Creative but only semi-useful snooping hack
Uni eggheads have stolen 3D printing designs by monitoring the acoustic and electromagnetic signatures of a printer in action using a nearby smartphone.
The team, based at the University at Buffalo in New York state, used a Nexus 5 to eavesdrop on production.
The mobe uses a Qualcomm WCD9320 audio codec and Asahi Kasei 3D Magnetometer Sensor AK8963, which can be adapted by software to collect audio and electromagnetic signals from the printer.
By correlating the data, the team was able to reproduce a printed design with 94 per cent accuracy.
“The tests show that smartphones are quite capable of retrieving enough data to put sensitive information at risk,” said Dr Kui Ren, a professor in the university’s Department of Computer Science and Engineering, and coauthor of a paper describing the surveillance work.
The bulk of the useful data, some 80 per cent, came from electromagnetic signals from the target printer.
The printing nozzle’s position is controlled by stepper motors and the team found the position of the nozzle could be determined based on the emissions made by these motors.
This was cross-referenced against acoustic data from the lateral movements of the nozzle – although this was tricky, as the head makes a very similar sound when it moves along an axis, such as side-to-side or up-and-down.
Nevertheless, when a suitably apped-up smartphone was placed within 20 centimeters of the target printer, the team was able to get an astonishing level of accuracy, losing only 6 per cent of the design.
That dropped off sharply as the phone was moved further away – down to 87 per cent at 30 centimeters and 66 per cent at 40 centimeters.
Looks innocuous, but the smartphone contains a lot of useful sniffers
There are other limitations – the smartphone has to be trained for specific models of printers, for example – and you could argue that it’s easier to simply hack the computer controlling the printer.
But if someone just happened to leave a suitably equipped smartphone next to a printer, it could be used for some useful espionage.
“Smartphones are so common that industries may let their guard down, thus creating a situation where intellectual property is ripe for theft,” said Dr Chi Zhou, assistant professor in the uni’s Department of Industrial and Systems Engineering, and another coauthor.
There is one final problem. Presumably, if industrial espionage is the goal, then 94 per cent accuracy isn’t going to be enough for a complex design – that six per cent is going to be the difference between a design that works and something that fails.
But as a side-channel attack, the team’s approach is inventive and hackers are going to be seeing if they can adapt some of the techniques in other hacking attacks.
The full research will be presented at next month’s ACM Conference on Computer and Communications Security in Austria. ®