Access the full text.
Sign up today, get DeepDyve free for 14 days.
Loading next page...
/lp/de-gruyter/don-t-interrupt-me-while-i-type-inferring-text-entered-through-gesture-Lri0azOqNT
References (85)
-
D. Rumelhart, Geoffrey Hinton, Ronald Williams (1986)
Learning representations by back-propagating errorsNature, 323
-
Chen (2014)
Peeking into your app without actually seeing it state inference and novel android attacks in Proceedings of the rd San CASecurity Symposium USA, 23
-
Yan Michalevsky, Aaron Schulman, Gunaa Veerapandian, D. Boneh, Gabi Nakibly (2015)
PowerSpy: Location Tracking Using Mobile Device Power Analysis -
Android apps in sheep's clothing -
J. Elman (1990)
Finding Structure in TimeCogn. Sci., 14
-
J. Munkres (1957)
Algorithms for the Assignment and Transportation ProblemsJournal of The Society for Industrial and Applied Mathematics, 10
-
S. Khattak, Laurent Simon, S. Murdoch (2014)
Systemization of Pluggable Transports for Censorship ResistanceArXiv, abs/1412.7448
-
White (2011)
Phonotactic reconstruction of encrypted voip conversations on fon - iks in Privacy on ppSecurity IEEE Symposium IEEE
-
Jean. Steinier, Yves. Termonia, Jules. Deltour (1964)
Smoothing and differentiation of data by simplified least square procedure.Analytical chemistry, 44 11
-
Activitymanager -
Mikolov (2011)
Extensions of recurrent neural network language model in Acoustics Speech and Processing International Conference on ppSignal IEEE IEEE
-
P. Kocher, J. Jaffe, Benjamin Jun (1999)
Differential Power Analysis -
Mäntyjärvi (2005)
marja Identifying users of portable devices from gait pattern with accelerometers in in IEEE International Conference on Acoustics Speech ProcessingSignal, 28
-
Ozcan
The Universal Encryption Layer for Mobile Messaging Applications in and FCFinancial Cryptography Data Security
-
Yan Michalevsky, D. Boneh, Gabi Nakibly (2014)
Gyrophone: Recognizing Speech from Gyroscope Signals -
(2013)
Identity, lo- Don't Interrupt Me While I Type cation, disease and more: Inferring your secrets from android public resources -
Zhi Xu, Kun Bai, Sencun Zhu (2012)
TapLogger: inferring user inputs on smartphone touchscreens using on-board motion sensors -
A. Wood (1995)
Predicting Client/Server AvailabilityComputer, 28
-
Tomas Mikolov, M. Karafiát, L. Burget, J. Černocký, S. Khudanpur (2010)
Recurrent neural network based language model -
D. Bernstein (2005)
Cache-timing attacks on AES -
Currentapp java https gist github com jaredrummler a ec fb
, 13
-
Martin Vuagnoux, S. Pasini (2009)
Compromising Electromagnetic Emanations of Wired and Wireless Keyboards -
Philip Marquardt, A. Verma, Henry Carter, Patrick Traynor (2011)
(sp)iPhone: decoding vibrations from nearby keyboards using mobile phone accelerometers -
Vuagnoux (2009)
Compromising electromagnetic emanations of wired and wireless keyboards in USENIX securitysymposium, 25
-
Michael Elhadad (2009)
Book Review: Natural Language Processing with Python by Steven Bird, Ewan Klein, and Edward LoperComputational Linguistics, 36
-
Android apps in sheep s clothing http www modzero ch modlog archives android apps in sheeps clothing index html
, 12
-
V. Brik, Suman Banerjee, M. Gruteser, Sangho Oh (2008)
Wireless device identification with radiometric signatures -
Marquardt (2011)
sp iphone decoding vibrations from nearby keyboards using mobile phone accelerometers in Proceedings of the th ACM conference on Computer and communications security pp, 18
-
Eric Forsythand, C. Martell (2007)
Lexical and Discourse Analysis of Online Chat DialogInternational Conference on Semantic Computing (ICSC 2007)
-
S. Nawaz, C. Mascolo (2014)
Mining users' significant driving routes with low-power sensorsProceedings of the 12th ACM Conference on Embedded Network Sensor Systems
-
M. Reiter, P. Samarati (1998)
Proceedings of the 8th ACM conference on Computer and Communications Security -
Dey (2014)
Imperfections of accelerometers make smartphones trackable in Proceedings of the Network and Distributed SystemSecurity Symposium
-
Jana Shmatikov Memento Learning secrets from process footprints in Privacy on pp
Security IEEE Symposium IEEE
-
Kehuan Zhang, Xiaofeng Wang (2009)
Peeping Tom in the Neighborhood: Keystroke Eavesdropping on Multi-User Systems -
Simon (2013)
Pin skimmer : Inferring pins through the camera and microphone in Proceedings of the Third ACM Workshop on Security and Privacy in Smartphones Mobile Devices New YorkUSA, 20
