Access the full text.
Sign up today, get DeepDyve free for 14 days.
D. Rumelhart, Geoffrey Hinton, Ronald Williams (1986)
Learning representations by back-propagating errorsNature, 323
Chen (2014)
Peeking into your app without actually seeing it state inference and novel android attacks in Proceedings of the rd San CASecurity Symposium USA, 23
Yan Michalevsky, Aaron Schulman, Gunaa Veerapandian, D. Boneh, Gabi Nakibly (2015)
PowerSpy: Location Tracking Using Mobile Device Power Analysis
Android apps in sheep's clothing
J. Elman (1990)
Finding Structure in TimeCogn. Sci., 14
J. Munkres (1957)
Algorithms for the Assignment and Transportation ProblemsJournal of The Society for Industrial and Applied Mathematics, 10
S. Khattak, Laurent Simon, S. Murdoch (2014)
Systemization of Pluggable Transports for Censorship ResistanceArXiv, abs/1412.7448
White (2011)
Phonotactic reconstruction of encrypted voip conversations on fon - iks in Privacy on ppSecurity IEEE Symposium IEEE
Jean. Steinier, Yves. Termonia, Jules. Deltour (1964)
Smoothing and differentiation of data by simplified least square procedure.Analytical chemistry, 44 11
Activitymanager
Mikolov (2011)
Extensions of recurrent neural network language model in Acoustics Speech and Processing International Conference on ppSignal IEEE IEEE
P. Kocher, J. Jaffe, Benjamin Jun (1999)
Differential Power Analysis
Mäntyjärvi (2005)
marja Identifying users of portable devices from gait pattern with accelerometers in in IEEE International Conference on Acoustics Speech ProcessingSignal, 28
Ozcan
The Universal Encryption Layer for Mobile Messaging Applications in and FCFinancial Cryptography Data Security
Yan Michalevsky, D. Boneh, Gabi Nakibly (2014)
Gyrophone: Recognizing Speech from Gyroscope Signals
(2013)
Identity, lo- Don't Interrupt Me While I Type cation, disease and more: Inferring your secrets from android public resources
Zhi Xu, Kun Bai, Sencun Zhu (2012)
TapLogger: inferring user inputs on smartphone touchscreens using on-board motion sensors
A. Wood (1995)
Predicting Client/Server AvailabilityComputer, 28
Tomas Mikolov, M. Karafiát, L. Burget, J. Černocký, S. Khudanpur (2010)
Recurrent neural network based language model
D. Bernstein (2005)
Cache-timing attacks on AES
, 13
Martin Vuagnoux, S. Pasini (2009)
Compromising Electromagnetic Emanations of Wired and Wireless Keyboards
Philip Marquardt, A. Verma, Henry Carter, Patrick Traynor (2011)
(sp)iPhone: decoding vibrations from nearby keyboards using mobile phone accelerometers
Vuagnoux (2009)
Compromising electromagnetic emanations of wired and wireless keyboards in USENIX securitysymposium, 25
Michael Elhadad (2009)
Book Review: Natural Language Processing with Python by Steven Bird, Ewan Klein, and Edward LoperComputational Linguistics, 36
, 12
V. Brik, Suman Banerjee, M. Gruteser, Sangho Oh (2008)
Wireless device identification with radiometric signatures
Marquardt (2011)
sp iphone decoding vibrations from nearby keyboards using mobile phone accelerometers in Proceedings of the th ACM conference on Computer and communications security pp, 18
Eric Forsythand, C. Martell (2007)
Lexical and Discourse Analysis of Online Chat DialogInternational Conference on Semantic Computing (ICSC 2007)
S. Nawaz, C. Mascolo (2014)
Mining users' significant driving routes with low-power sensorsProceedings of the 12th ACM Conference on Embedded Network Sensor Systems
M. Reiter, P. Samarati (1998)
Proceedings of the 8th ACM conference on Computer and Communications Security
Dey (2014)
Imperfections of accelerometers make smartphones trackable in Proceedings of the Network and Distributed SystemSecurity Symposium
Security IEEE Symposium IEEE
Kehuan Zhang, Xiaofeng Wang (2009)
Peeping Tom in the Neighborhood: Keystroke Eavesdropping on Multi-User Systems
Simon (2013)
Pin skimmer : Inferring pins through the camera and microphone in Proceedings of the Third ACM Workshop on Security and Privacy in Smartphones Mobile Devices New YorkUSA, 20
Michalevsky (1502)
Location tracking using mobile device power analysis arXiv preprint arXiv, 19
Brik (2008)
Wireless device identification with radiometric signatures in Proceedings of the th ACM international conference on Mobile computing and networking pp, 14
