Skip to main content
Top

2024 | OriginalPaper | Chapter

Listening Between the Bits: Privacy Leaks in Audio Fingerprints

Authors : Moritz Pfister, Robert Michael, Max Boll, Cosima Körfer, Konrad Rieck, Daniel Arp

Published in: Detection of Intrusions and Malware, and Vulnerability Assessment

Publisher: Springer Nature Switzerland

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Audio content recognition is an emerging technology that forms the basis for mobile services, such as automatic song recognition, second-screen synchronization, and broadcast monitoring. The technology utilizes audio fingerprints, short patterns that are extracted from audio recordings of a smartphone and enable the identification of specific content. These fingerprints are generally considered privacy-friendly, as they contain minimal information of the original signal. As a result, mobile applications have emerged in the past few years that silently monitor user habits by collecting such audio fingerprints in the background. In this paper, we systematically examine whether audio fingerprints leak sensitive information from the recording environment and potentially violate the privacy of smartphone users. To this end, we analyze three popular audio recognition solutions and develop attacks to infer sensitive information from their fingerprints. To the best of our knowledge, we are the first to show that the identification of speakers and words in the fingerprints is possible. Based on our analysis, we conclude that current audio fingerprints do not sufficiently protect privacy and should be used with great caution.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Appendix
Available only for authorised users
Footnotes
2
sha1: 3c0770204a5d769c1a22a4acb7f9d6a4dd12e55c.
 
3
sha1: 5de8eb4098d2e35a2c3951a169bf9e19a680e2d4.
 