-
Michalevsky (1502)
Location tracking using mobile device power analysis arXiv preprint arXiv, 19
-
Brik (2008)
Wireless device identification with radiometric signatures in Proceedings of the th ACM international conference on Mobile computing and networking pp, 14
-
Implementations (2006)
Cache Fingerprinting via Statistical Analysis of the Duration Field tech, 11
-
Bernstein (2005)
Cache timing attacks on aes tech rep, 24
-
P. Kocher (1996)
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems -
Kocher (1999)
Differential power analysis in Proceedings of the th Annual International Cryptology Conference on Advances in UK VerlagCryptology CRYPTO, 21
-
Adam Aviv, Benjamin Sapp, M. Blaze, Jonathan Smith (2012)
Practicality of accelerometer side channels on smartphones -
Zhuang Li, F. Zhou, J. Tygar, Daniel Liu (2005)
Keyboard acoustic emanations revisited -
S. Dey, Nirupam Roy, Wenyuan Xu, Romit Choudhury, Srihari Nelakuditi (2014)
AccelPrint: Imperfections of Accelerometers Make Smartphones Trackable -
V. Perta, M. Barbera, A. Mei (2014)
Exploiting Delay Patterns for User IPs Identification in Cellular Networks -
Cai (2011)
Inferring keystrokes on touch screen from smartphone motion in -
Qi Chen, Zhiyun Qian, Z. Mao (2014)
Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks -
Mikolov (2010)
Recurrent neural network based language model in th Annual Conference of the International Japan SeptemberSpeech Communication Association, 11
-
Bird (2009)
Processing with Python Media st edNatural Language, 16
-
P. Kantor (2001)
Foundations of Statistical Natural Language ProcessingInformation Retrieval, 4
-
Zhuang (2009)
Keyboard acoustic emanations revisited on Information and System vol noACM Transactions Security, 26
-
M. Conti, L. Mancini, Riccardo Spolaor, Nino Verde (2014)
Can't You Hear Me Knocking: Identification of User Actions on Android Apps via Traffic AnalysisProceedings of the 5th ACM Conference on Data and Application Security and Privacy
-
Xu (2012)
Inferring user inputs on smartphone touchscreens using on - board motion sensors in Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks pp, 31
-
Jani Mäntyjärvi, M. Lindholm, Elena Vildjiounaite, Satu-Marja Mäkelä, H. Ailisto (2005)
Identifying users of portable devices from gait pattern with accelerometersProceedings. (ICASSP '05). IEEE International Conference on Acoustics, Speech, and Signal Processing, 2005., 2
-
Forsythand (2007)
Lexical and discourse analysis of online chat in Proceedings of the International Conference on Semanticdialog Computing USA IEEE Computer Society, 15
-
Ahmet Ozcan, Can Gemicioglu, Kaan Onarlioglu, Michael Weissbacher, Collin Mulliner, William Robertson, E. Kirda (2015)
BabelCrypt: The Universal Encryption Layer for Mobile Messaging Applications -
Nmap security scanner -
Conti
Can t you hear me knocking : Identification of user actions on android apps via traffic analysis in Proceedings of the th ACM Conference on Data and Application Security and Privacy pp -
Eric Forsyth (2007)
Improving automated lexical and discourse analysis of online chat dialog -
A. White, Austin Matthews, Kevin Snow, F. Monrose (2011)
Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on Fon-iks2011 IEEE Symposium on Security and Privacy
-
Munkres (1957)
for the assignment and transportation problemsAlgorithms, 17
-
Nawaz (2014)
Mining users significant driving routes with low - power sensors in Proceedings of the th ACM Conference on Embedded Network Sensor Systems New YorkUSA, 30
-
Tomas Mikolov, Stefan Kombrink, L. Burget, J. Černocký, S. Khudanpur (2011)
Extensions of recurrent neural network language model2011 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP)
-
Zhou (2013)
Identity lo cation disease and more : Inferring your secrets from android public resources in Proceedings of the Conference on New YorkComputer Communications Security USA, 13
-
Aviv (2012)
Practicality of accelerometer side channels on smartphones in Proceedings of the th Security Applications Conference ppAnnual Computer, 28
-
Michalevsky (2014)
Recognizing speech from gyroscope signals in Proceedings of the rd USENIX Conference on SEC CASecurity Symposium USA Association, 29
-
Dag Osvik, A. Shamir, Eran Tromer (2006)
