ACCessory: password inference using accelerometers on smartphones

12 years 6 months ago

Download mlt.sv.cmu.edu

We show that accelerometer readings are a powerful side channel that can be used to extract entire sequences of entered text on a smartphone touchscreen keyboard. This possibility is a concern for two main reasons. First, unauthorized access to one’s keystrokes is a serious invasion of privacy as consumers increasingly use smartphones for sensitive transactions. Second, unlike many other sensors found on smartphones, the accelerometer does not require special privileges to access on current smartphone OSes. We show that accelerometer measurements can be used to extract 6-character passwords in as few as 4.5 trials (median). Keywords Mobile Phone, Sensor Malware, Side-Channel Attack, Keystroke Inference, Accelerometer

Emmanuel Owusu, Jun Han, Sauvik Das, Adrian Perrig

Real-time Traffic

Communications | Invasion Of Privacy | Sensitive Transactions | Smartphone Touchscreen | WMCSA 2012 |

claim paper

» The Jigsaw continuous sensing engine for mobile phone applications

Post Info
More Details (n/a)

Added	25 Apr 2012
Updated	25 Apr 2012
Type	Journal
Year	2012
Where	WMCSA
Authors	Emmanuel Owusu, Jun Han, Sauvik Das, Adrian Perrig, Joy Zhang

Comments (0)

Sciweavers

ACCessory: password inference using accelerometers on smartphones

Communications | Invasion Of Privacy | Sensitive Transactions | Smartphone Touchscreen | WMCSA 2012 |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers