editor's blog
Subscribe Now

Accelerometer Fingerprints

An interesting paper was published earlier this year by a team from University of Illinois at Urbana-Champaign, University of South Carolina, and Zhejiang University. In short, it says that the accelerometer in your phone could give you away even if you’ve locked all your privacy settings down tight.

The idea is based on the fact that each accelerometer is unique at the lowest level, having minor but detectable differences in waveform or harmonic content. To the extent that the characteristic resonance of an accelerometer can identify it uniquely (or nearly so), it acts as a signature.

This means that an app can “record” a phone’s accelerometer and then store it in the cloud for future reference. Some other app can also sample the accelerometer and send the sample to the Cloud, where a search engine can match the signature and identify the phone. (This is the way music is identified these days, so there is clearly precedent that the search aspect is doable.)

“Unique” may actually be an overstatement from a purely scientific standpoint. As they point out, they haven’t done enough of a statistical sample to prove uniqueness over the many millions of phones out there, and they don’t have some theoretical model to suggest uniqueness. But they measured 36 different time- and frequency-domain features in 80 accelerometers, 25 phones, and 2 tablets and came away pretty convinced that there is something to pay attention to here.

They discuss the possibility of “scrubbing” the measurements by adding white noise or filtering, but each of the things they tried was either ineffective or too effective (that is, it affected how an application operated).

To me, it seems like there’s an abstraction problem here. A phone has a raw accelerometer followed by a conditioning circuit and a digitizer. Eventually a value is placed in a register for retrieval by an application. In a perfect world, all distortions and anomalies would be “filtered” out by the conditioning and the digitization so that what lands in the register has been purged of errors – making all accelerometers look alike. That’s a pretty high bar to set, but you’d think that, even if not perfect, it would at least get rid of enough noise to make a uniqueness determination infeasible.

Then again, as they point out, (a) it took 36 features to get uniqueness, and (b) if you couldn’t quite get there using just the accelerometer, you could also bring the gyro (et al) into the picture – effectively adding more features to the signature. So any policy of “cleanup” prior to registering the final value would have to be applicable (and actually applied) strategically across a number of sensors. In other words, some fortuitous solution related to how accelerometers are built would be insufficient, since it couldn’t be used on a gyro as well.

The only other obvious solution would be policy-based. You could restrict low-level access, but that would rule out apps needing high precision readings. The OS could flag apps that need low-level access and ask permission, although presenting that request to a non-technical phone user could be a challenge. And the OS would have to actually check the program code to see if it does low-level access; relying on declarations wouldn’t work since the concern here is specifically about sneakware, whose authors are not likely to volunteer what they’re about.

I’m curious about your thoughts on this. Are there other solutions? Is this much ado about nothing? You can read much more detail in the original paper, and then share your reactions.

Leave a Reply

featured blogs
Dec 2, 2020
The folks at LEVL are on a mission is to erase your network footprint. Paradoxically, they do this by generating their own 48-bit LEVL-IDs for your devices....
Dec 2, 2020
To arrive at your targeted and optimized PPA, you will need to execute several Innovus runs with a variety of design parameters, commands, and options. You will then need to analyze the data which... [[ Click on the title to access the full blog on the Cadence Community site...
Dec 1, 2020
UCLA’s Maxx Tepper gives us a brief overview of the Ocean High-Throughput processor to be used in the upgrade of the real-time event selection system of the CMS experiment at the CERN LHC (Large Hadron Collider). The board incorporates Samtec FireFly'„¢ optical cable ...
Nov 25, 2020
[From the last episode: We looked at what it takes to generate data that can be used to train machine-learning .] We take a break from learning how IoT technology works for one of our occasional posts on how IoT technology is used. In this case, we look at trucking fleet mana...

featured video

Improve SoC-Level Verification Efficiency by Up to 10X

Sponsored by Cadence Design Systems

Chip-level testbench creation, multi-IP and CPU traffic generation, performance bottleneck identification, and data and cache-coherency verification all lack automation. The effort required to complete these tasks is error prone and time consuming. Discover how the Cadence® System VIP tool suite works seamlessly with its simulation, emulation, and prototyping engines to automate chip-level verification and improve efficiency by ten times over existing manual processes.

Click here for more information about System VIP

featured paper

Top 9 design questions about digital isolators

Sponsored by Texas Instruments

Looking for more information about digital isolators? We’re here to help. Based on TI E2E™ support forum feedback, we compiled a list of the most frequently asked questions about digital isolator design challenges. This article covers questions such as, “What is the logic state of a digital isolator with no input signal?”, and “Can you leave unused channel pins on a digital isolator floating?”

Click here to download the whitepaper

Featured Chalk Talk

Bulk Acoustic Wave (BAW) Technology

Sponsored by Mouser Electronics and Texas Instruments

In industrial applications, crystals are not ideal for generating clock signal timing. They take up valuable PCB real-estate, and aren’t stable in harsh thermal and vibration environments. In this episode of Chalk Talk, Amelia Dalton chats with Nick Smith from Texas Instruments about bulk acoustic wave (BAW) technology that offers an attractive alternative to crystals.

More information about Texas Instruments Bulk Acoustic Wave (BAW) Technology