{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T05:01:20Z","timestamp":1750309280715,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":71,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,6,3]],"date-time":"2024-06-03T00:00:00Z","timestamp":1717372800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/100019923","name":"DEVCOM Army Research Laboratory","doi-asserted-by":"publisher","award":["W911NF-17-2-0196"],"award-info":[{"award-number":["W911NF-17-2-0196"]}],"id":[{"id":"10.13039\/100019923","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["1705135","2211301","2312089"],"award-info":[{"award-number":["1705135","2211301","2312089"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000002","name":"NIH (National Institutes of Health)","doi-asserted-by":"publisher","award":["1P41EB028242"],"award-info":[{"award-number":["1P41EB028242"]}],"id":[{"id":"10.13039\/100000002","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,6,3]]},"DOI":"10.1145\/3643832.3661864","type":"proceedings-article","created":{"date-parts":[[2024,6,4]],"date-time":"2024-06-04T17:14:23Z","timestamp":1717521263000},"page":"359-371","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["RefreshChannels: Exploiting Dynamic Refresh Rate Switching for Mobile Device Attacks"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-8206-3499","authenticated-orcid":false,"given":"Gaofeng","family":"Dong","sequence":"first","affiliation":[{"name":"University of California, Los Angeles, Los Angeles, United States of America"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8174-4751","authenticated-orcid":false,"given":"Jason","family":"Wu","sequence":"additional","affiliation":[{"name":"University of California, Los Angeles, Los Angeles, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1843-5830","authenticated-orcid":false,"given":"Julian","family":"De Gortari Briseno","sequence":"additional","affiliation":[{"name":"University of California, Los Angeles, Los Angeles, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1095-2200","authenticated-orcid":false,"given":"Akash Deep","family":"Singh","sequence":"additional","affiliation":[{"name":"University of California, Los Angeles, Los Angeles, United States of America"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-4723-4808","authenticated-orcid":false,"given":"Justin","family":"Feng","sequence":"additional","affiliation":[{"name":"University of California, Los Angeles, Los Angeles, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4232-3345","authenticated-orcid":false,"given":"Ankur","family":"Sarker","sequence":"additional","affiliation":[{"name":"University of California, Los Angeles, Los Angeles, United States of America"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7181-2258","authenticated-orcid":false,"given":"Nader","family":"Sehatbakhsh","sequence":"additional","affiliation":[{"name":"University of California, Los Angeles, Los Angeles, United States of America"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3782-9192","authenticated-orcid":false,"given":"Mani","family":"Srivastava","sequence":"additional","affiliation":[{"name":"University of California, Los Angeles, Los Angeles, United States of America"},{"name":"AWS AI Labs, Amazon, Pasadena, USA"}]}],"member":"320","published-online":{"date-parts":[[2024,6,4]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Hacking statistics to give you nightmares","author":"Cveticanin Nikolina","year":"2023","unstructured":"Nikolina Cveticanin. Hacking statistics to give you nightmares, 2023. https:\/\/dataprot.net\/statistics\/hacking-statistics\/."},{"key":"e_1_3_2_1_2_1","first-page":"50","volume-title":"NDSS","volume":"25","author":"Zhou Yajin","year":"2012","unstructured":"Yajin Zhou, Zhi Wang, Wu Zhou, and Xuxian Jiang. Hey, you, get off of my market: detecting malicious apps in official and alternative android markets. In NDSS, volume 25, pages 50--52, 2012."