Private conversations are an attractive target for malicious actors intending to conduct audio eavesdropping attacks. Previous works discovered unexpected vectors for these attacks, such as analyzing high-speed video of objects adjacent to sound sources, or using WiFi signal information. We propose LidarPhone, a novel side-channel attack that exploits the lidar sensors in commodity robot vacuum cleaners to perform acoustic eavesdropping attacks. LidarPhone is able to detect the minute vibrations induced on objects that are near audio sources, and extract meaningful signals from inherently noisy raw lidar returns. We evaluate a realistic scenario for potential victims: recovering privacy-sensitive digits (e.g., credit card numbers, social security numbers) emitted by computer speakers during teleconferencing calls. We implement LidarPhone on a Xiaomi Roborock vacuum cleaning robot and perform a comprehensive series of real-world experiments to determine its performance. LidarPhone achieves up to 91% accuracy for digit classification.
|Title of host publication||SenSys 2020 - Proceedings of the 2020 18th ACM Conference on Embedded Networked Sensor Systems|
|Publisher||Association for Computing Machinery, Inc|
|Number of pages||2|
|Publication status||Published - 2020 Nov 16|
|Event||18th ACM Conference on Embedded Networked Sensor Systems, SenSys 2020 - Virtual, Online, Japan|
Duration: 2020 Nov 16 → 2020 Nov 19
|Name||SenSys 2020 - Proceedings of the 2020 18th ACM Conference on Embedded Networked Sensor Systems|
|Conference||18th ACM Conference on Embedded Networked Sensor Systems, SenSys 2020|
|Period||20/11/16 → 20/11/19|
Bibliographical noteFunding Information:
This research was partially supported by a grant from Singapore Ministry of Education Academic Research Fund Tier 1 (R-252-000-A26-133).
© 2020 ACM.
All Science Journal Classification (ASJC) codes
- Control and Systems Engineering
- Electrical and Electronic Engineering
- Computer Networks and Communications