Evaluating potential sensitive information leaks on a smartphone using the magnetometer and Conformal Prediction

The low powered sensors used in modern Smartphones do not require permissions when using low sampling rates i.e. 200Hz and below. This has made them a target for side channel attacks. In this paper we perform a series of experiments that harvest raw data from the low powered sensor known as the magnetometer. We start by using unsupervised learning with the cosine metric to provide clear indications if it is possible to classify the data into the different security events occurring at the time of capture. We then build a model, designed to be robust in terms of the orientation of the device, to evaluate the risk of sensitive data being correctly identified from magnetometer data despite the limited sampling rate. Using a model trained with LSTM on the whole data set with an 80/20 split, our results show 100% accuracy on our reverse Turing test and 67.5% on the key press test. We also show that when analysing the captured magnetometer responses to playing sound samples from the loudspeaker it is very difficult to infer the original sound. We extend the work using Inductive Conformal Prediction by examining the property of uncertainty for different confidence levels. We also show that despite a high degree of uncertainty there is the potential to infer security properties such as the layout of a screen. To this end we show that the number 5 in the center of a keypad occurs a disproportionately high number of times in the prediction set (68.3%).