Literature
2.
go back to reference Arp, D., Quiring, E., Wressnegger, C., Rieck, K.: Privacy threats through ultrasonic side channels on mobile devices. In: Proceedings of IEEE European Symposium on Security and Privacy (EuroS &P) (2017) Arp, D., Quiring, E., Wressnegger, C., Rieck, K.: Privacy threats through ultrasonic side channels on mobile devices. In: Proceedings of IEEE European Symposium on Security and Privacy (EuroS &P) (2017)
3.
go back to reference Arp, D., et al.: Dos and don’ts of machine learning in computer security. In: Proceedings of USENIX Security Symposium (2022) Arp, D., et al.: Dos and don’ts of machine learning in computer security. In: Proceedings of USENIX Security Symposium (2022)
4.
go back to reference Brookman, J., Rouge, P., Alva, A., Yeung, C.: Cross-device tracking: measurement and disclosures. Proc. Priv. Enhancing Technol. (PETS) 2017(2) (2017) Brookman, J., Rouge, P., Alva, A., Yeung, C.: Cross-device tracking: measurement and disclosures. Proc. Priv. Enhancing Technol. (PETS) 2017(2) (2017)
5.
go back to reference Celosia, G., Cunche, M.: Discontinued privacy: personal data leaks in apple Bluetooth-low-energy continuity protocols. Proc. Priv. Enhancing Technol. (PETS) 2020(1) (2020) Celosia, G., Cunche, M.: Discontinued privacy: personal data leaks in apple Bluetooth-low-energy continuity protocols. Proc. Priv. Enhancing Technol. (PETS) 2020(1) (2020)
6.
go back to reference Chatterjee, R., et al.: The spyware used in intimate partner violence. In: Proceedings of IEEE Symposium on Security and Privacy (S &P) (2018) Chatterjee, R., et al.: The spyware used in intimate partner violence. In: Proceedings of IEEE Symposium on Security and Privacy (S &P) (2018)
7.
go back to reference Chen, H., Laine, K., Rindal, P.: Fast private set intersection from homomorphic encryption. In: Proceedings of ACM Conference on Computer and Communications Security (CCS) (2017) Chen, H., Laine, K., Rindal, P.: Fast private set intersection from homomorphic encryption. In: Proceedings of ACM Conference on Computer and Communications Security (CCS) (2017)
10.
go back to reference Defferrard, M., Benzi, K., Vandergheynst, P., Bresson, X.: FMA: a dataset for music analysis. In: Proceedings of the International Society for Music Information Retrieval Conference (ISMIR) (2017) Defferrard, M., Benzi, K., Vandergheynst, P., Bresson, X.: FMA: a dataset for music analysis. In: Proceedings of the International Society for Music Information Retrieval Conference (ISMIR) (2017)
11.
go back to reference Devlin, J., Chang, M.W., Lee, K., Toutanova, K.: BERT: pre-training of deep bidirectional transformers for language understanding. In: Proceedings of the Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies (NAACL-HLT) (2019) Devlin, J., Chang, M.W., Lee, K., Toutanova, K.: BERT: pre-training of deep bidirectional transformers for language understanding. In: Proceedings of the Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies (NAACL-HLT) (2019)
12.
go back to reference Dong, C., Chen, L., Wen, Z.: When private set intersection meets big data: an efficient and scalable protocol. In: Proceedings of ACM Conference on Computer and Communications Security (CCS) (2013) Dong, C., Chen, L., Wen, Z.: When private set intersection meets big data: an efficient and scalable protocol. In: Proceedings of ACM Conference on Computer and Communications Security (CCS) (2013)
13.
go back to reference Dosovitskiy, A., et al.: An image is worth \(16 \times 16\) words: transformers for image recognition at scale. In: Proceedings of International Conference on Learning Representations (ICLR) (2019) Dosovitskiy, A., et al.: An image is worth \(16 \times 16\) words: transformers for image recognition at scale. In: Proceedings of International Conference on Learning Representations (ICLR) (2019)
14.
go back to reference Faragher, R., Harle, R.: Location fingerprinting with Bluetooth low energy beacons. IEEE J. Sel. Areas Commun. 33(11), 2418–2428 (2015)CrossRef Faragher, R., Harle, R.: Location fingerprinting with Bluetooth low energy beacons. IEEE J. Sel. Areas Commun. 33(11), 2418–2428 (2015)CrossRef
15.
go back to reference Haitsma, J., Kalker, T.: A highly robust audio fingerprinting system. In: Proceedings of the International Society for Music Information Retrieval Conference (ISMIR) (2002) Haitsma, J., Kalker, T.: A highly robust audio fingerprinting system. In: Proceedings of the International Society for Music Information Retrieval Conference (ISMIR) (2002)
16.
go back to reference Hassani, A., Walton, S., Shah, N., Abuduweili, A., Li, J., Shi, H.: Escaping the big data paradigm with compact transformers. CoRR abs/2104.05704 (2021) Hassani, A., Walton, S., Shah, N., Abuduweili, A., Li, J., Shi, H.: Escaping the big data paradigm with compact transformers. CoRR abs/2104.05704 (2021)
18.
go back to reference Jawurek, M., Johns, M., Rieck, K.: Smart metering de-pseudonymization. In: Proceedings of Annual Computer Security Applications Conference (ACSAC) (2011) Jawurek, M., Johns, M., Rieck, K.: Smart metering de-pseudonymization. In: Proceedings of Annual Computer Security Applications Conference (ACSAC) (2011)
