Evaluating the Privacy and Security Implications of Ambient Light Sensors on Modern Mobile Devices
Modern mobile devices such as smartphones employ a myriad of on-board sensors (e.g., accelerometer, gyroscope and microphone) to enable a wide-variety of useful operations and applications, including, activity recognition, health monitoring, positioning and navigation, and voice-activated commands. Given the large-scale popularity and adoption of these devices, the research literature is rife with efforts that attempt to explore security and privacy threats resulting from the misuse of data sampled from these mobile device sensors. For instance, data sampled from accelerometers and gyroscopes on board smartphones have been used as side-channels to infer a target user's keystrokes, speech and even location. Within this line of research, one sensor that has been relatively unexplored so far, in terms of its security/privacy implications, is the ambient light sensor. An ambient light sensor, typically found on the face (or near the screen) of the mobile device or smartphone measures the intensity of the light falling on the device, in order to improve the users' interaction experience with the screen (and apps in the foreground). A lack of appropriate user- or system-defined access control policies on most modern mobile operating systems to regulate access to this sensor, similar to other sensors such as accelerometers and gyroscopes, makes it especially vulnerable to exploitation if a privacy-specific attack vector can be associated with it. This thesis empirically evaluates the practical feasibility of employing a mobile device's (smartphone's) ambient light sensor as a significant attack surface for inferring privacy-sensitive information. To accomplish this goal, a comprehensive measurement and analysis experiment involving a smart (Internet-enabled) light source and a smartphone ambient light sensor is conducted. Specifically, some target information is first encoded as intensity and color modulations of the light signal by using audio-visualization capabilities available in modern smart lighting systems. This(encoded) light signal is then exposed to the ambient light sensor of the mobile device (smartphone) under a variety of experimental parameters and conditions. A sequence matching-based inference framework is then employed to infer/predict the encoded audio information from the light signal sampled by the device's ambient light sensor. The performance of the aforementioned inference attack under a variety of experimental conditions and device hardware, measured using appropriate accuracy metrics, is then used to analyze the efficacy/potential of a mobile device ambient light sensor as a source of private information leakage. Besides the privacy implication, the ability of being able to decode, in a fine-grained fashion, information embedded within a light signal could also be leveraged to support context or location-based authentication, and so results from the above experiments could also throw light on the feasibility of such light-based mobile authentication systems.