Implementations (2006)
Cache Fingerprinting via Statistical Analysis of the Duration Field tech, 11
Bernstein (2005)
Cache timing attacks on aes tech rep, 24
P. Kocher (1996)
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
Kocher (1999)
Differential power analysis in Proceedings of the th Annual International Cryptology Conference on Advances in UK VerlagCryptology CRYPTO, 21
Adam Aviv, Benjamin Sapp, M. Blaze, Jonathan Smith (2012)
Practicality of accelerometer side channels on smartphones
Zhuang Li, F. Zhou, J. Tygar, Daniel Liu (2005)
Keyboard acoustic emanations revisited
S. Dey, Nirupam Roy, Wenyuan Xu, Romit Choudhury, Srihari Nelakuditi (2014)
AccelPrint: Imperfections of Accelerometers Make Smartphones Trackable
V. Perta, M. Barbera, A. Mei (2014)
Exploiting Delay Patterns for User IPs Identification in Cellular Networks
Cai (2011)
Inferring keystrokes on touch screen from smartphone motion in
Qi Chen, Zhiyun Qian, Z. Mao (2014)
Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks
Mikolov (2010)
Recurrent neural network based language model in th Annual Conference of the International Japan SeptemberSpeech Communication Association, 11
Bird (2009)
Processing with Python Media st edNatural Language, 16
P. Kantor (2001)
Foundations of Statistical Natural Language ProcessingInformation Retrieval, 4
Zhuang (2009)
Keyboard acoustic emanations revisited on Information and System vol noACM Transactions Security, 26
M. Conti, L. Mancini, Riccardo Spolaor, Nino Verde (2014)
Can't You Hear Me Knocking: Identification of User Actions on Android Apps via Traffic AnalysisProceedings of the 5th ACM Conference on Data and Application Security and Privacy
Xu (2012)
Inferring user inputs on smartphone touchscreens using on - board motion sensors in Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks pp, 31
Jani Mäntyjärvi, M. Lindholm, Elena Vildjiounaite, Satu-Marja Mäkelä, H. Ailisto (2005)
Identifying users of portable devices from gait pattern with accelerometersProceedings. (ICASSP '05). IEEE International Conference on Acoustics, Speech, and Signal Processing, 2005., 2
Forsythand (2007)
Lexical and discourse analysis of online chat in Proceedings of the International Conference on Semanticdialog Computing USA IEEE Computer Society, 15
Ahmet Ozcan, Can Gemicioglu, Kaan Onarlioglu, Michael Weissbacher, Collin Mulliner, William Robertson, E. Kirda (2015)
BabelCrypt: The Universal Encryption Layer for Mobile Messaging Applications
Nmap security scanner
Conti
Can t you hear me knocking : Identification of user actions on android apps via traffic analysis in Proceedings of the th ACM Conference on Data and Application Security and Privacy pp
Eric Forsyth (2007)
Improving automated lexical and discourse analysis of online chat dialog
A. White, Austin Matthews, Kevin Snow, F. Monrose (2011)
Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on Fon-iks2011 IEEE Symposium on Security and Privacy
Munkres (1957)
for the assignment and transportation problemsAlgorithms, 17
Nawaz (2014)
Mining users significant driving routes with low - power sensors in Proceedings of the th ACM Conference on Embedded Network Sensor Systems New YorkUSA, 30
Tomas Mikolov, Stefan Kombrink, L. Burget, J. Černocký, S. Khudanpur (2011)
Extensions of recurrent neural network language model2011 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP)
Zhou (2013)
Identity lo cation disease and more : Inferring your secrets from android public resources in Proceedings of the Conference on New YorkComputer Communications Security USA, 13
Aviv (2012)
Practicality of accelerometer side channels on smartphones in Proceedings of the th Security Applications Conference ppAnnual Computer, 28
Michalevsky (2014)
Recognizing speech from gyroscope signals in Proceedings of the rd USENIX Conference on SEC CASecurity Symposium USA Association, 29
Dag Osvik, A. Shamir, Eran Tromer (2006)
Cache Attacks and Countermeasures: The Case of AES
E. Miluzzo, A. Varshavsky, Suhrid Balakrishnan, Romit Choudhury (2012)
Tapprints: your finger taps have fingerprints
Tim Stöber, Mario Frank, J. Schmitt, I. Martinovic (2013)
Who do you sync you are?: smartphone fingerprinting via application behaviour
