Sound Effects: Exploring Acoustic Cyberweapons
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
| Title |
| |
| Title of Series | ||
| Number of Parts | 335 | |
| Author | ||
| License | CC Attribution 3.0 Unported: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
| Identifiers | 10.5446/48397 (DOI) | |
| Publisher | ||
| Release Date | ||
| Language |
Content Metadata
| Subject Area | ||
| Genre | ||
| Abstract |
|
DEF CON 2762 / 335
8
9
12
14
32
38
41
58
60
61
72
75
83
87
92
96
108
115
128
132
143
152
158
159
191
193
218
230
268
271
273
276
278
295
310
320
321
335
00:00
Sound effectInformation securityStudent's t-testSurfaceCybersexSound effectInformation securitySocial classSurfaceProjective planeCausalityPhysicalismDigitizingMereologyLine (geometry)Cross-correlationResultantUltrasoundStudent's t-testAreaMalwareMultiplication signWordProxy serverChromosomal crossoverComputer animation
02:01
MalwareDigital signalComputer wormVulnerability (computing)MalwareVirtual machineSoftware development kitQuicksortDigitizingPhysicalismGame controllerComputer animation
02:45
MalwareSound effectConsistencyVulnerability (computing)Flash memoryPoisson-KlammerNumberExtension (kinesiology)PlastikkarteTraffic reportingInternet der DingeMalwareVector potentialSound effectCategory of beingComputer animation
03:58
View (database)MeasurementLevel (video gaming)Source code2 (number)Computer animation
04:27
Level (video gaming)Normal (geometry)Machine visionInsertion lossHand fanTerm (mathematics)Sound effectWindowNoiseComputer animation
05:04
UltrasoundBounded variationMechanism designHacker (term)VolumeVibrationThresholding (image processing)Sound effectRange (statistics)Sensitivity analysisReduction of orderChainFunctional (mathematics)Information overloadCross-correlationLevel (video gaming)IntelSubsetSparse matrixImplementationSample (statistics)Context awarenessIRIS-TIntrusion detection systemSound effectNoiseThresholding (image processing)UltrasoundMechanism designMultiplication signMathematicsSelf-organizationShift operatorTraffic reportingBounded variationCentralizer and normalizerFocus (optics)Integrated development environmentVibrationPhysical systemOctaveMusical ensembleImplementationLevel (video gaming)Information overloadCausalityRange (statistics)Electronic mailing listVolume (thermodynamics)ResultantFunctional (mathematics)Different (Kate Ryan album)NumberTerm (mathematics)SubsetBitWeightConcentricCategory of beingPoint (geometry)Maxima and minimaSampling (statistics)2 (number)Archaeological field surveyForm (programming)Film editing40 (number)Right angleInternet forumHarmonic analysisComputer animation
11:06
MetreWeightMeasurementFrequency responseCurvatureCurveDiagram
11:54
WeightNoiseLevel (video gaming)Measurement1 (number)Sound effectCurveStandard deviationComputer animation
12:58
Computer networkPolygon meshInversion (music)Information securityMiniDiscUltrasoundPlastikkarteDirection (geometry)DistanceSound effectSound effectVolume (thermodynamics)Link (knot theory)AreaTelecommunicationInformation securityNoiseNumberBuildingTrail1 (number)MassGame controllerCausalityProxy serverSimilarity (geometry)UltrasoundLevel (video gaming)Observational studyField (computer science)Game theoryHard disk driveShift operatorExtension (kinesiology)Vermaschtes NetzResonancePhysical systemMereologyBitThresholding (image processing)Direction (geometry)ResultantObject (grammar)Computer animation
16:45
Level (video gaming)HypothesisSubsetSound effectSynchronizationMalwareCausalityVolumeFunction (mathematics)Maxima and minimaPairwise comparisonFrequencyStreaming mediaMetreComputer fontStaff (military)Scale (map)Self-organizationGradientVolume (thermodynamics)Lamb wavesFunction (mathematics)ResultantComputer fileMetreCodeComputer fontFiber bundleSubsetPhysical systemMaxima and minimaAddress spaceEndliche ModelltheorieDescriptive statisticsLevel (video gaming)Sound effectMalwareSelf-organizationGradientVibrationPosition operatorNoiseProduct (business)Local ringVector spaceStaff (military)Scaling (geometry)BitCausalityComputer animation
19:11
Integrated development environmentSoftware testingIntegrated development environmentKeilförmige AnordnungNoise (electronics)InfinityDisk read-and-write headSpacetimeComputer animation
20:18
MalwareVolumeAsynchronous Transfer ModeLocal ringControl flowVulnerability (computing)Computer networkDirect numerical simulationScripting languageStreaming mediaPlastikkarteVibrationDiaphragm (optics)Cone penetration testUser profileLaptopDirection (geometry)Parametrische ErregungInterface (computing)Data storage deviceWebsiteWeb browserClient (computing)Volume (thermodynamics)MalwareLaptopComputer fileLamb wavesPhysical systemWindowFiber bundleVulnerability (computing)Diaphragm (optics)Charge carrierCone penetration testSurfaceUltrasoundProfil (magazine)SoftwareSource codeParametrische ErregungDirection (geometry)Arithmetic meanData storage deviceLocal area networkPhysicalismInternetworkingWebsiteInterface (computing)Address spaceServer (computing)MetreVibrationDirect numerical simulationScripting languageWeb 2.0Streaming mediaGame controllerSocial engineering (security)Computer animation
22:23
2 (number)YouTubeSound effectMusical ensembleLevel (video gaming)Computer animation
23:00
MetreSocial classGradientRange (statistics)MeasurementSample (statistics)Bit rateSingle-precision floating-point formatCache (computing)SurfaceLaptopPlastikkarteMobile WebVibrationParametrische ErregungMeasurementSocial classMetreLaptopMaxima and minimaLevel (video gaming)ResultantRow (database)40 (number)NoiseVideo gameSystem callPlastikkarteInstance (computer science)Range (statistics)Perspective (visual)Electronic mailing listArithmetic meanWeightComputer animationDiagram
24:52
LaptopVibrationMobile WebParametrische ErregungPlastikkarteSoftware testingEvent horizonQuicksortNoiseRange (statistics)VibrationLevel (video gaming)Software testingMultiplication signMusical ensembleEvent horizonConnectivity (graph theory)Row (database)BitResultantComputer animation
26:10
