TouchLogger : Inferring Keystrokes on Touch Screen from Smartphone Motion - PowerPoint Presentation

spottletoefacebook . @spottletoefacebook

345 views
Uploaded On 2020-06-15

TouchLogger : Inferring Keystrokes on Touch Screen from Smartphone Motion - PPT Presentation

Liang Cai and Hao Chen UC Davis Security Problems on Smartphones Old problems Malware Software bugs Information leak New problems How can attackers exploit sensors Sensors on ID: 778162

motion sensors device keystrokes sensors motion keystrokes device screen user sensitive typing axis rotates 449 read gyroscopes parallel data

Link:

Copy

Embed:

<iframe width="560" height="315" src="https://www.docslides.com/embed/778162" frameborder="0" allowfullscreen></iframe>

Download Presentation from below link

Download The PPT/PDF document "TouchLogger : Inferring Keystrokes on T..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.

Presentation Transcript

Slide1

TouchLogger: Inferring Keystrokes on Touch Screen from Smartphone Motion

Liang

Cai

and

Hao

Chen

UC Davis

Slide2

Security Problems on SmartphonesOld problemsMalwareSoftware bugsInformation leak

…

New problems

How can attackers exploit sensors?

Slide3

Sensors on SmartphonesPrivacy-sensitive sensorsMicrophonesCamerasGPS

Are motion sensors privacy-sensitive?

Accelerometers

Gyroscopes

Slide4

Traditional KeyloggersIntercepting key eventsE.g., Trojan programsUsing out of channelsAcoustic frequency signatures of keys

Timing between keystrokes

Electromagnetic emanations of keystrokes

Work well on physical keyboards

But not on software keyboards

Slide5

Keylogger for Soft KeyboardNew out of band channel on smartphonesAccelerometers

Gyroscopes

Insight: motion sensor data can infer keystrokes

Slide6

Threat ModelKeylogger can read motion sensorMost users do NOT regard motion sensors as sensitive data sourceW3C’s DeviceOrientation

Event Specification allows web applications to read motion sensors via JavaScript

supported by both Android 3.0 and

iOS

4.2

User does NOT place phone on fixed surface

Slide7

Modeling Typing-Induced MotionShift is affected byStriking force of the typing fingerResistance force of the supporting handRotation is affected by

Landing location of the typing finger

Location of the supporting hand on the phone

We observe

Shift is more likely user dependent

Rotation is more likely user independent

Slide8

Device OrientationDevice orientation event consists ofα: Device rotates along z-axis (perpendicular to the screen plane)β: Device rotates along x-axis (parallel to the shorter side of screen)

: Device rotates along y-axis (parallel to the longer side of screen)

We use only

and

Slide9

Feature Extraction

Slide10

Feature Extraction

Slide11

EvaluationHTC Evo 4G smartphoneDigits 0 … 9 on number-only soft keyboard

Slide12

ResultsCollected 3 datasets2 smaller datasets for trainingThe largest dataset (449 keystrokes) for testingCorrectly inferred 321 out of 449 (71.5%) keystrokes.

Slide13

Detailed Inference Results

Slide14

Training Set Size

Slide15

ConclusionMotion sensors on smart phones may reveal keystrokesNeed to protect motion sensors as diligently as other sensors