Library
local_library Home Repository

Eavesdropping Mobile App Activity via Radio-Frequency Energy Harvesting

Conference Paper (2023)
Author(s)

Tao Ni (City University of Hong Kong)

Guohao Lan (TU Delft - Embedded Systems)

Jia Wang (Shenzhen University)

Qingchuan Zhao (City University of Hong Kong)

Weitao Xu (City University of Hong Kong)

Research Group
Embedded Systems
Copyright
© 2023 Tao Ni, G. Lan, Jia Wang, Qingchuan Zhao, Weitao Xu
More Info
expand_more
Publication Year
2023
Language
English
Copyright
© 2023 Tao Ni, G. Lan, Jia Wang, Qingchuan Zhao, Weitao Xu
Research Group
Embedded Systems
Bibliographical Note
Funding Information: We sincerely thank our shepherd and anonymous reviewers for their constructive comments. This research was substantially supported by NFSC (Project 62101471) and was partially supported by the Shenzhen Research Institute, City University of Hong Kong, the Research Grants Council of the Hong Kong SAR, China (ECS Project CityU 21201420 and GRF Project CityU 11201422), CityU APRC grant 9610563, CityU SRG-Fd grant 7005853, Shenzhen Science and Technology Funding Fundamental Research Program (Project No. 2021Szvup126), NSF of Shandong Province (Project No. ZR2021LZH010), and a grant from Chow Sang Sang Group Research Fund sponsored by Chow Sang Sang Holdings International Limited (Project No. 9229062). Any opinions, findings, and conclusions in this paper are those of the authors and do not necessarily of supported organizations. @en
Pages (from-to)
3511-3528
ISBN (electronic)
9781713879497
Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

Radio-frequency (RF) energy harvesting is a promising technology for Internet-of-Things (IoT) devices to power sensors and prolong battery life. In this paper, we present a novel side-channel attack that leverages RF energy harvesting signals to eavesdrop mobile app activities. To demonstrate this novel attack, we propose AppListener, an automated attack framework that recognizes fine-grained mobile app activities from harvested RF energy. The RF energy is harvested from a custom-built RF energy harvester which generates voltage signals from ambient Wi-Fi transmissions, and app activities are recognized from a three-tier classification algorithm. We evaluate AppListener with four mobile devices running 40 common mobile apps (e.g., YouTube, Facebook, and WhatsApp) belonging to five categories (i.e., video, music, social media, communication, and game); each category contains five application-specific activities. Experiment results show that AppListener achieves over 99% accuracy in differentiating four different mobile devices, over 98% accuracy in classifying 40 different apps, and 86.7% accuracy in recognizing five sets of application-specific activities. Moreover, a comprehensive study is conducted to show AppListener is robust to a number of impact factors, such as distance, environment, and non-target connected devices. Practices of integrating AppListener into commercial IoT devices also demonstrate that it is easy to deploy. Finally, countermeasures are presented as the first step to defend against this novel attack.

Files

Usenixsecurity23_ni.pdf
(pdf | 15.5 Mb)
License info not available