YoVDO

Gyrophone - Eavesdropping Using a Gyroscope

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Mobile Device Security Courses Speech Analysis Courses Gyroscope Courses

Course Description

Overview

Explore a groundbreaking security research presentation that reveals how smartphone gyroscopes can be exploited for eavesdropping without microphone access. Delve into the technical details of how gyroscopes in modern smartphones are sensitive enough to capture acoustic signals, potentially allowing unauthorized apps and websites to listen in on nearby conversations. Learn about the experimental setup, speech analysis techniques, and machine learning classifiers used to demonstrate gender identification, speaker recognition, and isolated word detection using gyroscope data. Examine the implications of this vulnerability across various iOS and Android devices, and discover potential software and hardware defenses against such attacks. Gain insights into the broader security concerns surrounding sensor access in mobile devices and the importance of privacy-preserving measures in app development and web design.

Syllabus

Intro
INTRODUCTION - YAN MICHALEVSKY
MICROPHONE ACCESS
GYROSCOPE ACCESS BY A BROWSER JAVASCRIPT CODE EXAMPLE
MEMS GYROSCOPES
GYROSCOPES ARE SUSCEPTIBLE TO SOUND
GYROSCOPES ARE (LOUSY, BUT STILL) MICROPHONES
SOFTWARE LIMITATION OF THE SAMPLING RATE
SAMPLING FREQUENCY LIMITS
THE EFFECTS OF LOW SAMPLING FREQUENCY SPEECH SAMPLED AT 8,000HZ
WE CAN SENSE HIGH FREQUENCY SIGNALS DUE TO ALIASING
EXPERIMENTAL SETUP
SPEECH ANALYSIS USING A SINGLE GYROSCOPE
PREPROCESSING • All samples are converted to audio files in WAV format
FEATURES • MFCC-Mel-Frequency Cepstral Coefficients • Statistical features are used mean and variance
CLASSIFIERS
DYNAMIC TIME WARPING
GENDER IDENTIFICATION
WE CAN SUCCESSFULLY IDENTIFY GENDER
SPEAKER IDENTIFICATION
A GOOD CHANCE TO IDENTIFY THE SPEAKER
ISOLATED WORDS RECOGNITION SPEAKER INDEPENDENT
HOW CAN WE LEVERAGE EAVESDROPPING SIMULTANEOUSLY ON TWO DEVICES?
SIMILAR TO TIME-INTERLEAVED ADC's
NON-UNIFORM RECONSTRUCTION REQUIRES KNOWING PRECISE TIME-SKEWS
PRACTICAL COMPROMISE Interleaving samples from multiple devices
EVALUATION Tested for the case of speaker dependent word recognition
FURTHER ATTACKS
SOURCE SEPARATION
AMBIENT SOUND RECOGNITION
SOFTWARE DEFENSES
HARDWARE DEFENSES
CONCLUSION


Taught by

Black Hat

Related Courses

Analyze Speech & Language with Google APIs: Challenge Lab
Google via Google Cloud Skills Boost Automate Interactions with Contact Center AI: Challenge Lab
Google via Google Cloud Skills Boost Contact Center AI: Operations and Implementation
Google Cloud via Coursera Analyze Speech and Language with Google APIs
Google via Google Cloud Skills Boost The Pronunciation of American English Project
University of California, Irvine via Coursera