[ad_1]
SINGAPORE: Your robot vacuum cleaner could be picking up private conversations along with the dust and dirt in your home.
Computer scientists from the National University of Singapore (NUS) have demonstrated how a common robot vacuum cleaner and its built-in light and range detection (Lidar) sensor could be used to “spy on” private conversations, the university said on Monday (Dec. 7). .
The method, called LidarPhone, reuses the Lidar sensor that a robot vacuum cleaner normally uses to navigate a house into a laser microphone to listen to private conversations.
The research team, led by assistant professor Jun Han and his PhD student Sriram Sami, managed to retrieve speech data with “high precision,” NUS said.
READ: More than a quarter of Singaporeans suffered at least 1 cybersecurity lapse in the past year: CSA survey
“The proliferation of smart devices, including smart speakers and smart security cameras, has increased the chances of hackers spying on our private moments,” said Sami.
“Our approach shows that it is now possible to collect sensitive data just by using something as innocuous as a home robot vacuum cleaner. Our work demonstrates the urgent need to find practical solutions to prevent these malicious attacks.”
HACKERS CAN LEARN THE DETAILS OF THE CREDIT CARD, SENSITIVE INFORMATION
At the core of LidarPhone’s “attack method” is the Lidar sensor, a device that emits an invisible scanning laser to create a map of its surroundings.
By reflecting lasers off common objects, such as a garbage can or take-out bag, located near a person’s computer speaker or television’s soundbar, the investigation showed that hackers could obtain information about the original sound that made the surfaces of objects vibrate.
“Using applied signal processing and deep learning algorithms, speech could be retrieved from audio data and confidential information could potentially be obtained,” said NUS.
COMMENT: The Year Hackers and Scammers Exploited Our COVID-19 Fears to Fool Us
In their experiments, the researchers used a common robot vacuum cleaner with two sound sources: the voice of a person reading the numbers played on a computer speaker, and music clips from television shows played through a sound bar. television.
The team collected more than 19 hours of recorded audio files and passed them through “deep learning algorithms” that were trained to match human voices or identify musical sequences.
“The system was able to detect the digits being spoken aloud, which could constitute the victim’s credit card or bank account numbers. Music clips from TV shows could reveal the victim’s viewing preferences or political orientation, ”NUS said.
The system achieved a 91% sort accuracy rate when retrieving spoken digits and a 90% accuracy rate when sorting music clips. These results are “significantly higher” than a 10 percent random estimate, NUS said.
The NUS scientists also experimented with common household materials to test how well they reflected the Lidar laser beam and found that the accuracy of audio recovery varied between different materials: the best material to reflect the laser beam was a shiny polypropylene bag, while the worst was glossy cardboard.
NUS students Dai Yimin and Sean Tan Rui Xiang, as well as assistant professor Nirupam Roy from the University of Maryland, contributed to the research. The research was presented at the Association for Computing Machinery Conference on Networked Integrated Sensor Systems (SenSys 2020) on November 18, where the team won the Best Poster Finalist award.
DEVICES CONNECTED TO THE INTERNET POSE PRIVACY RISKS
To avoid misuse of Lidars, people with robot vacuums are advised not to connect them to the Internet.
The NUS team also recommends that Lidar sensor manufacturers incorporate a mechanism that cannot be overridden to prevent the internal laser from firing when the Lidar is not rotating.
“In the long term, we need to consider whether our desire for increasingly ‘smarter’ homes is worth the potential privacy implications,” said assistant professor Han.
“We may have to accept that each new Internet-connected sensor device we bring into our homes represents an additional risk to our privacy and make our decisions carefully.”
READ: Increase in number of reported data incidents within government, most due to human error: SNDGO
The team is working to apply these LidarPhone findings to autonomous vehicles, which also use Lidar sensors.
This technology could be used to eavesdrop on conversations happening in nearby cars through tiny vibrations from windows, NUS said.
Researchers are also investigating the vulnerability of active laser sensors found in the latest smartphones, which could reveal more privacy concerns, the university added.