19.
go back to reference Kennedy, S., Li, H., Wang, C., Liu, H., Wang, B., Sun, W.: I can hear your Alexa: voice command fingerprinting on smart home speakers. In: Proceedings of IEEE Conference on Communications and Network Security (CNS) (2019) Kennedy, S., Li, H., Wang, C., Liu, H., Wang, B., Sun, W.: I can hear your Alexa: voice command fingerprinting on smart home speakers. In: Proceedings of IEEE Conference on Communications and Network Security (CNS) (2019)
20.
go back to reference Kim, H.G., Cho, H.S., Kim, J.Y.: Robust audio fingerprinting using peak-pair-based hash of non-repeating foreground audio in a real environment. Cluster Comput. 19(1) (2016) Kim, H.G., Cho, H.S., Kim, J.Y.: Robust audio fingerprinting using peak-pair-based hash of non-repeating foreground audio in a real environment. Cluster Comput. 19(1) (2016)
21.
go back to reference Knospe, H.: Privacy-enhanced perceptual hashing of audio data. In: International Conference on Security and Cryptography (SECRYPT) (2013) Knospe, H.: Privacy-enhanced perceptual hashing of audio data. In: International Conference on Security and Cryptography (SECRYPT) (2013)
23.
go back to reference Korolova, A., Sharma, V.: Cross-app tracking via nearby Bluetooth low energy devices. In: Proceedings of ACM Conference on Data and Applications Security and Privacy (CODASPY) (2018) Korolova, A., Sharma, V.: Cross-app tracking via nearby Bluetooth low energy devices. In: Proceedings of ACM Conference on Data and Applications Security and Privacy (CODASPY) (2018)
26.
go back to reference Liberatore, M., Levine, B.N.: Inferring the source of encrypted http connections. In: Proceedings of ACM Conference on Computer and Communications Security (CCS) (2006) Liberatore, M., Levine, B.N.: Inferring the source of encrypted http connections. In: Proceedings of ACM Conference on Computer and Communications Security (CCS) (2006)
27.
go back to reference Loshchilov, I., Hutter, F.: SGDR: stochastic gradient descent with warm restarts. In: Proceedings of International Conference on Learning Representations (ICLR) (2017) Loshchilov, I., Hutter, F.: SGDR: stochastic gradient descent with warm restarts. In: Proceedings of International Conference on Learning Representations (ICLR) (2017)
28.
go back to reference Loshchilov, I., Hutter, F.: Decoupled weight decay regularization. In: Proceedings of International Conference on Learning Representations (ICLR) (2019) Loshchilov, I., Hutter, F.: Decoupled weight decay regularization. In: Proceedings of International Conference on Learning Representations (ICLR) (2019)
29.
go back to reference Mavroudis, V., Hao, S., Fratantonio, Y., Maggi, F., Kruegel, C., Vigna, G.: On the privacy and security of the ultrasound ecosystem. Proc. Priv. Enhancing Technol. (PETS) 2017(2) (2017) Mavroudis, V., Hao, S., Fratantonio, Y., Maggi, F., Kruegel, C., Vigna, G.: On the privacy and security of the ultrasound ecosystem. Proc. Priv. Enhancing Technol. (PETS) 2017(2) (2017)
32.
go back to reference Panayotov, V., Chen, G., Povey, D., Khudanpur, S.: LibriSpeech: an ASR corpus based on public domain audio books. In: IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) (2015) Panayotov, V., Chen, G., Povey, D., Khudanpur, S.: LibriSpeech: an ASR corpus based on public domain audio books. In: IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) (2015)
33.
go back to reference Park, M., Kim, H.R., Yang, S.H.: Frequency-temporal filtering for a robust audio fingerprinting scheme in real-noise environments. ETRI J. 28(4) (2006) Park, M., Kim, H.R., Yang, S.H.: Frequency-temporal filtering for a robust audio fingerprinting scheme in real-noise environments. ETRI J. 28(4) (2006)
35.
go back to reference Reardon, J., Feal, Á., Wijesekera, P., On, A.E.B., Vallina-Rodriguez, N., Egelman, S.: 50 ways to leak your data: an exploration of apps’ circumvention of the Android permissions system. In: Proceedings of USENIX Security Symposium (2019) Reardon, J., Feal, Á., Wijesekera, P., On, A.E.B., Vallina-Rodriguez, N., Egelman, S.: 50 ways to leak your data: an exploration of apps’ circumvention of the Android permissions system. In: Proceedings of USENIX Security Symposium (2019)
36.
go back to reference Rimmer, V., Preuveneers, D., Juárez, M., van Goethem, T., Joosen, W.: Automated website fingerprinting through deep learning. In: Proceedings of Network and Distributed System Security Symposium (NDSS) (2018) Rimmer, V., Preuveneers, D., Juárez, M., van Goethem, T., Joosen, W.: Automated website fingerprinting through deep learning. In: Proceedings of Network and Distributed System Security Symposium (NDSS) (2018)
37.
go back to reference Saadatpanah, P., Shafahi, A., Goldstein, T.: Adversarial attacks on copyright detection systems. In: Proceedings of International Conference on Machine Learning (ICML) (2020) Saadatpanah, P., Shafahi, A., Goldstein, T.: Adversarial attacks on copyright detection systems. In: Proceedings of International Conference on Machine Learning (ICML) (2020)
38.
