Abstract
Location-related data is one of the most sensitive data for user privacy. Theft of location-related information on mobile device poses serious threats to users. Even though the extant confirmation of permissions feature on modern smart devices can prevent direct leakage of information from location-related sensors, recent research has shown that leakage of location-related information is possible through indirect, side-channel attacks. In this paper, we show that the travel path of a vehicle can be inferred without acknowledging the user using a zero-permission smart watch application. The sensor we used in our experiment is the accelerometer sensor on Apple Watch. We find that a targeted user can be traced with 83% accuracy. We suggest that our approach may be used to successfully attack other smart phone devices because it was successful on Apple Watch, which is considered as the most constrained device in the market. This result shows that the zero-permission application on a smart watch, if manipulated adequately, can transform into a high-threat malware.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Apple: API Reference: CMAccelerometerData. https://developer.apple.com/reference/coremotion/cmaccelerometerdata. Accessed 16 Aug 2016
Berrut, J.-P., Trefethen, L.N.: Barycentric lagrange interpolation. SIAM Rev. 46(3), 501–517 (2004)
Halliday, D., Resnick, R., Walker, J.: Principles of Physics. Wiley, Hoboken (2011)
Hua, J., Shen, Z., Zhong, S.: We can track you if you take the metro: tracking metro riders using accelerometers on smartphones. arXiv:1505.05958 (2015)
Fawaz, K., Shin, K.G.: Location privacy protection for smartphone users. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS 2014, pp. 239–250 (2014)
Maiti, A., Jadliwala, M., He, J., Bilogrevic, I.: (Smart)watch your taps: side-channel keystroke inference attacks using Smartwatches. In: The 2015 ACM International Symposium, pp. 27–30 (2015)
Michalevsky, Y., Boneh, D., Nakibly, G.: Gyrophone: recognizing speech from gyroscope signals. In: Proceedings of the 23rd USENIX Security Symposium (2014)
OpenStreetMap: OpenStreetMap Project. https://www.openstreetmap.org/. Accessed 16 Aug 2016
Narain, S., Sanatinia, A., Noubir, G.: Single-stroke language-agnostic keylogging using stereo-microphones and domain specific machine learning. In: Proceedings of the 2014 ACM Conference on Security and Privacy in Wireless & Mobile Networks (2014)
Narain, S., Vo-Huu, T.D., Block, K., Noubir, G.: Inferring user routes and locations using zero-permission mobile sensors. In: Symposium on Security and Privacy (2016)
Savitzky, A., Golay, M.J.E.: Smoothing and differentiation of data by simplified least squares procedures. In: Analytical chemistry, pp. 1627–1639 (1964)
Senate Judiciary Committee: S.2270-Location Privacy Protection Act of 2015 (2015). https://www.congress.gov/bill/114th-congress/senate-bill/2270. Accessed 16 Aug 2016
Stewart, J.: Calculus. Cengage Learning, Boston (2015)
Wang, H., Lai, T., Choudhury, R.R.: MoLe: motion leaks through smartwatch sensors. In: Proceedings of the 21st Annual International Conference on Mobile Computing and Networking (2015)
Michalevsky, Y., Schulman, A., Veerapandian, G.A., Boneh, D., Nakibly, G.: PowerSpy: location tracking using mobile device power analysis. In: Proceedings of the 24th USENIX Conference on Security Symposium, pp. 785–800, August 2015
Acknowledgement
This work was supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIP) (R7117-17-0161, Anomaly detection framework for autonomous vehicles).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Park, J.Y., Yun, J.P., Lee, D.H. (2018). WheelLogger: Driver Tracing Using Smart Watch. In: Kang, B., Kim, T. (eds) Information Security Applications. WISA 2017. Lecture Notes in Computer Science(), vol 10763. Springer, Cham. https://doi.org/10.1007/978-3-319-93563-8_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-93563-8_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-93562-1
Online ISBN: 978-3-319-93563-8
eBook Packages: Computer ScienceComputer Science (R0)