InformationFreewarePressureCursor (computers)Component-based software engineeringSoftware testingGreatest elementDifferent (Kate Ryan album)Sound effectWater vaporMereologyConnectivity (graph theory)Distortion (mathematics)Right angleRange (statistics)Parametrische ErregungComputer animation
27:23
Cursor (computers)InformationComponent-based software engineeringParametrische ErregungVolumePortable communications deviceForcePlastikkarteHazard (2005 film)SynchronizationDistortion (mathematics)Feasibility studyNoiseSoftware testingLocal ringTerm (mathematics)Sound effectLevel (video gaming)MalwareUltrasoundLaptopFeasibility studyPhysicalismEndliche ModelltheorieReal numberExtension (kinesiology)Spectrum (functional analysis)Connectivity (graph theory)PlastikkarteCASE <Informatik>CodeInstance (computer science)Volume (thermodynamics)Charge carrierLamb wavesDiagramComputer animation
29:51
Mobile appRange (statistics)Limit (category theory)HeuristicUltrasoundMessage passingLevel (video gaming)VolumeAndroid (robot)Endliche ModelltheorieObservational studyMeasurementMenu (computing)Sound effectLink (knot theory)Source codeThresholding (image processing)Cartesian coordinate systemMessage passingUltrasoundIntegrated development environmentMetreSubsetProof theoryLevel (video gaming)Mobile appCASE <Informatik>NoiseObservational studySmartphoneAdditionMobile WebNumberHeuristicVolume (thermodynamics)Android (robot)SoftwareMeasurementComputer programmingResultantLaptopInstance (computer science)WindowSound effectFrequencyOpen sourceComputer animation
32:05
Integrated development environmentSound effectImplementationLevel (video gaming)Sound cardResultantRegular graphAreaThermal conductivitySampling (statistics)Context awarenessBitWeightStandard deviationComputer animation
33:13
Scale (map)AreaRange (statistics)Software testingSound effectExtrapolationDigital signalSurfaceSurfaceField (computer science)Limit (category theory)Sound cardAddress spaceFlow separationReal numberRange (statistics)Complex (psychology)Software testingTerm (mathematics)Sound effectLaptopMultiplication signAdditionVariable (mathematics)Online chatIntegrated development environmentData conversionPhysical systemScaling (geometry)CASE <Informatik>NoiseFiber bundleVulnerability (computing)NumberComputer wormBitExtrapolationComputer animation
36:01
Touch typingElectronic mailing listAddress spaceEmailSlide ruleSound effectBitComputer animation
36:35
Maxima and minimaComputer animation
Transcript: English(auto-generated)
00:00
This is sound effects exploring acoustic cyber weapons with Matt Wixey. Okay uh hi everyone yeah so this is sound effects exploring acoustic cyber weapons uh my name is Matt Wixey I lead security research for PwC UK cyber security practice uh I'm also a part time PhD
00:23
student at University College London which is there where this work comes from. Uh prior to joining PwC I worked in law enforcement in the UK for a few years and previously spoken at uh Black Hat and Defcon and other comms as well. So a few disclaimers before we get started this work was undertaken as part of my PhD research at
00:41
UCL uh it wouldn't have been possible without my supervisors and co-authors for this project uh professor Shane Johnson and professor Emiliano de Cristofaro. Uh what you're gonna see here is presented for educational purposes only. And um you'll also notice throughout this talk that I mention uh words like caviar and possibly and potentially quite a lot. Um that's kinda for two reasons the first is not to kinda
01:04
spread uh fear uncertainty and doubt about the topic of this talk. But also because this is really early first stage research in an area where there's often uh a really blurred line between correlation and causation so that's why those caveats are there. So why
01:21
this talk why this subject? Uh so a couple of years ago at Defcon I did a talk called see no evil hear no evil which was about uh using light and sound uh to exfiltrate data and mess with drones and bypass air gaps and that kinda thing. And as a result of that kinda got really interested in uh in ultrasound and infrasound kind of unconventional uh uses of sound generally. So why should you care about this
01:44
talk and this topic? Uh potentially it's a novel class of attack which we have done some uh empirical experimentation on. Uh it's an increasing attack surface as well. Uh and it builds on previous work around malware and physical harm uh acoustic harm more generally and uh digital physical crossover attacks. So uh brief bit of background. Um
02:05
probably kind of one of the earliest uh one of the early examples of digital physical malware was Stuxnet obviously in 2010. Um also things like Mirai uh the IOT botnet. Um more recently some work that was done on things like MRI machines. Um there have
02:20
been examples pre uh prior to those of malware uh accidentally uh or inadvertently affecting physical kits so the Conficker worm in 2008 infected uh hospital equipment as did WannaCry to some extent. Uh there have been um vulnerabilities found in medical implants, things like pacemakers, insulin pumps, that sort of thing. Um and various vulnerabilities in vehicles as well which potentially will allow an attacker to
02:43
take control of them um and potentially cause harm. But typically with that kind of research there's an indirect relationship between the attack, the effect uh and the uh potential harm that's caused. And to some extent what my research focuses on is trying to take out um one of those steps and instead looking at malware or attacks that can
03:04
directly affect human beings, either psychologically or physically. Uh and some examples of the kind of things that would fall under that bracket uh would be Kevin Paulson's report in 2008 on attackers who uploaded uh flashing gifts to an epilepsy support forum. Uh and those gifts flashed in patterns consistent with those known to
03:22