N. Zhang, Kan Yuan, Muhammad Naveed, Xiao-yong Zhou, Xiaofeng Wang (2015)
Leave Me Alone: App-Level Protection against Runtime Information Gathering on Android2015 IEEE Symposium on Security and Privacy
Stöber (2013)
Who do you sync you are smartphone fingerprinting via application behaviour in Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks pp
Chen (2010)
Side - channel leaks in web applications reality today a challenge tomorrow in Privacy on ppSecurity IEEE Symposium IEEE
Laurent Simon, Ross Anderson (2013)
PIN skimmer: inferring PINs through the camera and microphone
(2006)
Fingerprinting 802.11 Implementations via Statistical Analysis of the Duration Field
C. Wright, L. Ballard, Scott Coull, F. Monrose, G. Masson (2008)
Spot Me if You Can: Uncovering Spoken Phrases in Encrypted VoIP Conversations2008 IEEE Symposium on Security and Privacy (sp 2008)
Khattak (1412)
Systemization of pluggable transports for censorship resistance arXiv preprint arXiv
Liang Cai, Hao Chen (2011)
TouchLogger: Inferring Keystrokes on Touch Screen from Smartphone Motion
int, 14
P. Werbos (1990)
Backpropagation Through Time: What It Does and How to Do ItProc. IEEE, 78
Osvik (2006)
Cache attacks and countermeasures : The case of aes in Proceedings of the The Cryptographers Track at the RSA Conference on Topics in Cryptology Springer - Verlag, 23
Nmap
scanner https nmap org Accessedsecurity
M. Backes, Markus Dürmuth, S. Gerling, Manfred Pinkal, C. Sporleder (2010)
Acoustic Side-Channel Attacks on Printers
S. Jana, Vitaly Shmatikov (2012)
Memento: Learning Secrets from Process Footprints2012 IEEE Symposium on Security and Privacy
Shuo Chen, Rui Wang, Xiaofeng Wang, Kehuan Zhang (2010)
Side-Channel Leaks in Web Applications: A Reality Today, a Challenge Tomorrow2010 IEEE Symposium on Security and Privacy
Wright (2008)
Spot me if you can : Uncovering spoken phrases in encrypted voip conversations in Privacy on ppSecurity IEEE Symposium IEEE
Abstract We present a new side-channel attack against soft keyboards that support gesture typing on Android smartphones. An application without any special permissions can observe the number and timing of the screen hardware interrupts and system-wide software interrupts generated during user input, and analyze this information to make inferences about the text being entered by the user. System-wide information is usually considered less sensitive than app-specific information, but we provide concrete evidence that this may be mistaken. Our attack applies to all Android versions, including Android M where the SELinux policy is tightened. We present a novel application of a recurrent neural network as our classifier to infer text. We evaluate our attack against the “Google Keyboard” on Nexus 5 phones and use a real-world chat corpus in all our experiments. Our evaluation considers two scenarios. First, we demonstrate that we can correctly detect a set of pre-defined “sentences of interest” (with at least 6 words) with 70% recall and 60% precision. Second, we identify the authors of a set of anonymous messages posted on a messaging board. We find that even if the messages contain the same number of words, we correctly re-identify the author more than 97% of the time for a set of up to 35 sentences. Our study demonstrates a new way in which system-wide resources can be a threat to user privacy. We investigate the effect of rate limiting as a countermeasure but find that determining a proper rate is error-prone and fails in subtle cases. We conclude that real-time interrupt information should be made inaccessible, perhaps via a tighter SELinux policy in the next Android version.
Proceedings on Privacy Enhancing Technologies – de Gruyter
Published: Jul 1, 2016
Read and print from thousands of top scholarly journals.
Already have an account? Log in
Bookmark this article. You can see your Bookmarks on your DeepDyve Library.
To save an article, log in first, or sign up for a DeepDyve account if you don’t already have one.
Copy and paste the desired citation format or use the link below to download a file formatted for EndNote
Access the full text.
Sign up today, get DeepDyve free for 14 days.
All DeepDyve websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.