Abstract
Android devices are equipped with various sensors. Permissions from users must be explicitly granted for apps to obtain sensitive information, e.g., geographic location. However, some of the sensors are considered trivial such that no permission control is enforced over them, e.g., the ambient light sensor. In this work, we present a novel side channel, i.e. the ambient light sensor, that can be used to track the mobile users. We develop a location tracking system with off-line trained route identification models using the values from the attacker’s own ambient light sensor. The system can then be used to track a user’s geographic location. The experiment results show that our route identification models achieve a high accuracy of over 91% in user’s route identification and our tracking system achieves an accuracy at about 64% in real-time tracking the user with estimation error at about 70 m. Our system out-performs the state-of-the-art works with other side channels. Our work shows that with merely the values from the ambient light sensor of user’s mobile phone that requires zero-permission to access, the geographic routes that the users have taken and their real-time locations can be identified with machine learning techniques in high accuracy.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
We use “victim” and the aforementioned “user” interchangeably in this paper.
- 2.
Chromium is the open-source version of Chrome (the default browser of Android [1]).
References
The chromium projects. https://www.chromium.org/
Normal permissions. https://developer.android.com/guide/topics/permissions/normal-permissions.html
Requesting permissions at run time. https://developer.android.com/training/permissions/requesting.html
Stroage options. https://developer.android.com/guide/topics/data/data-storage.html#AccessingExtFiles
Loading large urls kills the renderer, January 2011. https://bugs.chromium.org/p/chromium/issues/detail?id=69227
Why location privacy matters, Feburary 2017. https://thetinhat.com/blog/thoughts/location-privacy.html
Azizyan, M., Constandache, I., Roy Choudhury, R.: Surroundsense: mobile phone localization via ambience fingerprinting. In: Proceedings of the 15th Annual International Conference on Mobile Computing and Networking, pp. 261–272. ACM (2009)
Bai, G., et al.: All your sessions are belong to us: investigating authenticator leakage through backup channels on android. In: 2015 20th International Conference on Engineering of Complex Computer Systems (ICECCS), pp. 60–69. IEEE (2015)
Bengio, Y., Simard, P., Frasconi, P.: Learning long-term dependencies with gradient descent is difficult. IEEE Trans. Neural Netw. 5(2), 157–166 (1994)
Gao, X., Firner, B., Sugrim, S., Kaiser-Pendergrast, V., Yang, Y., Lindqvist, J.: Elastic pathing: your speed is enough to track you. In: Proceedings of the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing, pp. 975–986. ACM (2014)
Goodin, D.: Yahoo says half a billion accounts breached by nation-sponsored hackers, September 2016. https://arstechnica.com/information-technology/2016/09/yahoo-says-half-a-billion-accounts-breached-by-nation-sponsored-hackers/
Gregor, K., Danihelka, I., Graves, A., Rezende, D.J., Wierstra, D.: Draw: a recurrent neural network for image generation. arXiv preprint arXiv:1502.04623 (2015)
Han, J., Owusu, E., Nguyen, L.T., Perrig, A., Zhang, J.: Accomplice: location inference using accelerometers on smartphones. In: 2012 Fourth International Conference on Communication Systems and Networks (COMSNETS), pp. 1–9. IEEE (2012)
Haykin, S.: Neural Networks: A Comprehensive Foundation. Prentice Hall PTR, Upper Saddle River (1994)
Help, G.A.: About targeting geographic locations. https://support.google.com/google-ads/answer/2453995?hl=en
Iqbal, M.U., Lim, S.: Privacy implications of automated gps tracking and profiling. IEEE Technol. Soc. Mag. 29(2), 39–46 (2010)
Karlik, B., Olgac, A.V.: Performance analysis of various activation functions in generalized mlp architectures of neural networks. Int. J. Artif. Intell. Expert Syst. 1(4), 111–122 (2011)
Lawler, R.: Equifax security breach leaks personal info of 143 million us consumers. https://www.engadget.com/2017/09/07/equifax-hack-143-million/