induce uh photosensitive epileptic seizures and a number of people had seizures as a example. Uh similarly uh Oluwafemi and others in 2013 and Ronan and Shamir in 2016 looked at hacking smart light bulbs uh and specifically found that they could make those flash again in patterns consistent with uh photosensitive epileptic seizures. More
03:43
recently Rios and Butts in 2017 uh in their kind of um uh ongoing research on IoT vulnerabilities found that they could uh attack an IoT car wash um and cause it to strike a human being. So when you think about sound as a weapon, um this isn't my chart,
04:03
um this is a kind of pretty simplistic view of how long you should be exposed to sounds at certain levels. Um now this uses decibels, decibels is an often misunderstood measure of sound because it's not an absolute measure, it's a relative measure, depends how far away you are from the source of the sound. But you can see when you get up to something like a hundred and fifteen decibels, really you
04:22
can only be exposed to it for around thirty seconds before either temporary or permanent harm starts to occur. And another chart, again not mine, just shows you kind of where some of these sounds are categorized in terms of the effects that they can have. Um so starting with um, starting with uh fifty decibels um you have a floor
04:42
fan which is kind of background noise, lawnmower and chainsaw, possibly damaging sounds again depends how close you are to it. A jet taking off uh again depending how close you are it could cause pain. Um two hundred decibels potentially could be uh instant death and then the loudest sound known to humanity is the Windows XP startup
05:01
sound. Okay so um acoustics and harm and perceptibility so what can we hear? So you've probably heard the terms ultrasound and infrasound before and traditionally they're defined as being sounds which are either above or below uh human thresholds of hearing. Traditionally that threshold is twenty hertz to twenty kilohertz um however it's
05:26
a bit of a misconception um as we'll see you can't kind of put these arbitrary cut off points here. Um threshold's very widely and it depends a lot from person to person what frequencies you're able to hear at what stage in your life as well. Uh if in this
05:41
talk if you see HFN high frequency noise that means between seventeen to twenty one kilohertz so from near ultrasound just above true ultrasound and if you see LFN that means sixty to a hundred hertz. The problem with um with ultrasound and infrasound is that basing a definition on a lack of a property is a problem um because the mechanisms of
06:04
people understanding high and low frequencies or perceiving um high and low frequencies is not fully understood. People have reported being able to hear sounds as low as one point five hertz and as high as twenty five kilohertz um and there's also been some research which suggests that at some level uh we are aware of sounds even as high as
06:23
forty kilohertz whether that's kind of consciously or subconsciously. And there is a significant variation in individuals as to what sounds you can hear. It depends on the volume, it depends on the background noise, it depends on the environment you're in so what the walls are made of for example. Um you may perceive sounds in different ways to other people so with low frequency sounds you may feel it more as vibration than
06:43
anything else. Um you may perceive what are called audible sub harmonics which are kind of you can think about them as kind of side effects of a dominant frequency. Um and as you um grow older your ability to hear higher frequencies declines. Um so younger people, children um are much more likely to be able to hear higher frequencies than
07:03
adults. Now there have been a lot of reported adverse effects with both high and low frequency noise. Um these do come with a lot of caveats um so bear that in mind. Um the susceptibility from person to person will differ uh as we've said um
07:20
particularly with age as well. Um there are some reports do suggest that uh high frequencies can have an adverse effect on hearing, they can cause something called a temporary threshold shift which is where your kind of audible range will uh will shift temporarily. Um at more uh um increased volumes and amplitudes there have been
07:41
reported physiological changes as a result of high frequency noise including things like cardiac neurosis, hypertension and functional changes in cardiovascular and central nervous systems. Psychologically high frequency noise has been reported to cause nausea, fatigue and headaches, tinnitus and ear pain, irritation um and decreased amounts of concentration. These are subjective effects so bear that in mind. Uh with low
08:05
frequency noise it's um been associated with temporary threshold shifts um with heart ailments and insomnia and with elevated cortisol levels. And psychologically the most common uh reported effect of low frequency noise is annoyance or irritation um but it has
08:21
also been associated with headaches and palpitations, uh deterioration in performance, um depressive symptoms and distress and interestingly these effects have been reported even at very moderate levels of sound um so somewhere between 40 to 45 decibels. The caveats I mentioned with all of these adverse effects if you go back
08:41
and look at the papers uh the data is often anecdotal um it's often done through the form of questionnaires or surveys after the fact uh very easily misinterpreted. We don't always know uh the noise dose which is the um amount of time that someone's been exposed to these frequencies and at what level um and many researchers have found that these effects
09:00
are not reproducible in a lab environment. Uh and there's a number of reasons why that could be um the first is that there are ethical restrictions quite rightly placed on researchers exposing human subjects to sounds which they have good reason to believe could cause harm. Um so in a lab environment those levels would be attenuated um and therefore might not cause the effects that have been reported in the literature. The other