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_3_1","DOI":"10.5555\/2818754.2818808"},{"key":"e_1_3_2_1_4_1","first-page":"691","volume-title":"24th USENIX Security Symposium (USENIX Security 15)","author":"Backes Michael","year":"2015","unstructured":"Michael Backes, Sven Bugiel, Christian Hammer, Oliver Schranz, and Philipp von Styp-Rekowsky. Boxify: Full-fledged app sandboxing for stock android. In 24th USENIX Security Symposium (USENIX Security 15), pages 691--706, 2015."},{"key":"e_1_3_2_1_5_1","first-page":"427","volume-title":"International Conference on Security and Privacy in Communication Networks","author":"Chandra Swarup","year":"2014","unstructured":"Swarup Chandra, Zhiqiang Lin, Ashish Kundu, and Latifur Khan. Towards a systematic study of the covert channel attacks in smartphones. In International Conference on Security and Privacy in Communication Networks, pages 427--435. Springer, 2014."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_6_1","DOI":"10.1109\/ASPDAC.2016.7428065"},{"key":"e_1_3_2_1_7_1","first-page":"17","volume-title":"NDSS","volume":"11","author":"Schlegel Roman","year":"2011","unstructured":"Roman Schlegel, Kehuan Zhang, Xiao-yong Zhou, Mehool Intwala, Apu Kapadia, and XiaoFeng Wang. Soundcomber: A stealthy and context-aware sound trojan for smartphones. In NDSS, volume 11, pages 17--33, 2011."},{"key":"e_1_3_2_1_8_1","volume-title":"A side-channel analysis of sensor multiplexing for covert channels and application fingerprinting on mobile devices. arXiv preprint arXiv:2110.06363","author":"Shepherd Carlton","year":"2021","unstructured":"Carlton Shepherd, Jan Kalbantner, Benjamin Semal, and Konstantinos Markantonakis. A side-channel analysis of sensor multiplexing for covert channels and application fingerprinting on mobile devices. arXiv preprint arXiv:2110.06363, 2021."},{"key":"e_1_3_2_1_9_1","first-page":"603","volume-title":"Narseo Vallina-Rodriguez, and Serge Egelman. 50 ways to leak your data: An exploration of apps' circumvention of the android permissions system. In 28th USENIX security symposium (USENIX security 19)","author":"Reardon Joel","year":"2019","unstructured":"Joel Reardon, \u00c1lvaro Feal, Primal Wijesekera, Amit Elazari Bar On, Narseo Vallina-Rodriguez, and Serge Egelman. 50 ways to leak your data: An exploration of apps' circumvention of the android permissions system. In 28th USENIX security symposium (USENIX security 19), pages 603--620, 2019."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_10_1","DOI":"10.1145\/2420950.2420958"},{"key":"e_1_3_2_1_11_1","first-page":"865","volume-title":"24th {USENIX} Security Symposium ({USENIX} Security 15)","author":"Masti Ramya Jayaram","year":"2015","unstructured":"Ramya Jayaram Masti, Devendra Rai, Aanjhan Ranganathan, Christian M\u00fcller, Lothar Thiele, and Srdjan Capkun. Thermal covert channels on multi-core platforms. In 24th {USENIX} Security Symposium ({USENIX} Security 15), pages 865--880, 2015."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_12_1","DOI":"10.1145\/3098243.3098250"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_13_1","DOI":"10.1145\/3338498.3358650"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_14_1","DOI":"10.1145\/3212480.3212489"},{"key":"e_1_3_2_1_15_1","first-page":"7091","volume-title":"32nd USENIX Security Symposium (USENIX Security 23)","author":"Snyder Peter","year":"2023","unstructured":"Peter Snyder, Soroush Karami, Arthur Edelstein, Benjamin Livshits, and Hamed Haddadi. {Pool-Party}: Exploiting browser resource pools for web tracking. In 32nd USENIX Security Symposium (USENIX Security 23), pages 7091--7105, 2023."