Recent studies have shown that aggregate CPU usage and power consumption traces on smartphones can leak information about applications running on the system or websites visited. In response, access to such data has been blocked for mobile applications starting from Android 7. In this work, we explore a new source of side-channel leakage for this class of attacks. Our method is based on the fact that electromagnetic activity caused by mobile processors leads to noticeable disturbances in magnetic sensor measurements on mobile devices, with the amplitude being proportional to the CPU workload. Therefore, recorded sensor data can be analyzed to reveal information about ongoing activities. The attack works on a number of devices: We evaluated 59 models of modern smartphones and tablets and observed the reaction of the magnetometer to CPU activity on 39 of them. On selected devices, we were able to successfully identify which application has been opened (with up to 90% accuracy) or which web page has been loaded (up to 91% accuracy). We believe that the presented side channel poses a significant risk to end users' privacy, as the sensor data can be recorded from native apps and even from web pages without user permissions. Finally, we discuss possible countermeasures to prevent the presented information leakage.
翻译:最近的研究显示,智能手机上的CPU总用量和电耗痕迹可以泄露系统或网站上运行的应用信息。作为回应,从Android 7 开始的移动应用程序无法访问这些数据。在这项工作中,我们探索了这一类袭击的侧道渗漏新来源。我们的方法依据的事实是,移动处理器造成的电磁活动导致移动设备磁传感器测量中的磁传感器的明显扰动,其振幅与CPU工作量成比例。因此,可以分析已记录的传感器数据,以披露当前活动的信息。一些设备的攻击工作:我们评估了59种现代智能手机和平板电脑模型,并观察了39种磁强计对CPU活动的反应。在选定的设备上,我们成功地确定了哪些应用程序已经打开(达到90%的精确度)或哪个网页已经上载(达到91%的精确度),我们确信所展示的侧频道对终端用户的隐私构成重大风险,因为传感器数据可以从本地应用程序甚至未经用户许可从网页上记录。最后,我们讨论了防止泄漏的可能反措施。