当前位置:
X-MOL 学术
›
arXiv.cs.CR
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
On the Feasibility of Acoustic Attacks Using Commodity Smart Devices
arXiv - CS - Cryptography and Security Pub Date : 2020-01-20 , DOI: arxiv-2001.07157 Matt Wixey, Shane Johnson, and Emiliano De Cristofaro
arXiv - CS - Cryptography and Security Pub Date : 2020-01-20 , DOI: arxiv-2001.07157 Matt Wixey, Shane Johnson, and Emiliano De Cristofaro
Sound at frequencies above (ultrasonic) or below (infrasonic) the range of
human hearing can, in some settings, cause adverse physiological and
psychological effects to individuals. In this paper, we investigate the
feasibility of cyber-attacks that could make smart consumer devices produce
possibly imperceptible sound at both high (17-21kHz) and low (60-100Hz)
frequencies, at the maximum available volume setting, potentially turning them
into acoustic cyber-weapons. To do so, we deploy attacks targeting different
smart devices and take sound measurements in an anechoic chamber. For
comparison, we also test possible attacks on traditional devices. Overall, we find that many of the devices tested are capable of reproducing
frequencies within both high and low ranges, at levels exceeding those
recommended in published guidelines. Generally speaking, such attacks are often
trivial to develop and in many cases could be added to existing malware
payloads, as they may be attractive to adversaries with specific motivations or
targets. Finally, we suggest a number of countermeasures, both
platform-specific and generic ones.
中文翻译:
使用商品智能设备进行声学攻击的可行性
在某些情况下,频率高于(超声波)或低于(次声)人类听觉范围的声音会对个人造成不利的生理和心理影响。在本文中,我们研究了网络攻击的可行性,这些攻击可以使智能消费设备在最大可用音量设置下在高 (17-21kHz) 和低 (60-100Hz) 频率下产生可能难以察觉的声音,从而可能将它们变成声学网络武器。为此,我们部署了针对不同智能设备的攻击,并在消声室中进行声音测量。为了进行比较,我们还测试了对传统设备的可能攻击。总体而言,我们发现许多测试的设备能够再现高低范围内的频率,其水平超过已发布指南中推荐的水平。一般来说,此类攻击通常很容易开发,并且在许多情况下可以添加到现有的恶意软件有效载荷中,因为它们可能对具有特定动机或目标的对手具有吸引力。最后,我们提出了一些对策,包括特定于平台的和通用的。
更新日期:2020-01-22
中文翻译:
使用商品智能设备进行声学攻击的可行性
在某些情况下,频率高于(超声波)或低于(次声)人类听觉范围的声音会对个人造成不利的生理和心理影响。在本文中,我们研究了网络攻击的可行性,这些攻击可以使智能消费设备在最大可用音量设置下在高 (17-21kHz) 和低 (60-100Hz) 频率下产生可能难以察觉的声音,从而可能将它们变成声学网络武器。为此,我们部署了针对不同智能设备的攻击,并在消声室中进行声音测量。为了进行比较,我们还测试了对传统设备的可能攻击。总体而言,我们发现许多测试的设备能够再现高低范围内的频率,其水平超过已发布指南中推荐的水平。一般来说,此类攻击通常很容易开发,并且在许多情况下可以添加到现有的恶意软件有效载荷中,因为它们可能对具有特定动机或目标的对手具有吸引力。最后,我们提出了一些对策,包括特定于平台的和通用的。