Advertisement

Leveraging Sensor Fingerprinting for Mobile Device Authentication

  • Thomas HupperichEmail author
  • Henry Hosseini
  • Thorsten Holz
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9721)

Abstract

Device fingerprinting is a technique for identification and recognition of clients and widely used in practice for Web tracking and fraud prevention. While common systems depend on software attributes, sensor-based fingerprinting relies on hardware imperfections and thus opens up new possibilities for device authentication. Recent work focusses on accelerometers as easily accessible sensors of modern mobile devices. However, it has remained unclear if device recognition via sensor-based fingerprinting is feasible under real-world conditions.

In this paper, we analyze the effectiveness of a specialized feature set for sensor-based device fingerprinting and compare the results to feature-less fingerprinting techniques based on raw measurements. Furthermore, we evaluate other sensor types—like gravity and magnetic field sensors—as well as combinations of different sensors concerning their suitability for the purpose of device authentication. We demonstrate that combinations of different sensors yield precise device fingerprints when evaluating the approach on a real-world data set consisting of empirical measurement results obtained from almost 5,000 devices.

Keywords

Device fingerprinting Sensor fingerprinting Device authentication 

References

  1. 1.
    Acar, G., Juarez, M., Nikiforakis, N., Diaz, C., Gürses, S., Piessens, F., Preneel, B.: FPDetective: dusting the web for fingerprinters. In: ACM Conference on Computer and Communications Security (CCS) (2013)Google Scholar
  2. 2.
    Amari, S.I., Murata, N., Muller, K.R., Finke, M., Yang, H.H.: Asymptotic statistical theory of overtraining and cross-validation. IEEE Trans. Neural Netw. 8(5), 985–996 (1997)CrossRefGoogle Scholar
  3. 3.
    Bader, R.: Nonlinearities and Synchronization in Musical Acoustics and Music Psychology. Current Research in Systematic Musicology. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  4. 4.
    Bates, A., Leonard, R., Pruse, H., Butler, K., Lowd, D.: Leveraging USB to establish host identity using commodity devices. In: Proceedings of the Network and Distributed System Security Symposium (NDSS) (2014)Google Scholar
  5. 5.
    Bojinov, H., Michalevsky, Y., Nakibly, G., Boneh, D.: Mobile Device Identification via Sensor Fingerprinting. arxiv preprint arXiv:1408.1416. (2014)
  6. 6.
    Dargie, W., Denko, M.K.: Analysis of error-agnostic time-and frequency-domain features extracted from measurements of 3-D accelerometer sensors. IEEE Syst. J. 4(1), 26–33 (2010)CrossRefGoogle Scholar
  7. 7.
    Dey, S., Roy, N., Xu, W., Choudhury, R.R., Nelakuditi, S.: AccelPrint: imperfections of accelerometers make smartphones trackable. In: Proceedings of the Network and Distributed System Security Symposium (NDSS) (2014)Google Scholar
  8. 8.
    Eckersley, P.: How unique is your web browser? In: Atallah, M.J., Hopper, N.J. (eds.) PETS 2010. LNCS, vol. 6205, pp. 1–18. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  9. 9.
    Eisenberg, G.: Identifikation und Klassifikation von Musikinstrumentenklängen in monophoner und polyphoner Musik. Cuvillier (2008)Google Scholar
  10. 10.
    Eubank, C., Melara, M., Perez-botero, D., Narayanan, A.: Shining the floodlights on mobile web tracking - a privacy survey. In: Web 2.0 Security & Privacy Conference (W2SP) (2013)Google Scholar
  11. 11.
    Gelfand, S.: Essentials of Audiology. Thieme, Stuttgart (2011)Google Scholar
  12. 12.
    Guyon, I.: A scaling law for the validation-set training-set size ratio. In: AT & T Bell Laboratories (1997)Google Scholar
  13. 13.
    Hardcastle, W., Laver, J., Gibbon, F.: The Handbook of Phonetic Sciences. Blackwell Handbooks in Linguistics, Wiley (2012)Google Scholar
  14. 14.
    He, H.: Human Activity Recognition on Smartphones Using Various Classifiers (2013)Google Scholar
  15. 15.
