Timing analysis of keystrokes and timing attacks on SSH
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Stealthy video capturer: a new video-based spyware in 3G smartphones
Proceedings of the second ACM conference on Wireless network security
Defending against sensor-sniffing attacks on mobile phones
Proceedings of the 1st ACM workshop on Networking, systems, and applications for mobile handhelds
Keyboard acoustic emanations revisited
ACM Transactions on Information and System Security (TISSEC)
Compromising electromagnetic emanations of wired and wireless keyboards
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Timing attacks on PIN input devices
Proceedings of the 17th ACM conference on Computer and communications security
Proceedings of the 27th Annual Computer Security Applications Conference
ACCessory: password inference using accelerometers on smartphones
Proceedings of the Twelfth Workshop on Mobile Computing Systems & Applications
TapLogger: inferring user inputs on smartphone touchscreens using on-board motion sensors
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
Tapprints: your finger taps have fingerprints
Proceedings of the 10th international conference on Mobile systems, applications, and services
On the practicality of motion based keystroke inference attack
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Security analysis of smartphone point-of-sale systems
WOOT'12 Proceedings of the 6th USENIX conference on Offensive Technologies
Fingerprint attack against touch-enabled devices
Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices
Proceedings of the Third International Workshop on Sensing Applications on Mobile Phones
Communications of the ACM
Practicality of accelerometer side channels on smartphones
Proceedings of the 28th Annual Computer Security Applications Conference
ScreenPass: secure password entry on touchscreen devices
Proceeding of the 11th annual international conference on Mobile systems, applications, and services
Sensing-enabled channels for hard-to-detect command and control of mobile devices
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Identity, location, disease and more: inferring your secrets from android public resources
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Seeing double: reconstructing obscured typed input from repeated compromising reflections
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
PIN skimmer: inferring PINs through the camera and microphone
Proceedings of the Third ACM workshop on Security and privacy in smartphones & mobile devices
SEC'13 Proceedings of the 22nd USENIX conference on Security
Proceedings of International Conference on Advances in Mobile Computing & Multimedia
Hi-index | 0.02 |
Attacks that use side channels, such as sound and electromagnetic emanation, to infer keystrokes on physical keyboards are ineffective on smartphones without physical keyboards. We describe a new side channel, motion, on touch screen smartphones with only soft keyboards. Since typing on different locations on the screen causes different vibrations, motion data can be used to infer the keys being typed. To demonstrate this attack, we developed TouchLogger, an Android application that extracts features from device orientation data to infer keystrokes. TouchLogger correctly inferred more than 70% of the keys typed on a number-only soft keyboard on a smartphone. We hope to raise the awareness of motion as a significant side channel that may leak confidential data.