase the vulnerability of mobile devices. A study based on data collected outside of the laboratory opens up various future directions for research. |
| first_indexed | 2024-04-24T09:37:25Z |
| format | Article |
| id | doaj.art-5385b772a6734d7eae6515befc0b266d |
| institution | Directory Open Access Journal |
| issn | 2199-2002 |
| language | English |
| last_indexed | 2024-04-24T09:37:25Z |
| publishDate | 2021-08-01 |
| publisher | Schloss Dagstuhl -- Leibniz-Zentrum fuer Informatik |
| record_format | Article |
| series | Leibniz Transactions on Embedded Systems |
| spelling | doaj.art-5385b772a6734d7eae6515befc0b266d2024-04-15T07:54:12ZengSchloss Dagstuhl -- Leibniz-Zentrum fuer InformatikLeibniz Transactions on Embedded Systems2199-20022021-08-017102:102:2810.4230/LITES.7.1.2We know what you're doing! Application detection using thermal dataMiedl, Philipp0https://orcid.org/0000-0002-5828-8532Ahmed, Rehan1https://orcid.org/0000-0002-1808-3954Thiele, Lothar2https://orcid.org/0000-0001-6139-868XComputer Engineering and Networks Laboratory, ETH Zurich, Gloriastrasse 35, Zurich, SwitzerlandInformation Technology University of the Punjab, Arfa Software Technology Park, Ferozpur Road, Lahore, PakistanComputer Engineering and Networks Laboratory, ETH Zurich, Gloriastrasse 35, Zurich, SwitzerlandModern mobile and embedded devices have high computing power which allows them to be used for multiple purposes. Therefore, applications with low security restrictions may execute on the same device as applications handling highly sensitive information. In such a setup, a security risk occurs if it is possible that an application uses system characteristics to gather information about another application on the same device.In this work, we present a method to leak sensitive runtime information by just using temperature sensor readings of a mobile device. We employ a Convolutional-Neural-Network, Long Short-Term Memory units and subsequent label sequence processing to identify the sequence of executed applications over time. To test our hypothesis we collect data from two state-of-the-art smartphones and real user usage patterns. We show an extensive evaluation using laboratory data, where we achieve labelling accuracies up to 90% and negligible timing error. Based on our analysis we state that the thermal information can be used to compromise sensitive user data and increase the vulnerability of mobile devices. A study based on data collected outside of the laboratory opens up various future directions for research.https://drops.dagstuhl.de/storage/07lites/lites_vol007/lites_vol007_issue001/LITES.7.1.2/LITES.7.1.2.pdfthermal monitoringside channeldata leaksequence labelling |
| spellingShingle | Miedl, Philipp Ahmed, Rehan Thiele, Lothar We know what you're doing! Application detection using thermal data Leibniz Transactions on Embedded Systems thermal monitoring side channel data leak sequence labelling |
| title | We know what you're doing! Application detection using thermal data |
| title_full | We know what you're doing! Application detection using thermal data |
| title_fullStr | We know what you're doing! Application detection using thermal data |
| title_full_unstemmed | We know what you're doing! Application detection using thermal data |
| title_short | We know what you're doing! Application detection using thermal data |
| title_sort | we know what you re doing application detection using thermal data |
| topic | thermal monitoring side channel data leak sequence labelling |
| url | https://drops.dagstuhl.de/storage/07lites/lites_vol007/lites_vol007_issue001/LITES.7.1.2/LITES.7.1.2.pdf |
| work_keys_str_mv | AT miedlphilipp weknowwhatyouredoingapplicationdetectionusingthermaldata AT ahmedrehan weknowwhatyouredoingapplicationdetectionusingthermaldata AT thielelothar weknowwhatyouredoingapplicationdetectionusingthermaldata |