SensorID: Sensor Calibration Fingerprinting for Smartphones

Sensors are an essential component of many computer systems today. Mobile devices are a good example, containing a vast array of sensors from accelerometers and GPS units, to cameras and microphones. Data from these sensors are accessible to application programmers who can use this data to build context-aware applications. Good sensor accuracy is often crucial, and therefore manufacturers often use perdevice factory calibration to compensate for systematic errors introduced during manufacture. In this paper we explore a new type of fingerprinting attack on sensor data: calibration fingerprinting. A calibration fingerprinting attack infers the perdevice factory calibration data from a device by careful analysis of the sensor output alone. Such an attack does not require direct access to any calibration parameters since these are often embedded inside the firmware of the device and are not directly accessible by application developers. We demonstrate the potential of this new class of attack by performing calibration fingerprinting attacks on the inertial measurement unit sensors found in iOS and Android devices. These sensors are good candidates because access to these sensors does not require any special permissions, and the data can be accessed via both a native app installed on a device and also by JavaScript when visiting a website on an iOS and Android device. We find we are able to perform a very effective calibration fingerprinting attack: our approach requires fewer than 100 samples of sensor data and takes less than one second to collect and process into a device fingerprint that does not change over time or after factory reset. We demonstrate that our approach is very likely to produce globally unique fingerprints for iOS devices, with an estimated 67 bits of entropy in the fingerprint for iPhone 6S devices. In addition, we find that the accelerometer of Google Pixel 2 and Pixel 3 can also be fingerprinted by our approach.

[1]  Nikita Borisov,et al.  Do You Hear What I Hear?: Fingerprinting Smart Devices Through Embedded Acoustic Components , 2014, CCS.

[2]  Raheem A. Beyah,et al.  A passive technique for fingerprinting wireless devices with Wired-side Observations , 2013, 2013 IEEE Conference on Communications and Network Security (CNS).

[3]  Swarat Chaudhuri,et al.  A Study of Android Application Security , 2011, USENIX Security Symposium.

[4]  Nikita Borisov,et al.  The Web's Sixth Sense: A Study of Scripts Accessing Smartphone Sensors , 2018, CCS.

[5]  Shashi Poddar,et al.  A Comprehensive Overview of Inertial Sensor Calibration Techniques , 2017 .

[6]  Enrico Magli,et al.  Compressed Fingerprint Matching and Camera Identification via Random Projections , 2015, IEEE Transactions on Information Forensics and Security.

[7]  Emanuele Menegatti,et al.  Imu Calibration without Mechanical Equipment Abstract -italian Version , 2013 .

[8]  Cecilia Mascolo,et al.  You Are Sensing, but Are You Biased? , 2018, Proc. ACM Interact. Mob. Wearable Ubiquitous Technol..

[9]  T. Kohno,et al.  Remote physical device fingerprinting , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[10]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[11]  Jagdish Prasad Achara Unveiling and Controlling Online Tracking , 2016 .

[12]  Federico Pedersini,et al.  Autocalibration of MEMS Accelerometers , 2009, IEEE Transactions on Instrumentation and Measurement.

[13]  J. Fridrich,et al.  Digital image forensics , 2009, IEEE Signal Processing Magazine.

[14]  Christoph Neumann,et al.  An Empirical Study of Passive 802.11 Device Fingerprinting , 2012, 2012 32nd International Conference on Distributed Computing Systems Workshops.

[15]  Marco Gruteser,et al.  Wireless device identification with radiometric signatures , 2008, MobiCom '08.

[16]  Gabi Nakibly,et al.  Mobile Device Identification via Sensor Fingerprinting , 2014, ArXiv.

[17]  Heng Yin,et al.  Panorama: capturing system-wide information flow for malware detection and analysis , 2007, CCS '07.

[18]  Wenyuan Xu,et al.  AccelPrint: Imperfections of Accelerometers Make Smartphones Trackable , 2014, NDSS.

[19]  Nikita Borisov,et al.  Every Move You Make: Exploring Practical Issues in Smartphone Motion Sensor Fingerprinting and Countermeasures , 2018, Proc. Priv. Enhancing Technol..

[20]  Zhang Tao,et al.  A research on calibration of low-precision MEMS inertial sensors , 2013, 2013 25th Chinese Control and Decision Conference (CCDC).

[21]  David A. Wagner,et al.  Android permissions: user attention, comprehension, and behavior , 2012, SOUPS.

[22]  Hassen Fourati,et al.  On attitude estimation with smartphones , 2017, 2017 IEEE International Conference on Pervasive Computing and Communications (PerCom).

[23]  Emanuele Menegatti,et al.  A robust and easy to implement method for IMU calibration without external equipments , 2014, 2014 IEEE International Conference on Robotics and Automation (ICRA).