1. bookVolume 2017 (2017): Issue 2 (April 2017)
16 Apr 2015
4 Hefte pro Jahr
access type Open Access

On the Privacy and Security of the Ultrasound Ecosystem

Online veröffentlicht: 04 Apr 2017
Seitenbereich: 95 - 112
Eingereicht: 31 Aug 2016
Akzeptiert: 01 Dec 2016
16 Apr 2015
4 Hefte pro Jahr

Nowadays users often possess a variety of electronic devices for communication and entertainment. In particular, smartphones are playing an increasingly central role in users’ lives: Users carry them everywhere they go and often use them to control other devices. This trend provides incentives for the industry to tackle new challenges, such as cross-device authentication, and to develop new monetization schemes. A new technology based on ultrasounds has recently emerged to meet these demands. Ultrasound technology has a number of desirable features: it is easy to deploy, flexible, and inaudible by humans. This technology is already utilized in a number of different real-world applications, such as device pairing, proximity detection, and cross-device tracking.

[1] Made in America Festival 1.0.8 app on the Play Store. https://play.google.com/store/apps/details?id=com.lisnr.festival.madeinamericaandroid, 2015.Search in Google Scholar

[2] Bluetooth Low Energy API Level 18. https://developer.android.com/guide/topics/connectivity/bluetooth-le.html, 2016.Search in Google Scholar

[3] Google Cast 1.16.7 app on the Play Store. https://play.google.com/store/apps/details?id=com.google.android.apps.chromecast.app, 2016.Search in Google Scholar

[4] Google Nearby Messages API. https://developers.google.com/nearby/messages/android/get-beacon-messages, 2016.Search in Google Scholar

[5] Google Proximity Beacon API. https://developers.google.com/beacons/proximity/guides, 2016.Search in Google Scholar

[6] History GK 5.0 app on the Play Store. https://play.google.com/store/apps/details?id=com.gktalk.history, 2016.Search in Google Scholar

[7] Indianapolis Colts Mobile 3.1.1 app on the Play Store. https://play.google.com/store/apps/details?id=com.yinzcam.nfl.colts, 2016.Search in Google Scholar

[8] Intrasonics-Artificial Echo Modulation. http://www.intrasonics.com/, 2016.Search in Google Scholar

[9] McDo Philippines app on the Play Store. https://play.google.com/store/apps/details?id=ph.mobext.mcdelivery, 2016.Search in Google Scholar

[10] Signal360’s Use Cases. http://www.signal360.com/#results, 2016.Search in Google Scholar

[11] 3GPP. 3rd generation partnership project, technical specification of international mobile station equipment identities (imei).Search in Google Scholar

[12] A. Andreadis and G. Giambene. The global system for mobile communications. Protocols for High-Efficiency Wireless Networks, pages 17–44, 2002.Search in Google Scholar

[13] anfractuosity. Ultrasound Networking. 00003.Search in Google Scholar

[14] Audible magic. https://www.audiblemagic.com/advertising/, 2016.Search in Google Scholar

[15] C. Calabrese. Comments for November 2015 Workshop on Cross-Device Tracking.Search in Google Scholar

[16] C. Castelluccia, M.-A. Kaafar, and M.-D. Tran. Betrayed by your ads! In Privacy Enhancing Technologies Symposium, pages 1–17. Springer, 2012.Search in Google Scholar

[17] T. Chen, I. Ullah, M. A. Kaafar, and R. Boreli. Information leakage through mobile analytics services. In Proceedings of the 15th Workshop on Mobile Computing Systems and Applications, page 15. ACM, 2014.Search in Google Scholar

[18] Copsonic. http://www.copsonic.com/products.html#webtostoretracker, 2016.Search in Google Scholar

[19] L. Deshotels. Inaudible sound as a covert channel in mobile devices. In Proc. 8th USENIX Conf. Offensive Technologies, page 16.Search in Google Scholar

[20] A. Detector. Silverpush android apps. https://public.addonsdetector.com/silverpush-android-apps/, November 2015.Search in Google Scholar

[21] R. Dingledine, N. Mathewson, and P. Syverson. Tor: The second-generation onion router. Technical report, DTIC Document, 2004.Search in Google Scholar

[22] Forbes. Silverpush quits creeping world out, ceases tracking tv habits via inaudible ’beacons’. http://www.forbes.com/sites/thomasbrewster/2016/03/21/silverpush-tv-mobile-ad-tracking-killed/, March 2016.Search in Google Scholar

[23] Ftc public discussion on cross-device tracking. https://www.ftc.gov/news-events/audio-video/video/cross-device-tracking-part-1, November 2015.Search in Google Scholar

[24] D. Goodin. Beware of ads that use inaudible sound to link your phone, TV, tablet, and PC.Search in Google Scholar

