A Framework for Inferring Combination Lock Codes using Smartwatches

Wrist-wearables such as smartwatches and fitness bands are equipped with a variety of high-precision sensors that enable collection of rich contextual information related to the wearer and his/her surroundings and support a variety of novel context- and activity-based applications. The presence of such a diverse set of on-board sensors, however, also expose an additional attack surface which, if not adequately protected, could be potentially exploited to leak private user information. In this paper, we comprehensively investigate the feasibility of a new vulnerability that attempts to take advantage of a wrist-wearable's seemingly innocuous and poorly regulated motion sensors to infer a user's input on mechanical devices typically used to secure physical access, for example, combination locks. In this direction, we outline two motion-based inference frameworks: i) a deterministic attack framework that attempts to infer a lock's unlock combination from the wrist motion (specifically, angular displacement) data obtained from a wrist-wearable's gyroscope sensor, and ii) a probabilistic attack framework that extends the output of the deterministic framework to produce a ranked list of likely unlock combinations. Further, we conduct a thorough empirical evaluation of the proposed frameworks by employing unlocking-related motion data collected from human subject participants in a variety of controlled and realistic settings. Evaluation results from these experiments demonstrate that motion data from wrist-wearables can be effectively employed as an information side-channel to significantly reduce the unlock combination search-space of commonly-found combination locks, thus compromising the physical security provided by these locks.