Hardware and Software Fingerprinting of Mobile Devices

Add to your list(s) Download to your calendar using vCal

• Jiexin (Stan) Zhang, University of Cambridge
• Tuesday 10 November 2020, 13:00-14:00
• Webinar.

If you have a question about this talk, please contact Jack Hughes.

This talk presents novel and practical algorithms to identify the software and hardware components on mobile devices.

• We develop a novel Android library fingerprinting tool, LibID, to reliably identify specific versions of in-app third-party libraries against code obfuscation. We demonstrate the utility of LibID by detecting the use of vulnerable OkHttp libraries in nearly 10% of the 3,958 popular apps on Google Play.

• We present a new type of device fingerprinting, the factory calibration fingerprinting, that recovers embedded per-device factory calibration data from motion sensors in a smartphone.

• We show the calibration fingerprint is fast to generate, does not change over time or after a factory reset, can be obtained without any special user permissions, and is very likely to be globally unique for iOS devices and recent Google Pixel devices. Following our disclosures, Apple deployed a fix in iOS 12.2 and Google in Android 11.

Related URLs: https://www.cl.cam.ac.uk/~jz448/ https://sensorid.cl.cam.ac.uk/

RECORDING : Please note, this event will be recorded and will be available after the event for an indeterminate period under a CC BY -NC-ND license. Audience members should bear this in mind before joining the webinar or asking questions.

This talk is part of the Computer Laboratory Security Seminar series.

This talk is included in these lists:

• All Talks (aka the CURE list)
• Cambridge talks
• Computer Laboratory Security Seminar
• Department of Computer Science and Technology talks and seminars
• Interested Talks
• School of Technology
• Security-related talks
• Trust & Technology Initiative - interesting events
• Webinar
• bld31

Note that ex-directory lists are not shown.