09:21
example is that some people may have experienced something called a nocebo effect so they either believe uh they're being exposed to a certain uh level of noise or they are being exposed to it and experiencing these, experiencing these symptoms but the two might not necessarily be related. That being said there is a significant base uh evidence base to suggest that in at least a subset of the population high and low
09:44
frequencies can cause some adverse effects. As a result of that uh a lot of researchers and organizations have developed exposure guidelines which uh are basically kind of uh um define the maximum levels at which you should be exposed to sounds at particular frequencies. Now there are problems with these uh there are uh big
10:04
differences in the way that they're calculated and implemented. Typically they're focused solely on the workplace so they don't focus on uh homes or public spaces or schools. Um they're often based on very small samples and those samples are most often uh adult males. So they don't take into account children for example who as I
10:21
said can hear uh higher frequencies that are um much, they're much more likely to be able to hear higher frequencies than adults. This is a compendium of some of these guidelines uh this was compiled by uh an academic called Timothy Layton and you can see across the top you've got the various different frequencies. Now these are not precise frequencies, they're the center of a range of frequencies called a third octave
10:43
band. Um and then on the left you can see the uh guidelines that go all the way back from the mid 60s right up to 2015. This isn't necessarily an exhaustive list but just by looking at this you can see two things. The first is that um as you increase the frequency the maximum exposure goes up to some extent. The second is there's a big
11:02
disparities between some of these numbers because they're calculated in different ways. So just a quick thing on weighting as well if you've ever done any sound measurement you'll be familiar with weighting. Uh sound weighting is a way to either attenuate or emphasize certain frequencies when you're doing a measurement of sound. Um so A weighting is the most commonly used if you buy a sound level meter online or
11:24
hardware store or somewhere like that it will most probably use A weighting. Um and as you can see A weighting uh significantly underestimates lower frequency sound um because it kind of the curve decays away at the start. Uh then uh it also underestimates higher frequency sound it decays away at the end. Um C weighting is another example
11:41
you can see there's less of a decay but it still does decay to some extent. Um you've also got Z weighting which is uh mostly what we used for this experiment because it's a flat frequency response so it doesn't attenuate or emphasize. So um yeah as I said so with uh A weighting it's inappropriate for
12:01
measuring high frequency noise because it underestimates those higher frequencies um so Z weighting is probably much more appropriate. With low frequency noise there are less guidelines available fewer guidelines available. Um a possible reason for that might be that the main effects of low frequency noise are subjective at moderate levels um but again even with the ones that have been published the methodology used to calculate
12:22
them and implement them differs a lot. So uh for this experiment we used a reference curve proposed by Defra which um took into account a lot of previously published curves. Um measurements of infrasound specifically used something called G weighting which is an ISO standard specifically for infrasound because we were um going higher
12:41
than that we didn't use G weighting. So this is the uh the guideline for low frequency noise published by uh Morehouse um and as you can see some of these levels are pretty low um particularly when you get to kind of 50 hertz, 63 hertz um you're talking about kind of 43, 42 decibels, something like that. Okay uh so some previous work
13:02
looking at sound in security research. One of the most common uh uses of high frequency noise particularly in security research has been as a covert communications channel. Um so Deschatelles in 2014, Hansback and Gertz also in 2014 looked at kind of covert mesh networks and how uh devices could communicate silently with each
13:22
other using high frequency noise. Uh in my Defcon talk a couple of years ago I did a similar thing um with air gap bypasses and exfiltrating data. Um and an interesting kind of finding from a lot of this research is that many consumer devices um are capable of emitting high frequency noise even up to kind of ultrasonic levels. There's also been
13:42
our research looking at the disruption of echolocation systems which use ultrasound. Um so again in that Defcon talk I showed that with drones. Um Jan and others in 2016 looked at it for Tesla vehicles. Um Bolton and others in 2018 looked at corrupting data being written to hard disk drives using both high frequency and kind of audible audio. And then uh there's been a number of studies on looking at ultrasonic
14:04
tracking beacons as well which are used for uh for targeted marketing. So some questions I always get asked um before we kind of get into the the main bit of the um uh the talk. First is the brown note. Um I can I can hear some laughs so I I know some people are familiar with the brown note. If you're not familiar with it it's this kind of
14:23
mythical tone or mythical frequency that causes people to lose control of their bowels hence the name. Um in reality um no one's kind of been able to find this this mythical frequency. Um part of the reason for that probably is that um any sound potentially if
14:40
it's loud enough could cause you to feel sick, could cause your body to vibrate and potentially have that effect. Um but there's no kind of one frequency that would work for everybody. If you're kind of playing sounds at that volume you've probably got kind of bigger uh bigger worries basically. Um another one I get asked about as well is the link between infrasound and the paranormal. Um sometimes infrasound is referred to as
