Phone snooping via gyroscope to be detailed at Usenix

Aug 15, 2014 by Nancy Owano weblog
Experimental setup

Put aside fears of phone microphones and cameras doing eavesdropping mischief for a moment, because there is another sensor that has been flagged. Researchers from Stanford and defense research group at Rafael will present their findings on the smartphones' gyroscopes to measure acoustic signals in the vicinity of the phone at the Usenix Security on Friday, August 22. Translation: Your smartphone could eavesdrop on conversations. They found that the gyroscopes were sensitive enough to allow them to pick up some sound waves, turning them into crude microphones, said a detailed report by Andy Greenberg this week about their work, in Wired. The team themselves said their work demonstrated "an unexpected threat resulting from the unmitigated access to the gyro: applications and active web content running on the phone can eavesdrop sound signals, including speech, in the vicinity of the phone."

What is more, in a video the researchers prepared for the upcoming Usenix event, Recognizing Speech from Gyroscope Signals, they said, gyroscopes are present in most of the modern smartphones. They measure angular velocity. Every application and website can access them without the user's consent. "We show that we can use gyroscopes to eavesdrop on speech without using the microphone at all, which can potentially risk private information such as identity, social security and ."

But how well does the researchers' snooping technique work? "It works just well enough to pick up a fraction of the words spoken near a phone," said Greenberg.

The team, in their paper, "Gyrophone: Recognizing Speech From Gyroscope Signals," wrote, "We show that the acoustic signal measured by the can reveal about the phone's environment such as who is speaking in the room and, to some extent, what is being said. We use signal processing and machine learning to analyze speech from very low frequency samples. With further work on low-frequency signal processing of this type it should be possible to further increase the quality of the information extracted from the gyro." As one cannot fully reconstruct a comprehensible speech from measurements of a single gyroscope, they stated, they resorted to . They extracted features from the gyroscope measurements using various methods and train machine learning algorithms for recognition.

This video is not supported by your browser at this time.

"We achieve about 50% success rate for speaker identification from a set of 10 speakers. We also show that while limiting ourselves to a small vocabulary consisting solely of digit pronunciations ("one","two", "three", ...) and achieve recognition success rate of 65% for the speaker dependent case and up to 26% recognition rate for the speaker independent case."

According to Wired, Dan Boneh, computer security professor at Stanford and part of the team, said, "Whenever you grant anyone access to sensors on a device, you're going to have unintended consequences." The authors wrote in their paper, "A general conclusion we suggest following this work is that access to all sensors should be controlled by the permissions framework, possibly differentiating between low and high sampling rates."

Explore further: Fluency outweighs pronunciation for understanding non-native English speakers

More information:crypto.stanford.edu/gyrophone/
crypto.stanford.edu/gyrophone/files/gyromic.pdf

add to favorites email to friend print save as pdf

Related Stories

Bionic speech recognition

Sep 09, 2010

As speech recognition systems become more commonplace - on the computer desktop top, at the call centre and even in the car - it is increasingly important to ensure that the voice signal is as clear as possible before it ...

Recommended for you

Hacker gets prison for cyberattack stealing $9.4M

Oct 24, 2014

An Estonian man who pleaded guilty to orchestrating a 2008 cyberattack on a credit card processing company that enabled hackers to steal $9.4 million has been sentenced to 11 years in prison by a federal judge in Atlanta.

Report: Better shields needed for private tax data

Oct 23, 2014

Federal investigators say the IRS and the states should improve how they protect the security of confidential tax information of people getting benefits under the 2010 health care law.

Apple issues security warning for iCloud

Oct 22, 2014

Apple has posted a new security warning for users of its iCloud online storage service amid reports of a concerted effort to steal passwords and other data from people who use the popular service in China.

User comments : 0