We report the first active acoustic side-channel attack. Speakers are used to emit human inaudible acoustic signals, and the echo is recorded via microphones, turning the acoustic system of a smart phone into a sonar system. The echo signal can be used to profile user interaction with the device. For example, a victim’s finger movements can be inferred to steal Android unlock patterns. In our empirical study, the number of candidate unlock patterns that an attacker must try to authenticate herself to a Samsung S4 phone can be reduced by up to 70% using this novel acoustic side-channel. The attack is entirely unnoticeable to victims. Our approach can be easily applied to other application scenarios and device types. Overall, our work highlights a new family of security threats.

中文翻译：

---

SonarSnoop：主动声侧信道攻击

我们报告了第一次主动声旁道攻击。扬声器用于发出人类听不见的声音信号，回声通过麦克风记录下来，从而将智能手机的声音系统转变为声纳系统。回声信号可用于分析用户与设备的交互。例如，可以推断出受害者的手指运动来窃取Android解锁模式。在我们的经验研究中，使用这种新颖的声音侧通道，攻击者必须尝试向Samsung S4手机进行身份验证的候选解锁模式数量最多可以减少70％。袭击对受害者完全是不明显的。我们的方法可以轻松地应用于其他应用场景和设备类型。总体而言，我们的工作突出了一系列新的安全威胁。