    Hupperich, T., Maiorca, D., Kührer, M., Holz, T., Giacinto, G.: On the robustness of mobile device fingerprinting. In: Annual Computer Security Applications Conference (ACSAC) (2015)Google Scholar
  16. 16.
    Jensen, K.: Timbre models of musical sounds. Ph.D. thesis, Department of Computer Science, University of Copenhagen (1999)Google Scholar
  17. 17.
    Jones, E., Oliphant, T., Peterson, P., et al.: SciPy: open source scientific tools for Python (2001), 26 April 2016. http://scipy.org
  18. 18.
    Kamkar, S.: Evercookie - never forget (2010). http://samy.pl/evercookie/. Accessed June 2015
  19. 19.
    Klapuri, A., Davy, M.: Signal Processing Methods for Music Transcription. Springer, Heidelberg (2007)Google Scholar
  20. 20.
    Kohno, T., Broido, A., Claffy, K.C.: Remote physical device fingerprinting. IEEE Trans. Dependable Secure Comput. 2(2), 93–108 (2005)CrossRefGoogle Scholar
  21. 21.
    Krimphoff, J., McAdams, S., Winsberg, S.: Caractérisation du timbre des sons complexes. ii. Analyses acoustiques et quantification psychophysique. Le. J. Phys. IV 4, 625–628 (1994)Google Scholar
  22. 22.
    Lerch, A.: An Introduction to Audio Content Analysis: Applications in Signal Processing and Music Informatics. Wiley, New York (2012)CrossRefGoogle Scholar
  23. 23.
    Liang, B., You, W., Liu, L., Shi, W., Heiderich, M.: Scriptless timing attacks on web browser privacy. In: Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) (2014)Google Scholar
  24. 24.
    Mcadams, S.: Perspectives on the contribution of timbre to musical structure. Comput. Music J. 23(3), 85–102 (1999)CrossRefGoogle Scholar
  25. 25.
    Moon, S.B., Skelly, P., Towsley, D.: Estimation and removal of clock skew from network delay measurements. In: Proceedings of the IEEE, INFOCOM 1999, Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies, vol. 1, pp. 227–234. IEEE (1999)Google Scholar
  26. 26.
    Nikiforakis, N., Kapravelos, A., Joosen, W., Kruegel, C., Piessens, F., Vigna, G.: Cookieless monster: exploring the ecosystem of web-based device fingerprinting. In: IEEE Symposium on Security and Privacy (2013)Google Scholar
  27. 27.
    Park, T.H.: Salient feature extraction of musical instrument signals. Ph.D. thesis, DARTMOUTH COLLEGE Hanover, New Hampshire (2000)Google Scholar
  28. 28.
    Peeters, G., Giordano, B.L., Susini, P., Misdariis, N., McAdams, S.: The timbre toolbox: extracting audio descriptors from musical signals. J. Acoust. Soc. Am. 130(5), 2902–2916 (2011)CrossRefGoogle Scholar
  29. 29.
    Sanei, S., Chambers, J.: EEG Signal Processing. Wiley, New York (2013)Google Scholar
  30. 30.
    Satapathy, S., Udgata, S., Biswal, B.: Advances in intelligent systems and computing. In: Proceedings of the International Conference on Frontiers of Intelligent Computing: Theory and Applications (FICTA) 2013. Springer (2013)Google Scholar
  31. 31.
    Sinofsky, S.: Supporting sensors in Windows 8 (2012), 6 May 2016. http://blogs.msdn.com/b/b8/archive/2012/01/24/supporting-sensors-in-windows-8.aspx
  32. 32.
    Smith, S.W.: Digital Signal Processing: a Practical Guide for Engineers and Scientists. Newnes, Oxford (2003)Google Scholar
  33. 33.
    Van Der Walt, S., Colbert, S.C., Varoquaux, G.: The NumPy array: a structure for efficient numerical computation. Comput. Sci. Eng. 13(2), 22–30 (2011)CrossRefGoogle Scholar
  34. 34.
    Wang, J., Yen, G., Polycarpou, M.: Advances in Neural Networks ISNN 2012. 9th International Symposium on Neural Networks, ISNN 2012, Shenyang, China, July 11-14, 2012. Proceedings, Part II. Springer, Heidelberg (2012)Google Scholar
  35. 35.
    Yang, Y., Chen, H.: Music Emotion Recognition. Multimedia Computing, Communication and Intelligence. CRC Press, Boca Raton (2011)zbMATHGoogle Scholar
  36. 36.
    Zelkowitz, M.: Advances in Computers: Improving the Web. Elsevier Science, San Diego (2010)zbMATHGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Thomas Hupperich
    • 1
    Email author
  • Henry Hosseini
    • 1
  • Thorsten Holz
    • 1
  1. 1.Horst Görtz Institute for IT-Security (HGI)Ruhr-Universität BochumBochumGermany

Personalised recommendations