(In)secure Acoustic Mobile Authentication

Dianqi Han; Ang Li; Lili Zhang; Yan Zhang; Jiawei Li; Tao Li; Rui Zhang; Yanchao Zhang

doi:10.1109/TMC.2021.3053282

(In)secure Acoustic Mobile Authentication

Dianqi Han, Ang Li, Lili Zhang, Yan Zhang, Jiawei Li, Tao Li, Rui Zhang, Yanchao Zhang

Electrical, Computer, and Energy Engineering, School of (IAFSE-ECEE)

Research output: Contribution to journal › Article › peer-review

1 Scopus citations

Abstract

Acoustic fingerprinting aims to identify a mobile device based on its internal microphone(s) and speaker(s) which are unique due to manufacturing imperfection. This paper seeks a thorough understanding of the (in)security of exploring acoustic fingerprints for achieving distributed mobile authentication. Our contributions are threefold. First, we present a new acoustic fingerprint-emulation attack and demonstrate that it is a common vulnerability of acoustic mobile authentication systems. Second, we propose a dynamic challenge-response defense to secure acoustic mobile authentication systems against the acoustic fingerprint-emulation attack. Finally, we thoroughly investigate existing acoustic fingerprinting schemes and identify the best option for accurate, secure, and deployable acoustic mobile authentication systems.

Original language	English (US)
Journal	IEEE Transactions on Mobile Computing
DOIs	https://doi.org/10.1109/TMC.2021.3053282
State	Accepted/In press - 2021

Keywords

Acoustic authentication
Acoustics
Authentication
Microphones
Mobile handsets
Object recognition
Servers
Wireless communication
dynamic challenge-response
fingerprint-emulation attack

ASJC Scopus subject areas

Software
Computer Networks and Communications
Electrical and Electronic Engineering

Access to Document

10.1109/TMC.2021.3053282

Cite this

@article{2558a46b16a84541aeee8513295b6642,

title = "(In)secure Acoustic Mobile Authentication",

abstract = "Acoustic fingerprinting aims to identify a mobile device based on its internal microphone(s) and speaker(s) which are unique due to manufacturing imperfection. This paper seeks a thorough understanding of the (in)security of exploring acoustic fingerprints for achieving distributed mobile authentication. Our contributions are threefold. First, we present a new acoustic fingerprint-emulation attack and demonstrate that it is a common vulnerability of acoustic mobile authentication systems. Second, we propose a dynamic challenge-response defense to secure acoustic mobile authentication systems against the acoustic fingerprint-emulation attack. Finally, we thoroughly investigate existing acoustic fingerprinting schemes and identify the best option for accurate, secure, and deployable acoustic mobile authentication systems.",

keywords = "Acoustic authentication, Acoustics, Authentication, Microphones, Mobile handsets, Object recognition, Servers, Wireless communication, dynamic challenge-response, fingerprint-emulation attack",

author = "Dianqi Han and Ang Li and Lili Zhang and Yan Zhang and Jiawei Li and Tao Li and Rui Zhang and Yanchao Zhang",

note = "Publisher Copyright: IEEE",

year = "2021",

doi = "10.1109/TMC.2021.3053282",

language = "English (US)",

journal = "IEEE Transactions on Mobile Computing",

issn = "1536-1233",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - JOUR

T1 - (In)secure Acoustic Mobile Authentication

AU - Han, Dianqi

AU - Li, Ang

AU - Zhang, Lili

AU - Zhang, Yan

AU - Li, Jiawei

AU - Li, Tao

AU - Zhang, Rui

AU - Zhang, Yanchao

N1 - Publisher Copyright: IEEE

PY - 2021

Y1 - 2021

N2 - Acoustic fingerprinting aims to identify a mobile device based on its internal microphone(s) and speaker(s) which are unique due to manufacturing imperfection. This paper seeks a thorough understanding of the (in)security of exploring acoustic fingerprints for achieving distributed mobile authentication. Our contributions are threefold. First, we present a new acoustic fingerprint-emulation attack and demonstrate that it is a common vulnerability of acoustic mobile authentication systems. Second, we propose a dynamic challenge-response defense to secure acoustic mobile authentication systems against the acoustic fingerprint-emulation attack. Finally, we thoroughly investigate existing acoustic fingerprinting schemes and identify the best option for accurate, secure, and deployable acoustic mobile authentication systems.

AB - Acoustic fingerprinting aims to identify a mobile device based on its internal microphone(s) and speaker(s) which are unique due to manufacturing imperfection. This paper seeks a thorough understanding of the (in)security of exploring acoustic fingerprints for achieving distributed mobile authentication. Our contributions are threefold. First, we present a new acoustic fingerprint-emulation attack and demonstrate that it is a common vulnerability of acoustic mobile authentication systems. Second, we propose a dynamic challenge-response defense to secure acoustic mobile authentication systems against the acoustic fingerprint-emulation attack. Finally, we thoroughly investigate existing acoustic fingerprinting schemes and identify the best option for accurate, secure, and deployable acoustic mobile authentication systems.

KW - Acoustic authentication

KW - Acoustics

KW - Authentication

KW - Microphones

KW - Mobile handsets

KW - Object recognition

KW - Servers

KW - Wireless communication

KW - dynamic challenge-response

KW - fingerprint-emulation attack

UR - http://www.scopus.com/inward/record.url?scp=85100501065&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85100501065&partnerID=8YFLogxK

U2 - 10.1109/TMC.2021.3053282

DO - 10.1109/TMC.2021.3053282

M3 - Article

AN - SCOPUS:85100501065

SN - 1536-1233

JO - IEEE Transactions on Mobile Computing

JF - IEEE Transactions on Mobile Computing

ER -

(In)secure Acoustic Mobile Authentication

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this