Exploiting Power for Smartphone Security and Privacy

摘要

Power consumption has become a key issue for smartphone security and privacy protection. In this dissertation, we propose to exploit power for smartphone security, as well as to optimize energy consumption for smartphone privacy.;First, we show that public USB charging stations pose a significant privacy risk to smartphone users. We present a side-channel attack that allows a charging station to identify which webpages are loaded while the smartphone is charging. To evaluate this side-channel, we collected power traces of Alexa top 50 websites on multiple smartphones under several conditions, including: varied battery charging level, browser cache enabled/disabled, taps/no taps on the screen, WiFi/LTE, TLS encryption enabled/disabled, different amounts of time elapsed between collection of training and testing data, and various hosting locations of the website being visited. The results of our evaluation show that the attack is highly successful: in many settings, we were able to achieve over 90% accuracy on webpage identification. On the other hand, our experiments also show that this side-channel is sensitive to some of the aforementioned conditions.;Second, we introduce a new attack that allows a malicious charging station to identify which website is being visited by a smartphone user via Tor network. Our attack solely depends on power measurements performed while the user is charging her smartphone. We evaluated the attack by training a machine learning model on power traces from 50 regular webpages and 50 Tor hidden services. We considered realistic constraints such as different Tor circuits types and battery charging levels. We were able to correctly identify webpages visited using the official mobile Tor browser with accuracy of up to 85.7% when the battery was fully charged, and up to 46% when the battery level was between 30% and 50%. Our results show that hidden services can be identified with higher accuracies than regular webpages.;Third, we propose a memory- and energy-efficient garbled circuit evaluation mechanism named MEG on smartphones. MEG utilizes batch data transmission and multi-threading to reduce memory and energy consumption. We implement MEG on Android smartphones and compare its performance with existing methods (non-pipelined and pipelined). Two garbled circuits of different scales, 128-bit AES encryption (AES-128) and 256-bit Levenshtein distance (EDT-256), are considered. Our measurement results show that compared with non-pipelined method, MEG decreases the memory consumption by up to 97.5% for EDT-256 when batch size is 2 MB. Compared with pipelined method, MEG reduces the energy consumption by up to 42% for AES-128 and 23% for EDT-256. Multi-thread MEG also significantly decreases the circuit evaluation time by up to 56.7% for AES-128 and up to 13.5% for EDT-256.