Abstract
Location-related data is one of the most sensitive data for user privacy. Theft of location-related information on mobile device poses serious threats to users. Even though the extant confirmation of permissions feature on modern smart devices can prevent direct leakage of information from location-related sensors, recent research has shown that leakage of location-related information is possible through indirect, side-channel attacks. In this paper, we show that the travel path of a vehicle can be inferred without acknowledging the user using a zero-permission smart watch application. The sensor we used in our experiment is the accelerometer sensor on Apple Watch. We find that a targeted user can be traced with 83% accuracy. We suggest that our approach may be used to successfully attack other smart phone devices because it was successful on Apple Watch, which is considered as the most constrained device in the market. This result shows that the zero-permission application on a smart watch, if manipulated adequately, can transform into a high-threat malware.
Original language | English |
---|---|
Title of host publication | Information Security Applications - 18th International Conference, WISA 2017, Revised Selected Papers |
Editors | Brent ByungHoon Kang, Taesoo Kim |
Publisher | Springer Verlag |
Pages | 87-100 |
Number of pages | 14 |
ISBN (Print) | 9783319935621 |
DOIs | |
Publication status | Published - 2018 |
Event | 18th World International Conference on Information Security and Application, WISA 2017 - Jeju Island, Korea, Republic of Duration: 2017 Aug 24 → 2017 Aug 26 |
Publication series
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Volume | 10763 LNCS |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Other
Other | 18th World International Conference on Information Security and Application, WISA 2017 |
---|---|
Country/Territory | Korea, Republic of |
City | Jeju Island |
Period | 17/8/24 → 17/8/26 |
Bibliographical note
Funding Information:Acknowledgement. This work was supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIP) (R7117-17-0161, Anomaly detection framework for autonomous vehicles).
Publisher Copyright:
© 2018, Springer International Publishing AG, part of Springer Nature.
ASJC Scopus subject areas
- Theoretical Computer Science
- Computer Science(all)