Wearables that constantly collect various sensor data of their users increase the chances for inferences of unintentional and sensitive information such as passwords typed on a physical keyboard. We take a thorough look at the potential of using electromyographic (EMG) data, a sensor modality which is new to the market but has lately gained attention in the context of wearables for augmented reality (AR), for a keylogging side-channel attack. Our approach is based on neural networks for a between-subject attack in a realistic scenario using the Myo Armband to collect the sensor data. In our approach, the EMG data has proven to be the most prominent source of information compared to the accelerometer and gyroscope, increasing the keystroke detection performance. For our end-to-end approach on raw data, we report a mean balanced accuracy of about 76 % for the keystroke detection and a mean top-3 key accuracy of about 32 % on 52 classes for the key identification on passwords of varying strengths. We have created an extensive dataset including more than 310 000 keystrokes recorded from 37 volunteers, which is available as open access along with the source code used to create the given results.
翻译:不断收集用户的各种传感器数据,不断收集用户的各种传感器数据,这些 wear 可穿的不断收集其用户的各种传感器数据,增加了对非无意和敏感信息的推断机会,例如将密码打在物理键盘上的密码。我们彻底审视了使用电传数据(EMG)的潜力。电传数据(EMG)是市场新颖的传感器模式,但近来在强化现实的可磨损(AR)方面得到了关注。我们的方法是基于神经网络,利用 Myo Armband 收集感应数据,在现实的情景下,对对象间攻击进行神经攻击。在我们的方法中,EMG数据已证明与加速仪和陀螺仪相比是最突出的信息来源,提高了按键的探测性能。对于原始数据的端到端方法,我们报告在关键控点探测中,平均平衡率为76 %,在52个等级上,以32 %左右,用于对不同强的密码进行关键识别。我们创建了一个广泛的数据集,包括37名志愿人员记录的超过30000个按键串,用于打开源码访问结果。
相关内容
微信扫码咨询专知VIP会员