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_16_1","DOI":"10.1109\/SP.2012.24"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_17_1","DOI":"10.1145\/2335356.2335360"},{"volume-title":"Sensor rate limiting","year":"2022","unstructured":"Android. Sensor rate limiting, 2022. https:\/\/developer.android.com\/guide\/topics\/sensors\/sensors_overview#sensors-rate-limiting.","key":"e_1_3_2_1_18_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_19_1","DOI":"10.1145\/3243734.3243860"},{"key":"e_1_3_2_1_20_1","volume-title":"USENIX Security","author":"Zhang Yicheng","year":"2023","unstructured":"Yicheng Zhang, Carter Slocum, Jiasi Chen, and Nael Abu-Ghazaleh. It's all in your head (set): Side-channel attacks on ar\/vr systems. In USENIX Security, 2023."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_21_1","DOI":"10.1145\/3460120.3485366"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_22_1","DOI":"10.14722\/ndss.2019.23482"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_23_1","DOI":"10.1145\/3494986"},{"key":"e_1_3_2_1_24_1","volume-title":"Apr","author":"Abraham Ady","year":"2020","unstructured":"Ady Abraham. High refresh rate rendering on android, Apr 2020. https:\/\/android-developers.googleblog.com\/2020\/04\/high-refresh-rate-rendering-on-android.html."},{"volume-title":"Optimizing promotion refresh rates for iphone 13 pro and ipad pro","year":"2021","unstructured":"Apple. Optimizing promotion refresh rates for iphone 13 pro and ipad pro, 2021. https:\/\/developer.apple.com\/documentation\/quartzcore\/optimizing_promotion_refresh_rates_for_iphone_13_pro_and_ipad_pro.","key":"e_1_3_2_1_25_1"},{"volume-title":"Mobile operating system market share worldwide","year":"2023","unstructured":"StatCounter. Mobile operating system market share worldwide, 2023. https:\/\/gs.statcounter.com\/os-market-share\/mobile\/worldwide.","key":"e_1_3_2_1_26_1"},{"key":"e_1_3_2_1_27_1","volume-title":"Graphics","author":"Source Project Android Open","year":"2023","unstructured":"Android Open Source Project. Graphics, 2023. https:\/\/source.android.com\/docs\/core\/graphics."},{"volume-title":"Frame rate","year":"2023","unstructured":"Android. Frame rate, 2023. https:\/\/developer.android.com\/guide\/topics\/media\/frame-rate.","key":"e_1_3_2_1_28_1"},{"volume-title":"Refresh rate callback","year":"2023","unstructured":"Android. Refresh rate callback, 2023. https:\/\/developer.android.com\/ndk\/reference\/group\/choreographer#achoreographer_registerrefreshratecallback.","key":"e_1_3_2_1_29_1"},{"volume-title":"Frame rate callback","year":"2023","unstructured":"Android. Frame rate callback, 2023. https:\/\/developer.android.com\/reference\/android\/view\/Choreographer.FrameCallback.","key":"e_1_3_2_1_30_1"},{"key":"e_1_3_2_1_31_1","first-page":"565","volume-title":"25th USENIX security symposium (USENIX security 16)","author":"Pessl Peter","year":"2016","unstructured":"Peter Pessl, Daniel Gruss, Cl\u00e9mentine Maurice, Michael Schwarz, and Stefan Mangard. {DRAMA}: Exploiting {DRAM} addressing for {Cross-CPU} attacks. In 25th USENIX security symposium (USENIX security 16), pages 565--581, 2016."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_32_1","DOI":"10.1109\/THS.2010.5654967"},{"key":"e_1_3_2_1_33_1","first-page":"645","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Paccagnella Riccardo","year":"2021","unstructured":"Riccardo Paccagnella, Licheng Luo, and Christopher W Fletcher. Lord of the ring (s): Side channel attacks on the {CPU}{On-Chip} ring interconnect are practical. In 30th USENIX Security Symposium (USENIX Security 21), pages 645--662, 2021."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_34_1","DOI":"10.1145\/2750858.2804253"},{"volume-title":"Open android market data","year":"2023","unstructured":"AndroidRank. Open android market data, 2023. https:\/\/www.androidrank.org\/.","key":"e_1_3_2_1_35_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_36_1","DOI":"10.1016\/j.jisa.2015.11.007"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_37_1","DOI":"10.1109\/SP.2019.00072"},{"key":"e_1_3_2_1_38_1","volume-title":"Timing control for script-based animations","author":"Robinson James","year":"2022","unstructured":"James Robinson and Cameron McCormack. Timing control for script-based animations, 2022. https:\/\/www.w3.org\/TR\/animation-timing\/."