Securing smart wearable devices from motion-based eavesdropping attacks
Smart wearable devices such as smartwatches and smart bands have been widely adopted by users, who find it convenient to use them to perform various tasks such as making phone calls or sending text messages. However recent research led by the University of Warwick has demonstrated that these same devices are vulnerable to a wide variety of cyber-attacks due to their intrinsic characteristics, resulting in unprecedented security challenges such as privacy leakage, financial loss, and even malicious invasion of other connected devices.
One of the most frequently used attacker approaches is to leverage the motion sensors of these smart wearable devices to track the movements of the users, commonly known as motion-based eavesdropping attacks. Previous work has shown that motion sensor data changes when entering passwords on a smartwatch, and with crowdsourcing and deep sequence learning, attackers can successfully infer both PIN and Android Pattern Locks (APLs) that are entered on smart watches, even without access to the physical devices.
This project, led by Dr Li and Dr Wen is multi-disciplinary, integrating the knowledge, techniques and tools in mobile computing, software engineering and ubiquitous computing. The team will build on previous research to replicate existing and introduce new types of motion-based eavesdropping attacks to smart wearable devices, enabling them to invent deep learning-based approaches to automatically detect such attacking apps from the users' smart devices. This research is expected to have a huge impact on our society by providing real-time protection for users of smart wearable devices to be free of motion-based eavesdropping attacks.
Lecturer, Cyber Security and Systems, Monash University
Assistant Professor, Department of Computer Science, University of Warwick