Hacking Android smartphone lock with the help of sensors
Every Android smartphone user wants its phone to be secured and not accessible to others. In today’s date, there are very few users who do not lock their Android smartphone. Here is what we want to say how hackers can access those locked devices with the help of sensors, yeah just SENSORS!!!!!
Researchers of the Android world found how sensors can simply hack the lock screen code. They used the sensors to find which number has been pressed by a user based on how the phone was tilted and how much light is blocked by the fingers.
The Instruments used in Android smartphones like the accelerometer, gyroscope and proximity sensors represent a potential security vulnerability say, researchers , as data from these sensors could be used by hackers to guess the security PIN and unlock it. Using a combination of information gathered from six different sensors found in smartphones and machine learning and deep learning algorithms, the researchers succeeded in unlocking Android smartphones with a 99.5 percent accuracy within only three tries, said the study. As using the sensors within the smartphones require no permissions to be given by the smartphone user and are available for all apps to access. The team of researchers took Android phones and installed a custom application which collected data from six sensors: accelerometer, gyroscope, magnetometer, proximity sensor, barometer and ambient light sensor.
When you hold your phone and key in the PIN, the way the phone moves when you press 1, 5 or 9, is very different. Likewise, pressing 1 with your right thumb will block more light than if you pressed 9. The classification algorithm was trained with data collected from a group of people, who each entered a random set of 70 four-digit PIN numbers on a phone. At the same time, it recorded the relevant sensor reactions.
The classification algorithm using deep learning was able to give different weightings of importance to each of the sensors, depending on how sensitive each was too different numbers being pressed. Although each individual enters the security PIN on their phone differently, the scientists showed that as data from more people is fed to the algorithm over time, success rates improved.
So while a malicious application may not be able to correctly guess a PIN immediately after installation, using machine learning, it could collect data from thousands of users over time from each of their phones to learn their PIN entry pattern and then launch an attack later when the success rate is much higher. This study shows how devices with seemingly strong security can be attacked using a side-channel, as sensor data could be diverted by malicious applications to spy on user behavior and help to access PIN and password information, and more.
This is where these Android Smartphone developers fail. To protect our Android smartphone from this hack the developer must design the Android smartphone in such way that the operating systems should restrict access to the six sensors in the future so that users can actively choose to give permissions only to trusted apps that need them.