go back to reference Schlegel, R., Zhang, K., Zhou, X., Intwala, M., Kapadia, A., Wang, X.: Soundcomber: a stealthy and context-aware sound trojan for smartphones. In: Proceedings of Network and Distributed System Security Symposium (NDSS) (2011) Schlegel, R., Zhang, K., Zhou, X., Intwala, M., Kapadia, A., Wang, X.: Soundcomber: a stealthy and context-aware sound trojan for smartphones. In: Proceedings of Network and Distributed System Security Symposium (NDSS) (2011)
39.
go back to reference Son, W., Cho, H.T., Yoon, K.: Sub-fingerprint masking for a robust audio fingerprinting system in a real-noise environment for portable consumer devices. In: Digest of Technical Papers International Conference on Consumer Electronics (ICCE) (2010) Son, W., Cho, H.T., Yoon, K.: Sub-fingerprint masking for a robust audio fingerprinting system in a real-noise environment for portable consumer devices. In: Digest of Technical Papers International Conference on Consumer Electronics (ICCE) (2010)
40.
go back to reference Sonnleitner, R., Widmer, G.: Robust quad-based audio fingerprinting. IEEE ACM Trans. Audio Speech Lang. Process. 24(3) (2016) Sonnleitner, R., Widmer, G.: Robust quad-based audio fingerprinting. IEEE ACM Trans. Audio Speech Lang. Process. 24(3) (2016)
41.
go back to reference Srivastava, N., Hinton, G., Krizhevsky, A., Sutskever, I., Salakhutdinov, R.: Dropout: a simple way to prevent neural networks from overfitting. J. Mach. Learn. Res. (JMLR) 15(1), 1929–1958 (2014)MathSciNet Srivastava, N., Hinton, G., Krizhevsky, A., Sutskever, I., Salakhutdinov, R.: Dropout: a simple way to prevent neural networks from overfitting. J. Mach. Learn. Res. (JMLR) 15(1), 1929–1958 (2014)MathSciNet
42.
go back to reference Szegedy, C., Vanhoucke, V., Ioffe, S., Shlens, J., Wojna, Z.: Rethinking the inception architecture for computer vision. In: Proceedings of IEEE Conference on Computer Vision and Pattern Recognition (CVPR) (2016) Szegedy, C., Vanhoucke, V., Ioffe, S., Shlens, J., Wojna, Z.: Rethinking the inception architecture for computer vision. In: Proceedings of IEEE Conference on Computer Vision and Pattern Recognition (CVPR) (2016)
45.
go back to reference Thiemert, S., Nürnberger, S., Steinebach, M., Zmudzinski, S.: Security of robust audio hashes. In: IEEE International Workshop on Information Forensics and Security (WIFS) (2009) Thiemert, S., Nürnberger, S., Steinebach, M., Zmudzinski, S.: Security of robust audio hashes. In: IEEE International Workshop on Information Forensics and Security (WIFS) (2009)
46.
go back to reference Vaswani, A., et al.: Attention is all you need. In: Advances in Neural Information Processing Systems (NIPS) (2017) Vaswani, A., et al.: Attention is all you need. In: Advances in Neural Information Processing Systems (NIPS) (2017)
47.
go back to reference Wang, A.: An industrial strength audio search algorithm. In: Proceedings of the International Society for Music Information Retrieval Conference (ISMIR) (2003) Wang, A.: An industrial strength audio search algorithm. In: Proceedings of the International Society for Music Information Retrieval Conference (ISMIR) (2003)
48.
go back to reference Wang, A.: The shazam music recognition service. Commun. ACM 49(8) (2006) Wang, A.: The shazam music recognition service. Commun. ACM 49(8) (2006)
50.
go back to reference White, A.M., Matthews, A.R., Snow, K.Z., Monrose, F.: Phonotactic reconstruction of encrypted VoIP conversations: Hookt on Fon-iks. In: Proceedings of IEEE Symposium on Security and Privacy (S &P) (2011) White, A.M., Matthews, A.R., Snow, K.Z., Monrose, F.: Phonotactic reconstruction of encrypted VoIP conversations: Hookt on Fon-iks. In: Proceedings of IEEE Symposium on Security and Privacy (S &P) (2011)
51.
go back to reference Xu, Y., Frahm, J., Monrose, F.: Watching the watchers: automatically inferring TV content from outdoor light effusions. In: Proceedings of ACM Conference on Computer and Communications Security (CCS) (2014) Xu, Y., Frahm, J., Monrose, F.: Watching the watchers: automatically inferring TV content from outdoor light effusions. In: Proceedings of ACM Conference on Computer and Communications Security (CCS) (2014)
52.
go back to reference Zapr Media Labs: Privacy \(|\) Zapr Media Labs (Zapr discontinued its service in mid 2022. Thus, we can only provide a link to the snapshot of the website) (2022). https://tinyurl.com/rneknwyb. Accessed 22 Apr 2024 Zapr Media Labs: Privacy \(|\) Zapr Media Labs (Zapr discontinued its service in mid 2022. Thus, we can only provide a link to the snapshot of the website) (2022). https://​tinyurl.​com/​rneknwyb. Accessed 22 Apr 2024
54.
go back to reference Zimmeck, S., Li, J.S., Kim, H., Bellovin, S.M., Jebara, T.: A privacy analysis of cross-device tracking. In: Proceedings of USENIX Security Symposium (2017) Zimmeck, S., Li, J.S., Kim, H., Bellovin, S.M., Jebara, T.: A privacy analysis of cross-device tracking. In: Proceedings of USENIX Security Symposium (2017)
Metadata
Title
Listening Between the Bits: Privacy Leaks in Audio Fingerprints
Authors
Moritz Pfister
Robert Michael
Max Boll
Cosima Körfer
Konrad Rieck
Daniel Arp
Copyright Year
2024
DOI
https://doi.org/10.1007/978-3-031-64171-8_10

Premium Partner