A team of researchers has developed a new attack to eavesdrop on Android devices, which is so sophisticated that it can, to varying degrees, recognize a caller’s gender and identity, and even recognize speech.
The developed side-channel attack, called EarSpy, aims to explore new eavesdropping capabilities by capturing motion sensor data recordings generated by earphone feedback on mobile devices.
As for the side channel attack, it is indicated that the cyber attacks exploit the vulnerabilities of the target, whether at the level of operating systems, applications, networks, algorithms, cryptography, protocols or other components and settings that are in use in that target , but side channel attacks do not depend on the existence of a direct security hole in the target, but rather depend on exploiting some of the information that can be gathered about the system during its operation.
EarSpy is an academic effort of researchers from five US universities: Texas A&M University, New Jersey Institute of Technology, Temple University, University of Dayton and Rutgers University (Rutgers University).
This type of attack has previously been seen in smartphone speakers, but is still too weak to generate enough vibration to put users at risk of eavesdropping.
However, modern smartphones use more powerful stereo speakers than the models released a few years ago and are capable of providing much better sound quality and stronger vibrations.
Similarly, newer devices use more sensitive motion sensors and gyro sensors that can register even the smallest level of resonance from speakers.
In their experiments, the researchers used two phones, one of which was launched in 2016 – OnePlus 3T, and the other was launched in 2019 – OnePlus 7T. And the difference between them was obvious.
Using readily available datasets, the researchers trained a machine learning (ML) algorithm to identify voice content and caller identity and gender. Test data varied by data set and device, but generally yielded promising results for eavesdropping.
Caller gender identification on the OnePlus 7T ranged from 77.7% to 98.7%, speaker identification from 63.0% to 91.2%, and voice recognition from 51.8% to 56.4 %.
On the OnePlus 9, gender recognition rose to 88.7%, speaker identification dropped to 73.6% on average, while speech recognition varied between 33.3% and 41.6%.
Interestingly, using the loudspeaker and the Spearphone application, during their experiments, the researchers developed a similar attack in 2020, and the accuracy of gender identification and caller knowledge reached 99 percent, while l speech recognition accuracy has reached 80 percent.
Interestingly, one of the factors that can be used to reduce the effectiveness of the EarSpy attack is the volume level users choose for their speakers. And the low volume can prevent this side channel attack from being picked up and is more comfortable for the ear.
The researchers suggest that phone manufacturers ensure that sound pressure is kept stable during calls and that they place motion sensors in a position where internally generated vibrations are unaffected, or at least as minimal as possible.