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_39_1","DOI":"10.1007\/978-3-319-70972-7_13"},{"volume-title":"Browser market share worldwide","year":"2023","unstructured":"StatCounter. Browser market share worldwide, 2023. https:\/\/gs.statcounter.com\/browser-market-share.","key":"e_1_3_2_1_40_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_41_1","DOI":"10.1109\/EuroSP51992.2021.00039"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_42_1","DOI":"10.1145\/1835449.1835513"},{"key":"e_1_3_2_1_43_1","first-page":"397","volume-title":"USENIX Security Symposium","author":"Sikder Amit Kumar","year":"2017","unstructured":"Amit Kumar Sikder, Hidayet Aksu, and A Selcuk Uluagac. 6thsense: A context-aware sensor-based attack detector for smart devices. In USENIX Security Symposium, pages 397--414, 2017."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_44_1","DOI":"10.1007\/s10844-010-0148-x"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_45_1","DOI":"10.1145\/2939918.2939924"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_46_1","DOI":"10.14722\/ndss.2018.23027"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_47_1","DOI":"10.1145\/1866307.1866395"},{"key":"e_1_3_2_1_48_1","first-page":"679","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Wang Yingchen","year":"2022","unstructured":"Yingchen Wang, Riccardo Paccagnella, Elizabeth Tang He, Hovav Shacham, Christopher W Fletcher, and David Kohlbrenner. Hertzbleed: Turning power {Side-Channel} attacks into remote timing attacks on x86. In 31st USENIX Security Symposium (USENIX Security 22), pages 679--697, 2022."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_49_1","DOI":"10.1109\/SmartIoT.2019.00032"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_50_1","DOI":"10.1007\/3-540-68697-5_9"},{"key":"e_1_3_2_1_51_1","volume-title":"USENIX Security Symposium","volume":"2001","author":"Song Dawn Xiaodong","year":"2001","unstructured":"Dawn Xiaodong Song, David A Wagner, Xuqing Tian, et al. Timing analysis of keystrokes and timing attacks on ssh. In USENIX Security Symposium, volume 2001, 2001."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_52_1","DOI":"10.1145\/2976749.2978397"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_53_1","DOI":"10.14722\/ndss.2016.23060"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_54_1","DOI":"10.1145\/3460120.3484549"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_55_1","DOI":"10.1016\/j.cose.2018.09.003"},{"key":"e_1_3_2_1_56_1","volume-title":"NDSS","author":"Sun Ke","year":"2023","unstructured":"Ke Sun, Chunyu Xia, Songlin Xu, and Xinyu Zhang. StealthyIMU: Extracting permission-protected private information from smartphone voice assistant using zero-permission sensors. In NDSS, 2023."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_57_1","DOI":"10.1145\/3307334.3326094"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_58_1","DOI":"10.1109\/SP.2017.39"},{"key":"e_1_3_2_1_59_1","first-page":"549","volume-title":"25th USENIX Security Symposium (USENIX Security 16)","author":"Lipp Moritz","year":"2016","unstructured":"Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Cl\u00e9mentine Maurice, and Stefan Mangard. ARMageddon: Cache attacks on mobile devices. In 25th USENIX Security Symposium (USENIX Security 16), pages 549--564, Austin, TX, August 2016. USENIX Association. ISBN 978-1-931971-32-4. URL https:\/\/www.usenix.org\/conference\/usenixsecurity16\/technical-sessions\/presentation\/lipp."