Restricting data leakage through non-obvious features of Android 5 smartphone
Keywords:
information leakage, third-party channel, acoustic cryptanalysis, smartphone, gyroscope, accelerometer, mobile application, Android 5 operating systemAbstract
Introduction: The data from the gyroscopic sensor and acceleration sensor of a smartphone are seldom considered as a possible
information leakage, which makes the owners of gadgets working under Android 5 operating system or below vulnerable to losing
valuable information. Purpose: Offering a practical way to counteract the reading of data from a smartphone via third-party channels,
and developing a mobile application which would help prevent the leakage of information from the gadget owner via side channels
of information transfer. Results: A review of studies was performed demonstrating the vulnerability of Android 5 smartphones to
leaks through third-party channels using acoustic cryptanalysis techniques. It is shown that in modern works, the use of acoustic
cryptanalysis of noise emitted by a keyboard or by microelectronic components of a computer allows you to arrange the leakage of
valuable data via a smartphone located next to the computer under attack. A mobile application has been developed which creates active
interference in the form of vibration and audio signal to the malicious application which accesses the accelerometer and gyroscope
in order to retrieve information. The results of an experiment are given, demonstrating the ability of the application to successfully
interfere with the internal sensors of a smartphone by addressing its vibrating output and audio output, and prevent the attacks over
third-party channels. Practical relevance: The proposed application installed on a smartphone will allow you to communicate more
safely, enter passwords and type secret information on a computer keyboard with a smartphone in its close proximity.