Cache Attacks and Countermeasures: The Case of AES -
E. Miluzzo, A. Varshavsky, Suhrid Balakrishnan, Romit Choudhury (2012)
Tapprints: your finger taps have fingerprints -
Tim Stöber, Mario Frank, J. Schmitt, I. Martinovic (2013)
Who do you sync you are?: smartphone fingerprinting via application behaviour -
N. Zhang, Kan Yuan, Muhammad Naveed, Xiao-yong Zhou, Xiaofeng Wang (2015)
Leave Me Alone: App-Level Protection against Runtime Information Gathering on Android2015 IEEE Symposium on Security and Privacy
-
Stöber (2013)
Who do you sync you are smartphone fingerprinting via application behaviour in Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks pp -
Chen (2010)
Side - channel leaks in web applications reality today a challenge tomorrow in Privacy on ppSecurity IEEE Symposium IEEE
-
Laurent Simon, Ross Anderson (2013)
PIN skimmer: inferring PINs through the camera and microphone -
(2006)
Fingerprinting 802.11 Implementations via Statistical Analysis of the Duration Field -
C. Wright, L. Ballard, Scott Coull, F. Monrose, G. Masson (2008)
Spot Me if You Can: Uncovering Spoken Phrases in Encrypted VoIP Conversations2008 IEEE Symposium on Security and Privacy (sp 2008)
-
Khattak (1412)
Systemization of pluggable transports for censorship resistance arXiv preprint arXiv -
Liang Cai, Hao Chen (2011)
TouchLogger: Inferring Keystrokes on Touch Screen from Smartphone Motion -
Activitymanager https developer android com reference android app ActivityManager html getRunningTasks
int, 14
-
P. Werbos (1990)
Backpropagation Through Time: What It Does and How to Do ItProc. IEEE, 78
-
Osvik (2006)
Cache attacks and countermeasures : The case of aes in Proceedings of the The Cryptographers Track at the RSA Conference on Topics in Cryptology Springer - Verlag, 23
-
Nmap
scanner https nmap org Accessedsecurity
-
M. Backes, Markus Dürmuth, S. Gerling, Manfred Pinkal, C. Sporleder (2010)
Acoustic Side-Channel Attacks on Printers -
S. Jana, Vitaly Shmatikov (2012)
Memento: Learning Secrets from Process Footprints2012 IEEE Symposium on Security and Privacy
-
Shuo Chen, Rui Wang, Xiaofeng Wang, Kehuan Zhang (2010)
Side-Channel Leaks in Web Applications: A Reality Today, a Challenge Tomorrow2010 IEEE Symposium on Security and Privacy
-
Wright (2008)
Spot me if you can : Uncovering spoken phrases in encrypted voip conversations in Privacy on ppSecurity IEEE Symposium IEEE
- Publisher
- de Gruyter
- Copyright
- Copyright © 2016 by the
- ISSN
- 2299-0984
- eISSN
- 2299-0984
- DOI
- 10.1515/popets-2016-0020
- Publisher site
- See Article on Publisher Site
Abstract
Abstract We present a new side-channel attack against soft keyboards that support gesture typing on Android smartphones. An application without any special permissions can observe the number and timing of the screen hardware interrupts and system-wide software interrupts generated during user input, and analyze this information to make inferences about the text being entered by the user. System-wide information is usually considered less sensitive than app-specific information, but we provide concrete evidence that this may be mistaken. Our attack applies to all Android versions, including Android M where the SELinux policy is tightened. We present a novel application of a recurrent neural network as our classifier to infer text. We evaluate our attack against the “Google Keyboard” on Nexus 5 phones and use a real-world chat corpus in all our experiments. Our evaluation considers two scenarios. First, we demonstrate that we can correctly detect a set of pre-defined “sentences of interest” (with at least 6 words) with 70% recall and 60% precision. Second, we identify the authors of a set of anonymous messages posted on a messaging board. We find that even if the messages contain the same number of words, we correctly re-identify the author more than 97% of the time for a set of up to 35 sentences. Our study demonstrates a new way in which system-wide resources can be a threat to user privacy. We investigate the effect of rate limiting as a countermeasure but find that determining a proper rate is error-prone and fails in subtle cases. We conclude that real-time interrupt information should be made inaccessible, perhaps via a tighter SELinux policy in the next Android version.
Journal
Proceedings on Privacy Enhancing Technologies – de Gruyter
Published: Jul 1, 2016