My(o) Armband Leaks Passwords: An EMG and IMU Based Keylogging Side-Channel Attack

Gazzari, Matthias ; Mattmann, Annemarie ; Maass, Max ; Hollick, Matthias (2021)
My(o) Armband Leaks Passwords: An EMG and IMU Based Keylogging Side-Channel Attack.
In: Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies, 5 (4)
doi: 10.1145/3494986
Artikel, Bibliographie

Dies ist die neueste Version dieses Eintrags.

Kurzbeschreibung (Abstract)

Wearables that constantly collect various sensor data of their users increase the chances for inferences of unintentional and sensitive information such as passwords typed on a physical keyboard. We take a thorough look at the potential of using electromyographic (EMG) data, a sensor modality which is new to the market but has lately gained attention in the context of wearables for augmented reality (AR), for a keylogging side-channel attack. Our approach is based on neural networks for a between-subject attack in a realistic scenario using the Myo Armband to collect the sensor data. In our approach, the EMG data has proven to be the most prominent source of information compared to the accelerometer and gyroscope, increasing the keystroke detection performance. For our end-to-end approach on raw data, we report a mean balanced accuracy of about 76 % for the keystroke detection and a mean top-3 key accuracy of about 32 % on 52 classes for the key identification on passwords of varying strengths. We have created an extensive dataset including more than 310 000 keystrokes recorded from 37 volunteers, which is available as open access along with the source code used to create the given results.

Typ des Eintrags:	Artikel
Erschienen:	2021
Autor(en):	Gazzari, Matthias ; Mattmann, Annemarie ; Maass, Max ; Hollick, Matthias
Art des Eintrags:	Bibliographie
Titel:	My(o) Armband Leaks Passwords: An EMG and IMU Based Keylogging Side-Channel Attack
Sprache:	Englisch
Publikationsjahr:	30 Dezember 2021
Verlag:	ACM
Titel der Zeitschrift, Zeitung oder Schriftenreihe:	Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies
Jahrgang/Volume einer Zeitschrift:	5
(Heft-)Nummer:	4
DOI:	10.1145/3494986
Zugehörige Links:	TUprints Zweitveröffentlichung
Kurzbeschreibung (Abstract):	Wearables that constantly collect various sensor data of their users increase the chances for inferences of unintentional and sensitive information such as passwords typed on a physical keyboard. We take a thorough look at the potential of using electromyographic (EMG) data, a sensor modality which is new to the market but has lately gained attention in the context of wearables for augmented reality (AR), for a keylogging side-channel attack. Our approach is based on neural networks for a between-subject attack in a realistic scenario using the Myo Armband to collect the sensor data. In our approach, the EMG data has proven to be the most prominent source of information compared to the accelerometer and gyroscope, increasing the keystroke detection performance. For our end-to-end approach on raw data, we report a mean balanced accuracy of about 76 % for the keystroke detection and a mean top-3 key accuracy of about 32 % on 52 classes for the key identification on passwords of varying strengths. We have created an extensive dataset including more than 310 000 keystrokes recorded from 37 volunteers, which is available as open access along with the source code used to create the given results.
Zusätzliche Informationen:	Art.No.: 157 ; Erstveröffentlichung
Fachbereich(e)/-gebiet(e):	20 Fachbereich Informatik 20 Fachbereich Informatik > Sichere Mobile Netze DFG-Graduiertenkollegs DFG-Graduiertenkollegs > Graduiertenkolleg 2050 Privacy and Trust for Mobile Users LOEWE LOEWE > LOEWE-Zentren LOEWE > LOEWE-Zentren > CRISP - Center for Research in Security and Privacy Zentrale Einrichtungen Zentrale Einrichtungen > Hochschulrechenzentrum (HRZ) Zentrale Einrichtungen > Hochschulrechenzentrum (HRZ) > Hochleistungsrechner
Hinterlegungsdatum:	14 Jan 2022 09:29
Letzte Änderung:	03 Jul 2024 02:55
PPN:
Export:

Suche nach Titel in:	TUfind oder in Google

Verfügbare Versionen dieses Eintrags

My(o) Armband Leaks Passwords: An EMG and IMU Based Keylogging Side-Channel Attack. (deposited 18 Feb 2022 13:06)
- My(o) Armband Leaks Passwords: An EMG and IMU Based Keylogging Side-Channel Attack. (deposited 14 Jan 2022 09:29) [Gegenwärtig angezeigt]

Frage zum Eintrag

Optionen (nur für Redakteure)

Redaktionelle Details anzeigen

OAI 2.0-Basis-URL: https://tubiblio.ulb.tu-darmstadt.de/cgi/oai2 TUbiblio verwendet EPrints 3.

Drucken |

Impressum |

Datenschutzerklärung