Toggle Main Menu Toggle Search

Open Access padlockePrints

A Side-channel Analysis of Sensor Multiplexing for Covert Channels and Application Profiling on Mobile Devices

Lookup NU author(s): Dr Carlton Shepherd



This work is licensed under a Creative Commons Attribution 4.0 International License (CC BY 4.0).


Mobile devices often distribute measurements from physical sensors to multiple applications using software multiplexing. On Android devices, the highest requested sampling frequency is returned to all applications, even if others request measurements at lower frequencies. In this paper, we comprehensively demonstrate that this design choice exposes practically exploitable side-channels using frequency-key shifting. By carefully modulating sensor sampling frequencies in software, we show how unprivileged malicious applications can construct reliable spectral covert channels that bypass existing security mechanisms. Additionally, we present a novel variant that allows an unprivileged malicious application to profile other active, sensor-enabled applications at a coarse-grained level. Both methods do not impose any special assumptions beyond accessing standard mobile services available to developers. As such, our work reports side-channel vulnerabilities that exploit subtle yet insecure design choices in Android sensor stacks.

Publication metadata

Author(s): Shepherd C, Kalbantner J, Semal B, Markantonakis K

Publication type: Article

Publication status: Published

Journal: IEEE Transactions on Dependable and Secure Computing

Year: 2023

Pages: Epub ahead of print

Online publication date: 11/10/2023

Acceptance date: 08/10/2023

Date deposited: 22/10/2023

ISSN (print): 1545-5971

ISSN (electronic): 1941-0018

Publisher: IEEE


DOI: 10.1109/TDSC.2023.3323732

ePrints DOI: 10.57711/qrxq-qt14


Altmetrics provided by Altmetric


Funder referenceFunder name
European Union Horizon 2020