Leshno, M., Lin, V.Y., Pinkus, A., Schocken, S.: Multilayer feedforward networks with a nonpolynomial activation function can approximate any function. Neural Netw. 6(6), 861–867 (1993)
Levy, K.: Here’s what happens when cellphone users get their own lane on the sidewalk, July 2014. https://www.businessinsider.com/cellphone-walking-lane-2014-7/?IR=T
Masinter, L., Berners-Lee, T., Fielding, R.T.: Uniform resource identifier (uri): generic syntax. RFC 3986 (2005). https://tools.ietf.org/html/rfc3986
Michalevsky, Y., Schulman, A., Veerapandian, G.A., Boneh, D., Nakibly, G.: Powerspy: location tracking using mobile device power analysis. In: USENIX Security Symposium, pp. 785–800 (2015)
Narain, S., Vo-Huu, T.D., Block, K., Noubir, G.: Inferring user routes and locations using zero-permission mobile sensors. In: Security and Privacy (SP), pp. 397–413. IEEE (2016)
Nasar, J.L., Troyer, D.: Pedestrian injuries due to mobile phone use in public places. Accid. Anal. Prev. 57, 91–95 (2013)
Nawaz, S., Mascolo, C.: Mining users’ significant driving routes with low-power sensors. In: Proceedings of the 12th ACM Conference on Embedded Network Sensor Systems, pp. 236–250. ACM (2014)
Olmstead, K., Atkinson, M.: Apps permissions in the google play store (2015). http://www.pewinternet.org/2015/11/10/an-analysis-of-android-app-permissions/
Paris, S., Durand, F.: A fast approximation of the bilateral filter using a signal processing approach. In: Leonardis, A., Bischof, H., Pinz, A. (eds.) ECCV 2006. LNCS, vol. 3954, pp. 568–580. Springer, Heidelberg (2006). https://doi.org/10.1007/11744085_44
Pascanu, R., Mikolov, T., Bengio, Y.: On the difficulty of training recurrent neural networks. In: International Conference on Machine Learning, pp. 1310–1318 (2013)
Sak, H., Senior, A., Beaufays, F.: Long short-term memory recurrent neural network architectures for large scale acoustic modeling. In: Fifteenth Annual Conference of the International Speech Communication Association (2014)
Schlegel, R., Zhang, K., Zhou, X., Intwala, M., Kapadia, A., Wang, X.: Soundcomber: a stealthy and context-aware sound trojan for smartphones. In: NDSS, vol. 11, pp. 17–33 (2011)
Tang, D., Qin, B., Liu, T.: Document modeling with gated recurrent neural network for sentiment classification. In: EMNLP, pp. 1422–1432 (2015)
Wang, K., Bai, G., Dong, N., Dong, J.S.: A framework for formal analysis of privacy on SSO protocols. In: Lin, X., Ghorbani, A., Ren, K., Zhu, S., Zhang, A. (eds.) SecureComm 2017. LNICST, vol. 238, pp. 763–777. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78813-5_41
Whittaker, Z.: 198 million americans hit by ‘largest ever’ voter records leak, Jun 2017. http://www.zdnet.com/article/security-lapse-exposes-198-million-united-states-voter-records/
Wu, Z., King, S.: Investigating gated recurrent networks for speech synthesis. In: 2016 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), pp. 5140–5144. IEEE (2016)
Ye, Q., Bai, G., Wang, K., Dong, J.S.: Formal analysis of a single sign-on protocol implementation for android. In: 2015 20th International Conference on Engineering of Complex Computer Systems (ICECCS), pp. 90–99. IEEE (2015)
Zhou, X., et al.: Identity, location, disease and more: inferring your secrets from android public resources. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 1017–1028. ACM (2013)
Acknowledgement
This paper is supported by the National Research Foundation, Prime Minister’s Office, Singapore under its National cybersecurity R&D Program (TSUNAMi project, Award No. NRF2014NCR-NCR001-21) and administered by the National Cybersecurity R&D Directorate, and the National Natural Science Foundation of China (No. 61702045).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Ye, Q. et al. (2019). LightSense: A Novel Side Channel for Zero-permission Mobile User Tracking. In: Lin, Z., Papamanthou, C., Polychronakis, M. (eds) Information Security. ISC 2019. Lecture Notes in Computer Science(), vol 11723. Springer, Cham. https://doi.org/10.1007/978-3-030-30215-3_15
Download citation
DOI: https://doi.org/10.1007/978-3-030-30215-3_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-30214-6
Online ISBN: 978-3-030-30215-3
eBook Packages: Computer ScienceComputer Science (R0)