(In)secure Acoustic Mobile Authentication

Dianqi Han, Ang Li, Lili Zhang, Yan Zhang, Jiawei Li, Tao Li, Rui Zhang, Yanchao Zhang

Research output: Contribution to journalArticlepeer-review

Abstract

Acoustic fingerprinting aims to identify a mobile device based on its internal microphone(s) and speaker(s) which are unique due to manufacturing imperfection. This paper seeks a thorough understanding of the (in)security of exploring acoustic fingerprints for achieving distributed mobile authentication. Our contributions are threefold. First, we present a new acoustic fingerprint-emulation attack and demonstrate that it is a common vulnerability of acoustic mobile authentication systems. Second, we propose a dynamic challenge-response defense to secure acoustic mobile authentication systems against the acoustic fingerprint-emulation attack. Finally, we thoroughly investigate existing acoustic fingerprinting schemes and identify the best option for accurate, secure, and deployable acoustic mobile authentication systems.

Original languageEnglish (US)
JournalIEEE Transactions on Mobile Computing
DOIs
StateAccepted/In press - 2021

Keywords

  • Acoustic authentication
  • Acoustics
  • Authentication
  • Microphones
  • Mobile handsets
  • Object recognition
  • Servers
  • Wireless communication
  • dynamic challenge-response
  • fingerprint-emulation attack

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of '(In)secure Acoustic Mobile Authentication'. Together they form a unique fingerprint.

Cite this