15:02
like the ghost frequency or the horror frequency. Um it's often or it has been used in things like horror games and horror movies as well. Um I'd kind of direct you to a couple of really interesting papers on this. Tandy in 2000 and Parsons and others in 2008 who um looked at the possibility of infrasound at resonant frequencies causing people to
15:22
have hallucinations um or to kind of sense a presence in areas associated with paranormal experiences. Um it's a subject that gets debated a lot um in in that field but it it's worth kind of having a read over. Um and the last one is the US embassy in Cuba and kind of what happened there. Um I would direct you to a paper by Timothy
15:41
Layton in 2018 which goes into some detail about um the sounds that were recorded in that area and um the possibility or not of that being uh a sonic attack. So when it comes to kind of acoustic weapons in general there are a lot of misunderstandings around them and a lot of myths. Um as researchers have noted there are kind of significant
16:02
practical issues associated with actually deploying them um which uh to a large extent applies to this research as well. So the fact that attackers can cause something like threshold shifts is probably not of interest to them generally um and it's really challenging to cause kind of directional targeted effects with acoustic weapons. With low
16:21
frequency noise uh that can propagate very easily, can spread over miles potentially. Um but obviously it's got very low directionality as a result and uh you would need to build massive kind of audio equipment to be able to do that. With high frequency it's got very low propagation, it doesn't deal with obstacles well um which is why it's used for echolocation because it bounces off of objects. Um so again there's there's uh an
16:44
issue there. So uh moving on to our experiment um so this is kind of how we built the um uh the hypothesis for this. So we said okay given that some high frequencies and some low frequencies might be imperceptible to at least a subset of the population and given
17:01
that above certain levels they may be associated with adverse effects and given that some consumer equipment has been shown that it can uh emit at least high frequency noise, possibly low frequency noise as well, is it possible, is it feasible for an attacker to develop malware that can cause a targeted device to emit these frequencies at levels exceeding those in some of these maximum guidelines and therefore potentially cause
17:24
adverse effects? So a rough outline of what we did is we developed uh attacks and malware pretty kind of trivial uh malware targeted at certain devices which was able to control the system volume and the speaker output of those devices and as a result play wave files
17:41
containing certain frequencies which we then measured with a sound level meter and compared that that compared that output uh to maximum permissible levels. So we didn't use any human subjects for this experiment um because of ethical restrictions uh quite rightly um we did a full risk assessment um we had various safety precautions, we wore ear defenders, we used an anechoic chamber which I'll talk about in a bit um and we're not
18:05
releasing either code of the attacks that we did or the brands or models that we tested these attacks on. So some scenarios where an attacker might want to use this and again this is kind of caveated quite heavily um if they were seeking to affect the performance or productivity of targeted or generally uh employees or staff at an
18:22
organization um or at scale um targeted harassment of certain individuals or potentially as kind of low grade uh cyber weapons that could have some physical effect. Uh worth noting that you know if an attacker is in a position to execute code on a device then there are more likely going to be things that they're more interested in doing and
18:41
even when it comes to sound uh there may be things that they're more interested in doing um than this attack so they may be more interested in kind of um you know C2 channels with that um or something else. So just um a description of some of the devices we tested on the left hand side, a laptop, a phone, a bluetooth speaker, a smart speaker, a pair of over ear headphones, uh a vehicle mounted public address system, a
19:05
parametric speaker and a vibration speaker and um you can see here some of the attack vectors and whether this was kind of remote or local. Uh this was our anechoic chamber um has anyone ever been in an anechoic chamber before? Oh wow okay quite a few people it's weird right? Like really weird um so if you haven't been um I really
19:24
recommend you if you get the chance to do it do it. Um so basically an anechoic chamber is a sound proofed environment but it's designed specifically to get rid of echoes um so these kind of wedges on the walls are fiberglass wedges that that um bounce echoes back and forth between them so that they dissipate. Um and essentially what this means is you
19:42
can be in this room and the ambient noise level is below the threshold of human hearing so it is kind of one of the quietest places in the world um you can hear your own heart beating if you kind of move your head you can hear like your spine creaking in your neck although that kind of might be more something that I should get checked out um but um yeah um so it's really cool um and what's kind of really kind of
20:04
creepy and cool about it is um if you kind of close your eyes or you turn the lights off then uh acoustically an anechoic chamber is an infinite space because there's no walls or obstacles to bounce sound off uh which I just think is really cool. Um so for Windows malware which is on laptops we embedded these tones as wave files we had a really
20:24
