Stanford Security Research

PowerSpy: Location Tracking using Mobile Device
Power Analysis

Modern mobile platforms like Android enable applications to read aggregate power usage on the phone. This information is considered harmless and reading it requires no user permission or notification. We show that by simply reading the phone’s aggregate power consumption over a period of a few minutes an application can learn information about the user’s location. Aggregate phone power consumption data is extremely noisy due to the multitude of components and applications that simultaneously consume power. Nevertheless, by using machine learning algorithms we are able to successfully infer the phone’s location. We discuss several ways in which this privacy leak can be remedied.

Full USENIX'15 talk:

Full paper:
On USENIX Security website (24th USENIX Security Symposium [USENIX Security '15])
Local copy: PowerSpy: Location Tracking using Mobile Device Power Analysis

Git repository on
The repository contains the Android application and the Matlab code.

Download Android Application (for obtaining the samples required for the experiments): PowerSpy app

The Android application source code can be found under the Main directory. It can be built using Eclipse or ant. To build using the ant build system simply go to the Main directory and run

# ant debug

Real-time Tracking
The following animation demonstrates our real-time tracking attack. The animation, rendered using JavaScript and Google Maps API, uses real experimental data.

Contributors: Yan Michalevsky, Gabi Nakibly, Aaaron Schulman, Gunaa Arumugam Veerapandian and Dan Boneh.