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_60_1","DOI":"10.1109\/TMC.2017.2696945"},{"key":"e_1_3_2_1_61_1","volume-title":"6th USENIX Workshop on Hot Topics in Security (HotSec 11)","author":"Cai Liang","year":"2011","unstructured":"Liang Cai and Hao Chen. Touchlogger: Inferring keystrokes on touch screen from smartphone motion. In 6th USENIX Workshop on Hot Topics in Security (HotSec 11), 2011."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_62_1","DOI":"10.14722\/ndss.2016.23390"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_63_1","DOI":"10.14722\/ndss.2014.23059"},{"key":"e_1_3_2_1_64_1","first-page":"719","volume-title":"23rd USENIX security symposium (USENIX security 14)","author":"Yarom Yuval","year":"2014","unstructured":"Yuval Yarom and Katrina Falkner. {FLUSH+ RELOAD}: A high resolution, low noise, l3 cache {Side-Channel} attack. In 23rd USENIX security symposium (USENIX security 14), pages 719--732, 2014."},{"key":"e_1_3_2_1_65_1","volume-title":"27th USENIX Security Symposium (USENIX Security 18)","author":"Lipp Moritz","year":"2018","unstructured":"Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. Meltdown: Reading kernel memory from user space. In 27th USENIX Security Symposium (USENIX Security 18), 2018."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_66_1","DOI":"10.1109\/SP.2019.00002"},{"key":"e_1_3_2_1_67_1","volume-title":"USENIX Security Symposium","author":"Easdon Catherine","year":"2022","unstructured":"Catherine Easdon, Michael Schwarz, Martin Schwarzl, and Daniel Gruss. Rapid prototyping for microarchitectural attacks. In USENIX Security Symposium, 2022."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_68_1","DOI":"10.14722\/ndss.2020.23018"},{"key":"e_1_3_2_1_69_1","volume-title":"Mastik: A micro-architectural side-channel toolkit. https:\/\/cs.adelaide.edu.au\/~yval\/Mastik\/","author":"Yarom Yuval","year":"2016","unstructured":"Yuval Yarom. Mastik: A micro-architectural side-channel toolkit. https:\/\/cs.adelaide.edu.au\/~yval\/Mastik\/, 2016."},{"key":"e_1_3_2_1_70_1","first-page":"1075","volume-title":"26th USENIX Security Symposium (USENIX Security 17)","author":"Green Marc","year":"2017","unstructured":"Marc Green, Leandro Rodrigues-Lima, Andreas Zankl, Gorka Irazoqui, Johann Heyszl, and Thomas Eisenbarth. {AutoLock}: Why cache attacks on {ARM} are harder than you think. In 26th USENIX Security Symposium (USENIX Security 17), pages 1075--1091, 2017."},{"key":"e_1_3_2_1_71_1","volume-title":"Proceedings of the Symposium on Network and Distributed System Security","author":"Zhang Xiaokuan","year":"2018","unstructured":"Xiaokuan Zhang, Xueqiang Wang, Xiaolong Bai, Yinqian Zhang, and XiaoFeng Wang. Os-level side channels without procfs: Exploring cross-app information leakage on ios. In Proceedings of the Symposium on Network and Distributed System Security, 2018."}],"event":{"sponsor":["SIGMOBILE ACM Special Interest Group on Mobility of Systems, Users, Data and Computing","SIGOPS ACM Special Interest Group on Operating Systems"],"acronym":"MOBISYS '24","name":"MOBISYS '24: 22nd Annual International Conference on Mobile Systems, Applications and Services","location":"Minato-ku, Tokyo Japan"},"container-title":["Proceedings of the 22nd Annual International Conference on Mobile Systems, Applications and Services"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3643832.3661864","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3643832.3661864","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3643832.3661864","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T00:03:07Z","timestamp":1750291387000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3643832.3661864"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,6,3]]},"references-count":71,"alternative-id":["10.1145\/3643832.3661864","10.1145\/3643832"],"URL":"https:\/\/doi.org\/10.1145\/3643832.3661864","relation":{},"subject":[],"published":{"date-parts":[[2024,6,3]]},"assertion":[{"value":"2024-06-04","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}