trivial C2 channel and all the malware did uh was it would get a command to play a certain frequency it would increase the system volume of the laptop to 100 percent play the tone for 10 minutes and then restore the volume afterwards. Android malware did exactly the same thing. Our smart speaker uh the one we used had a known
20:42
vulnerability um that allowed us to control the audio so for this to work in practice the attacker would need to either be on the local network um or attack an exposed speaker on the internet or do DNS rebinding or something like that. Um there was a python script we used to scan for speakers on the local network and if inactive stream a tone from an attacker
21:01
controlled web server. The headphones um were ovary headphones connected to the laptop over bluetooth because the headphones we placed these much closer to the sound level meter. Uh we had vibration speakers which are really cool if you haven't used these before um so these don't have a diaphragm cone instead they have like a coil and a movable plate so whatever surface you use whatever surface you put them on that
21:22
becomes um the kind of the source of the sound if you like. Um parametric speakers again these are really cool if you get a chance to play with these so these use ultrasonic carrier waves at 40 kilohertz um meaning that you can use them for kind of quite high intensity directional audio so kind of like a beam of sound. Um the
21:44
audio is fairly low profile and fairly low cost and that it can be directional it might be attractive to an attacker as like a portable acoustic weapon. Um a vehicle mounted public address system so this didn't have any network uh interfaces instead it auto plays audio from an inserted storage device so you would need physical access um to it. Some
22:02
additional attacks that we thought of but didn't test. The first is using uh the HTML5 audio tag to auto play audio um so this would involve like a a social engineering attack with an attacker getting a victim to visit a website and then have the sound play automatically um this would obviously depend on the the currently set system volume um
22:22
so not guaranteed to work. And then we also used um manipulation of pre-existing audio so this would be uh either something where an attacker has access to like your uh I guess your music collection or something or where they're kind of creating a YouTube video that they know people are gonna watch and what you would do here is take the legitimate audio lower the amplitude of it and then insert a very high amplitude uh high
22:44
frequency or low frequency sound um which would look like this uh second picture here. So the kind of intended effect of this is that the victim uh using their headphones or speakers or whatever would turn the sound up so they can hear the legitimate audio and then inadvertently expose themselves to high levels of whatever frequency it is. Uh just
23:01
another illustration of that there. So for measurement we use class one sound level meters um these are precision grade, they're spot calibrated uh they're really really expensive to buy um but we hired them um so we hired one for the low frequencies, one for the um uh higher frequencies um and if you ever feel like you don't have enough
23:20
excitement in your life um have a a courier call you and tell them that they don't have any record of you sending this stuff back um and that you might owe a company twenty thousand pounds and it puts everything else in in perspective. Um so we placed each device in the anechoic chamber with our sound level meter and then via our tax we played certain frequencies um for ten minutes. We also measured the surface temperature of
23:45
each device before and after the attack because there was some anecdotal evidence that um or some uh anecdotes to suggest that particularly with higher frequencies devices could heat up if they were playing high frequency noises. So we used z-weighting for the measurement um the only thing we didn't use z-weighting for was measurements at
24:02
twenty one kilohertz because that's outside the range of uh z-weighting so we used a proprietary high pass filter for that. And here's the results um for high frequency noise. So instances where the levels are um above those in maximum guidelines are in bold. So you can see the smart speaker at seventeen kilohertz and the headphones at
24:21
seventeen kilohertz um both exceeded those maximum guidelines and then the parametric speaker did the same for seventeen kilohertz, for twenty one kilohertz and for forty kilohertz as well. Now uh what we're comparing to here is a mean average of that big list of uh guidelines that I showed you earlier um that was in uh a paper by Timothy Layton. So you can see things like the laptop and the phone are not capable of
24:44
producing sound exceeding those maximum guidelines so it's a minority of devices um in a minority of frequencies that are capable of doing this. With low frequency noise uh similar story so again a minority of devices here it was the bluetooth speaker at two of those frequencies uh smart speaker at all three and the headphones at a hundred hertz. Now
25:03
particularly when you get to kind of the upper range of um the this this kind of low frequency noise this might be more audible um and would therefore be less suitable as kind of a covert attack um and I'll speak a bit about audibility uh in a minute. Some other results of interest so the vibration speaker uh is no good for low frequency because
25:23
it vibrates so much that it falls over um so every time we open the the chamber door the speaker's lying on the floor um the smart speaker uh when we open the chamber there's a really strong smell of burning plastic um and when we kind of uh tested this um we found that it was actually permanently damaged. So this is kind of what
25:40
