Difference between revisions of "Approaches for Inaudible Acoustic Communication"

From SoniWiki
Jump to: navigation, search
Line 12: Line 12:
||A hands-on report on the development of an ultrasound communication approach. Related work is presented and problems of the technology are pointed out. ||http://digitalcommons.kennesaw.edu/honors_etd/5/
||A hands-on report on the development of an ultrasound communication approach. Related work is presented and problems of the technology are pointed out. ||http://digitalcommons.kennesaw.edu/honors_etd/5/
| Vasilios Mavroudis, Shuang Hao, Yanick Fratantonio, Federico Maggi, Christopher Kruegel, and Giovanni Vigna On the Privacy and Security of the Ultrasound Ecosystem || Nowadays users often possess a variety of electronic devices for communication and entertainment. In particular, smartphones are playing an increasingly central role in users’ lives: Users carry them everywhere they go and often use them to control other devices. This trend provides incentives for the industry to tackle new challenges, such as cross-device authentication, and to develop new monetization schemes. A new technology based on ultrasounds has recently emerged to meet these demands. Ultrasound technology has a number of desirable features: it is easy to deploy, flexible, and inaudible by humans. This technology is already utilized in a number of different real-world applications, such as device pairing, proximity detection, and cross-device tracking. ||This paper examines the different facets of ultrasound-based technology. Initially, we discuss how it is already used in the real world, and subsequently examine this emerging technology from the privacy and security perspectives. In particular, we first observe that the lack of OS features results in violations of the principle of least privilege: an app that wants to use this technology currently needs to require full access to the device microphone. We then analyse real-world Android apps and find that tracking techniques based on ultrasounds suffer from a number of vulnerabilities and are susceptible to various attacks. For example, we show that ultrasound cross-device tracking deployments can be abused to perform stealthy deanonymization attacks (e.g., to unmask users who browse the Internet through anonymity networks such as Tor), to inject fake or spoofed audio beacons, and to leak a user’s private information. ||https://ubeacsec.org/#Downloads https://doi.org/10.1515/popets-2017-0018

Revision as of 18:13, 6 April 2018

Name Description Comment Links
Zhang, B., Zhan, Q., Chen, S., Li, M., Ren, K., Wang, C., & Ma, D. (2014). PriWhisper: Enabling Keyless Secure Acoustic Communication for Smartphones. IEEE Internet of Things Journal, 1(1), 33-45. Short-range wireless communication technologies have been used in many security-sensitive smartphone applications and services such as contactless micro payment and device pairing. Typically, the data confidentiality of the existing short-range communication systems relies on so-called “key-exchange then encryption” mechanism. Namely, both parties need to spend extra communication to establish a common key before transmitting their actual messages, which is inefficient, especially for short communication sessions. In this work, we present PriWhisper — a keyless secure acoustic short-range communication system for smartphones. It is designed to provide a purely software-based solution to secure smartphone short-range communication without the key agreement phase. PriWhisper adopts the emerging friendly jamming technique from radio communication for data confidentiality. The system prototype is implemented and eval-uated on several Android smartphone platforms for efficiency and usability. We theoretically and experimentally analyze the security of our proposed acoustic communication system against various passive and active adversaries. In particular, we also study the (in)separability of the data signal and jamming sig-nal against Blind Signal Segmentation (BSS) attacks such as Independent Component Analysis (ICA). The result shows that PriWhisper provides sufficient security guarantees for commercial smartphone applications and yet strong compatibilities with most legacy smartphone platforms The Pre-Whisper project realizes novel NFC approaches for smartphones (among others with audio) http://www.cse.msu.edu/~glxing/CSR-NFC.htm


Edwards, Alexander Orosz, "Ultrasonic Data Steganography" (2016). Honors College Capstones and Theses. 5. http://digitalcommons.kennesaw.edu/honors_etd/5 What started off as a question on the possibly of data transmission via sound above the level of human hearing evolved into a project exploring the possibility of ultrasonic data infiltration and exfiltration in an information security context. It is well known that sound can be used to transmit data as this can be seen in many old technologies, most notably and simply DTMF tones for phone networks. But what if the sound used to transmit signals was in in the ultrasonic range? It would go generally unnoticed to anyone not looking for it with tools such as a spectrum analyzer. This could provide an unnoticed means of transmitting overhead data without the use of radio signals or physical connections, or, more clandestinely, a means to inject or retrieve data virtually undetect ed for espionage, control, or other malicious activity. As expected, there would obviously be issues with signal quality as the open air is heavy with environmental interference, but in specific cases as seen in the following research, a discrete sonic means of data transmission may not only be practical, but necessary for the task at hand.

This project is an exploration of the practicality of ultrasonic data transmission between computers. It will include research into the topic in general from scientific, technological, and security perspectives. There will be inclusions from other research projects as well as practical applications already in existence. Interestingly, there are already some suspected, but unconfirmed planned systems as well security incidents using this technology. Finally, a short seriesof semi-formal (in a scientific sense) experiments conducted to provide firsthand accounts and results of the ultrasonic data transmission concept

A hands-on report on the development of an ultrasound communication approach. Related work is presented and problems of the technology are pointed out. http://digitalcommons.kennesaw.edu/honors_etd/5/