Evil third-party screens on smartphones are able to see all that you poke

Smartphone hackers can glean secrets by analysing touchscreen user interactions, according to new research.

Boffins from Ben-Gurion University in Israel have shown it's possible to impersonate a user by tracking touch movements on smartphones with compromised third-party touchscreens, whether they're sending emails, conducting financial transactions or even playing games.

The research provides a new spin on what was already a recognised threat. Broken smartphone touchscreens are often switched with aftermarket third-party components that have been found to have malicious code embedded.

"Our research objective was to use machine learning to determine the amount of high-level context information the attacker can derive by observing and predicting the user's touchscreen interactions," said Dr Yossi Oren, a researcher in the BGU Department of Software and Information Systems Engineering. "If an attacker can understand the context of certain events, he can use the information to create a more effective customized attack."

The researchers recorded 160 touch interaction sessions from users running many different applications. Using a series of questions and games, the researchers employed machine learning to determine stroke velocity, duration and stroke intervals on specially modified LG Nexus Android phones.

The team said the machine learning results demonstrated an accuracy rate of 92 per cent.

"Now that we have validated the ability to obtain high-level context information based on touch events alone, we recognize that touch injection attacks are a more significant potential threat," Dr Oren added. "Using this analysis defensively, we can also stop attacks by identifying anomalies in a user's typical phone use and deter unauthorized or malicious phone use."

David Rogers, a mobile IoT specialist and lecturer in software engineering at the University of Oxford, told El Reg: "I think it is a legitimate avenue for attack if somewhat convoluted. We did some work on secure UI and extraction of screen memory at OMTP [Open Mobile Terminal Platform]."

Dr Oren's findings were presented at the Second International Symposium on Cybersecurity, Cryptography and Machine Learning (CSCML) on June 21-22 in Beer-Sheva, Israel. The researchers include BGU undergraduate students Moran Azaran, Niv Ben-Shabat, and Tal Shkonik. ®