happened in the ten minutes um that this smart speaker was being tested. You can see the damage starts to occur in like the second minute this was at uh seventeen kilohertz. After five minutes there's some sort of critical event where a component burns out and then immediately the the decibel level drops uh and never recovers. And what we we actually found was that we had permanently damaged this speaker um and we
26:01
had made it unable to reproduce frequencies above five kilohertz. Um so we took recordings of music um before we did the test and after we did the test and looked at the spectrograms uh and on the top is before the test and on the bottom is after the test. So uh this is a permanent effect as well so we've kind of permanently impaired that speaker. Um I'd love to be able to play it to you cause it's copyrighted I
26:24
can't um but it's kind of sounds like someone um singing like underwater or in kind of like a metal uh tank or something like that. So it kind of really makes a difference to audio quality. So we reported that to the manufacturers who were really responsive and they told us that um updates had been rolled out to address it to
26:42
address it sorry. Um now looking at audible components because this is kind of a key thing for this attack um part of kind of the premise of this as a successful attack is relying on the fact that users wouldn't be able to hear it. So depending on the device you get more or less audible components in kind of audible ranges. If you look at headphones for example this big spike to the right is the target frequency which was 17
27:04
kilohertz so that's kind of an intended effect um and then you can see to the left you've got kind of um uh different frequencies there um which are pretty low so if you're wearing headphones and and this happens you might kind of notice something it might appear as kind of distortion or popping or something like that but um it
27:22
wouldn't be that noticeable. Conversely if you look at the parametric speaker um the intended tone is still high but there are uh much higher levels of other more audible frequencies which means this would be kind of less suited for some kind of stealthy attack. So implications of this with the headphones um that it's a significant concern
27:43
because headphones are increasingly used particularly by young people high volumes and to some extent they're device agnostic so you can kind of plug plug it into a laptop or a laptop. Um it might be possible for an attacker to kind of um improve that malware by for instance only triggering certain frequencies when uh headphones are connected um so when
28:02
that kind of device registers. Um with the parametric speaker um it does produce a lot of audible components but it might be attractive to some attackers as kind of a portable low cost acoustic weapon. In any case the fact that it's using kind of those ultrasonic carrier waves at 40 kilohertz at pretty high levels means that it could be a uh public
28:20
health risk. With the bluetooth and smart speakers um more difficult to attack with the bluetooth speakers you would obviously need to kind of pair with them uh with the smart speakers though um we could permanently damage them with the high frequency noise um potentially that burning out of components could be a fire hazard as well um and other models might be vulnerable. So in terms of feasibility um the attacks that we
28:45
discovered were viable on a minority of devices so out of the kind of 10 tests that we did you're talking about kind of a handful of 2 to 4 devices. Um for this attack to succeed you're relying on attackers not oh sorry on victims not perceiving uh the sound
29:01
on them being susceptible to the adverse effects of that sound um and for them being exposed for long enough to that sound for it to have an effect. Remember that our tests were only 10 minutes. So for example if I kind of played a 20 kilohertz tone in this room now uh you know a fairly high level um some of you would hear it and and not be affected by it, some of you would hear it and probably feel uncomfortable, some of you
29:22
wouldn't hear it and wouldn't notice, some of you wouldn't hear it and might feel uncomfortable. So it's a real kind of spectrum um so yeah it's kind of a lot of obstacles for an attacker to overcome for this um for this attack to work and as I said some attacks require kind of physical or local access as well. And crucially attackers might be interested or more interested in other avenues um so if they have kind
29:44
of code execution on a laptop for instance or a phone, it's likely that there's other stuff they're interested in. Um okay so moving on to countermeasures. So uh Deschatels in 2014 uh suggested a number of kind of applicable countermeasures for these kind of attacks. The first is to limit the frequency range of speakers. So many speakers have a
30:04
frequency range that's uh goes up to kind of 20 kilohertz or above um which in most cases is not needed uh depending on what you're using them for. Uh visibly alerting users when speakers are in use by an app or a software program. Doing some kind of filtering uh during processing to remove high or low frequency noise if it's not needed. And uh with
30:23
mobile specifically some kind of permissions restriction so that if an app wants to use the speaker you have to kind of explicitly grant it permission to do so. On the heuristic side um it's very rare that an application, a legitimate application would need access to volume levels. We kind of thought of it a few examples so one would be like a muting
30:41
app for instance. And there are some legitimate uses potentially for ultrasound so Google nearby messages uses um ultrasound in addition to some other comms channels um but generally speaking um there's kind of not many legitimate use cases for that. You could monitor the environment for high or low frequency noise. Um so most consumer
31:01
sound level meters will not go as high or low um as the levels we tested and you do need specialist equipment. That being said there are a couple of Android apps that we used in our pilot study uh ultrasound detector and infrasound detector which we used with uh a pretty cheap external microphone for the Android. Um and there is some studies that suggest um that modern smartphones might be okay for occupational noise
