Abstract
The use of mobile phones in public places opens up the possibilities of remote side channel attacks on these devices. We present a video-based side channel attack to decipher passwords on mobile devices. Our method uses short video clips ranging from 5 to 10 s each, which can be taken unobtrusively from a distance and do not require the keyboard or the screen of the phone to be visible. By relating the spatiotemporal movements of the user’s hand during typing and an anchor point on any visible part of the phone, we predict the typed password with high accuracy. The results on a dataset of 375 short videos of password entry process on a Samsung Galaxy S4 phone show an exponential reduction in the search space compared to a random guess. For each key-press corresponding to a character in the passwords, our method was able to reduce the search space to an average of 2–3 keys compared to ~30 keys if one has to guess the key randomly. Thus, this paper reaffirms threats to smartphone users’ conventional login in public places and highlights the threats in scenarios such as hiding the screen that otherwise gives the impression of being safe to the users.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: IEEE Transactions on Information Forensics and Security
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
