A team of researchers has developed a new attack to eavesdrop on Android devices, which is so sophisticated that it can, to varying degrees, recognize the gender and identity of a caller, and even recognize speech.
The developed side-channel attack, called EarSpy, aims to explore new eavesdropping capabilities by capturing motion sensor data recordings generated by the feedback from earphones on mobile devices.
With regard to the side channel attack, it is indicated that cyber attacks exploit the vulnerabilities of the target whether at the level of operating systems, applications, networks, algorithms, cryptography, protocols or other components and settings that are in use in that target, but side channel attacks do not depend on The existence of a direct security flaw in the target, but rather depends on exploiting some of the information that can be collected regarding the system during its operation.
EarSpy is an academic effort of researchers from five US universities: Texas A&M University, New Jersey Institute of Technology, Temple University, University of Dayton, and Rutgers University. (RutgersUniversity).
This type of attack has previously been detected in smartphone speakers, but it is still too weak to generate enough vibration to put users at risk of eavesdropping.
However, modern smartphones use more powerful stereo speakers compared to models released a few years ago, and are able to deliver much better sound quality and stronger vibrations.
Similarly, newer devices use more sensitive motion sensors and gyroscope sensors that can register even the smallest level of resonance from the speakers.
In their experiments, the researchers used two phones, one of which was launched in 2016: OnePlus 3T, and the other was launched in 2019: OnePlus 7T. And the difference between them was noticeable.
Using readily available datasets, the researchers trained a machine learning (ML) algorithm to identify speech content and caller identity and gender. Test data varied depending on the dataset and device, but generally yielded promising results for eavesdropping.
Caller gender identification on the OnePlus 7T ranged between 77.7 percent and 98.7 percent, speaker identification ranged between 63.0 percent and 91.2 percent, and speech recognition ranged between 51.8 percent and 56.4 percent.
On the OnePlus 9, gender recognition rose to 88.7 percent, speaker identification fell to 73.6 percent on average, while speech recognition ranged between 33.3 percent and 41.6 percent.
It is noteworthy that using the loudspeaker and the Spearphone application, during their experiments, the researchers developed a similar attack in 2020, and the accuracy of identifying the gender and knowledge of the caller reached 99 percent, while the accuracy of speech recognition reached 80 percent.
It is noteworthy that one of the factors that can be used to reduce the effectiveness of the EarSpy attack is the volume level that users choose for their speakers. And the low volume can prevent eavesdropping by this side channel attack and is more comfortable on the ear.
The researchers suggest that phone manufacturers ensure that sound pressure is kept stable during calls, and that motion sensors are placed in a position where internally generated vibrations are unaffected, or at least as minimal as possible.