31:23
measurement at least um as long as you kind of accept that there are caveats with that and limitations and that you won't necessarily get a 100% accurate result. Uh we developed a proof of concept uh Windows program um that listens to sound uh coming in from your laptop microphone and pops up an alert. If it hears frequencies uh above a certain
31:42
level and above a certain amplitude um it's adapted from another open source application. Um we are gonna kind of release this on GitHub in uh either this evening or tomorrow morning but obviously don't use it to evaluate if there's actual risk uh of damage or adverse effects to you um or for safety compliance assessments if that's something you want to do then you should really be speaking to a trained
32:01
professional who's got the right equipment. Um but the uh application will be available there. It does it's accuracy and it's kind of performance does depend a lot on the uh microphone you're using and the sound card you're using and that kind of stuff. Um but if you want to have a play with it and kind of see how it works then uh please do. At the um at the policy level um it's really important that I think
32:24
that these guidelines are reviewed um and that there's some kind of standardization um put in place for these. Um because as noted before they're often inadequate due to their methodology, the fact that they underestimate certain frequencies because of the weighting that's been used, um the fact that they are predominantly around occupational context and that the samples are very small and
32:43
based on adult men um and in no way kind of um give you any kind of uh indication if you're somewhere outside of an occupational context as to what sounds are kind of tolerable for health. Um depending on what area of the country you're uh sorry depending on what area of the world you're in um you may have
33:01
legislation that pertains to uh sound exposure um whether that's low frequency, high frequency or just in general um and ideally your employers would um as uh a result of that conduct regular checks. So uh to sum up then um this was a first stage bit of research uh on a very small scale. We looked at a very limited number of devices, we
33:24
looked at very short exposure times of 10 minutes um without human experimentation. There's also the note that like the smart speaker uh if a device is forced to continually play high or low frequency noise then it may burn out anyway um but it may take kind of several days for that to happen. Um so we also didn't do any human
33:41
experimentation on uh perceptibility as to whether uh humans will be able to actually be able to hear this sound and that's just a kind of limitation of research in this field generally um because of kind of ethical concerns. So more research is definitely needed on uh the risk of high frequency and low frequency noise um that could include like a wider range of equipment um so in addition to testing um the devices that
34:05
we tested you could look at things like IP phones for example and it wouldn't necessarily have to be an attack against them it might just be kind of injecting uh tones into a conversation um you could look at kind of uh attacks on a larger scale whether that's something like uh a kind of uh worm attack against you know 50 laptops
34:24
in a soundproofed environment or whether it's looking at kind of big devices like um public address systems um on a big scale though logistically obviously that would come with some challenges. Um testing these overheating effects on other devices would be really cool to see if that um that's something that's common across a lot of
34:40
speakers. Um so more work on countermeasures so you know one of the encouraging things about this research is that uh whilst the attacks we developed are pretty trivial there are a lot of caveats around it and the countermeasures are also trivial um in in in many um cases so that's kind of encouraging as well. Obviously the ethical restrictions do make kind of extrapolation to real world effects pretty challenging um
35:04
it's difficult to be able to say whether or not these attacks would actually allow you uh allow an attacker to have any effect on people um because there are so many variables um so we've only kind of really scratched the surface in terms of what can be done in this field um so definitely if you're kind of interested in this field you
35:20
want to kind of chat about it a bit more then then get in touch with me. So just to sum up um so it's likely that um attackers might become increasingly interested in leveraging vulnerabilities against humans um and kind of having digital physical effects. Certainly the attack surface for these devices is likely to grow and potentially any device with a speaker um obviously depending on on kind of it's sound card and and um
35:44
complexity could be used for this kind of attack. Um and crucially the lack of consensus around kind of adequate safety guidelines is a real challenge. However as I said kind of countermeasures are available, they will work um and the real world consequences of his attack is something that's yet to be uh ascertained. So um thank
36:03
you very much um if you want to get in touch with me that's my Twitter handle and my email address um I'm gonna take questions uh at the far end of the hall out in the hallway um if you're interested in any of this stuff there is uh an exhaustive list of references at the end of this slide um at the end of this slide deck um which cover kind of
36:22
acoustic weapons, ultrasound, infrasound, human effects of those um and various other bits and pieces as well. Um I can play with more references if you're interested um but there you go some are reading for you. So um thank you very much for listening um and as I said I'll take questions out the back and thank you very much.