[25] D. Goodin. Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps. 00004.Search in Google Scholar

[26] Google. Chromecast guest mode - guest mode faqs. https://support.google.com/chromecast/answer/6109297?hl=en, August 2016.Search in Google Scholar

[27] M. Hanspach and M. Goetz. On Covert Acoustical Mesh Networks in Air. 8(11):758–767.Search in Google Scholar

[28] Honda Electronics. Ultrasonic Aquatic Communication System.Search in Google Scholar

[29] M. Kamal. minimodem - general-purpose software audio FSK modem.Search in Google Scholar

[30] Lisnr. http://lisnr.com/platform, 2016.Search in Google Scholar

[31] Real-time bidding and malvertising: A case study. https://blog.malwarebytes.org/cybercrime/2015/04/real-time-bidding-and-malvertising-a-case-study/, April 2015.Search in Google Scholar

[32] M. Marlinspike. New tricks for defeating ssl in practice.Search in Google Scholar

[33] W. Meng, X. Xing, A. Sheth, U. Weinsberg, and W. Lee. Your online interests: Pwned! a pollution attack against targeted advertising. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pages 129–140. ACM, 2014.Search in Google Scholar

[34] L. Olejnik, C. Castelluccia, et al. Selling off privacy at auction. 2014.Search in Google Scholar

[35] G. Petracca, Y. Sun, T. Jaeger, and A. Atamli. AuDroid: Preventing Attacks on Audio Channels in Mobile Devices. In Annual Computer Security Applications Conference. ACM Press.Search in Google Scholar

[36] E. Ramirez. Transcript - Part 1. In FTC Cross-Device Tracking Workshop.Search in Google Scholar

[37] E. Ramirez. Transcript - Part 2. In FTC Cross-Device Tracking Workshop.Search in Google Scholar

[38] C. Roeding and A. Emigh. Method and system for location-triggered rewards, July 16 2013. US Patent 8,489,112.Search in Google Scholar

[39] Shopkick. https://www.shopkick.com/, June 2016.Search in Google Scholar

[40] Signal360. http://www.signal360.com/#solution, 2016.Search in Google Scholar

[41] A. Silverman. Colts to begin using lisnr technology to reach fans’ mobile devices at games, events. http://www.sportsbusinessdaily.com/Daily/Issues/2016/07/19/Franchises/Colts.aspx, July 2016.Search in Google Scholar

[42] Silverpush. https://www.silverpush.co/#!/audio, 2015.Search in Google Scholar

[43] A. K. Sood and R. J. Enbody. Targeted cyberattacks: a superset of advanced persistent threats. IEEE security & privacy, (1):54–61, 2013.Search in Google Scholar

[44] Sophos. Users weighed down by multiple gadgets and mobile devices, new sophos survey reveals. https://www.sophos.com/en-us/press-office/press-releases/2013/03/mobile-security-survey.aspx, March 2013.Search in Google Scholar

[45] X. Su and T. M. Khoshgoftaar. A survey of collaborative filtering techniques. Advances in artificial intelligence, 2009:4, 2009.Search in Google Scholar

[46] V. Subramanian, S. Uluagac, H. Cam, and R. Beyah. Examining the characteristics and implications of sensor side channels. In Communications (ICC), 2013 IEEE International Conference on, pages 2205–2210. IEEE.Search in Google Scholar

[47] Tchirp. http://www.tchirp.com/#theTech, 2016.Search in Google Scholar

[48] P. Winter, R. Köwer, M. Mulazzani, M. Huber, S. Schrittwieser, S. Lindskog, and E. Weippl. Spoiled Onions: Exposing Malicious Tor Exit Relays. In Privacy Enhancing Technologies Symposium. Springer, 2014.Search in Google Scholar

[49] X. Xing, W. Meng, D. Doozan, A. C. Snoeren, N. Feamster, and W. Lee. Take this personally: Pollution attacks on personalized services. In Proceedings of the 22nd USENIX Security Symposium, 2013.Search in Google Scholar

[50] J. Yan, N. Liu, G. Wang, W. Zhang, Y. Jiang, and Z. Chen. How much can behavioral targeting help online advertising? In Proceedings of the 18th international conference on World wide web, pages 261–270. ACM, 2009.Search in Google Scholar

[51] Y. Yuan, F. Wang, J. Li, and R. Qin. A survey on real time bidding advertising. In Service Operations and Logistics, and Informatics (SOLI), 2014 IEEE International Conference on, pages 418–423. IEEE, 2014.Search in Google Scholar

[52] W. Zhang, L. Chen, and J. Wang. Implicit look-alike modelling in display ads: Transfer collaborative filtering to ctr estimation. arXiv preprint arXiv:1601.02377, 2016.Search in Google Scholar

Recommended articles from Trend MD

Plan your remote conference with Sciendo