research-article

Open access

Seeing double: reconstructing obscured typed input from repeated compromising reflections

Authors:

Andrew M. White,

Fabian Monrose,

Jan-Michael FrahmAuthors Info & Claims

CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

Pages 1063 - 1074

https://doi.org/10.1145/2508859.2516709

Published: 04 November 2013 Publication History

Abstract

Of late, threats enabled by the ubiquitous use of mobile devices have drawn much interest from the research community. However, prior threats all suffer from a similar, and profound, weakness - namely the requirement that the adversary is either within visual range of the victim (e.g., to ensure that the pop-out events in reflections in the victim's sunglasses can be discerned) or is close enough to the target to avoid the use of expensive telescopes. In this paper, we broaden the scope of the attacks by relaxing these requirements and show that breaches of privacy are possible even when the adversary is around a corner. The approach we take overcomes challenges posed by low image resolution by extending computer vision methods to operate on small, high-noise, images. Moreover, our work is applicable to all types of keyboards because of a novel application of fingertip motion analysis for key-press detection. In doing so, we are also able to exploit reflections in the eyeball of the user or even repeated reflections (i.e., a reflection of a reflection of the mobile device in the eyeball of the user). Our empirical results show that we can perform these attacks with high accuracy, and can do so in scenarios that aptly demonstrate the realism of this threat.

References

[1]

D. Asonov and R. Agrawal. Keyboard acoustic emanations. In Proceedings of the IEEE Symposium on Security and Privacy, 2004.

[2]

M. Backes, M. Durmuth, and D. Unruh. Compromising reflections-or-how to read LCD monitors around the corner. In Proceedings of the IEEE Symposium on Security and Privacy, 2008.

Digital Library

[3]

M. Backes, T. Chen, M. Dürmuth, H. Lensch, and M. Welk. Tempest in a teapot: Compromising reflections revisited. In Proceedings of the IEEE Symposium on Security and Privacy, 2009.

Digital Library

[4]

S. Baker and I. Matthews. Lucas-Kanade 20 years on. International Journal of Computer Vision, 56(3):221--255, 2004.

Digital Library

[5]

D. Balzarotti, M. Cova, and G. Vigna. ClearShot: Eavesdropping on keyboard input from video. In Proceedings of the IEEE Symposium on Security and Privacy, 2008.

Digital Library

[6]

L. Cai and H. Chen. Touchlogger: inferring keystrokes on touch screen from smartphone motion. In USENIX Workshop on Hot Topics in Security (HotSec), 2011.

Digital Library

[7]

L. Cai and H. Chen. On the practicality of motion based keystroke inference attack. Trust and Trustworthy Computing, pages 273--290, 2012.

Digital Library

[8]

A. Chaudhary, J. Raheja, and S. Raheja. A vision based geometrical method to find fingers positions in real time hand gesture recognition. Journal of Software, 7(4): 861--869, 2012.

[9]

T. Chen and M.-Y. Kan. Creating a live, public short message service corpus: The NUS SMS corpus. Language Resources and Evaluation, 2011.

[10]

R. Collins and R. Weiss. Vanishing point calculation as a statistical inference on the unit sphere. In Proceedings of the Third International Conference on Computer Vision, 1990.

[11]

R. O. Duda and P. E. Hart. Use of the Hough transformation to detect lines and curves in pictures. Communications of the ACM, 15(1):11--15, 1972.

Digital Library

[12]

F. Elibol, U. Sarac, and I. Erer. Realistic eavesdropping attacks on computer displays with low-cost and mobile receiver system. In Proceedings of the 20th European Signal Processing Conference, 2012.

[13]

M. Fischler and R. Bolles. Random sample consensus: a paradigm for model fitting with applications to image analysis and automated cartography. Communications of the ACM, 24(6):381--395, 1981.

Digital Library

[14]

W. N. Francis and H. Kucera. Brown corpus manual. Technical report, Dept. of Linguistics, Brown University, 1979.

[15]

H. Grabner, M. Grabner, and H. Bischof. Real-time tracking via on-line boosting. In Proceedings of the British Machine Vision Conference, volume 1, pages 47--56, 2006.

[16]

H. J. Highland. Electromagnetic radiation revisited. Computer Security, 5:85--93, June 1986.

Digital Library

[17]

B. Hoanca and K. J. Mock. Password entry scheme resistant to eavesdropping. In Security and Management, 2008.

[18]

X. Iturbe, A. Altuna, A. Ruiz de Olano, and I. Martinez. VHDL described finger tracking system for real-time human-machine interaction. In International Conference on Signals and Electronic Systems, 2008.

[19]

L. Jin, D. Yang, L. Zhen, and J. Huang. A novel vision-based finger-writing character recognition system. Journal of Circuits, Systems, and Computers, 16(03):421--436, 2007.

[20]

C. Kerdvibulvech and H. Saito. Vision-based detection of guitar players? fingertips without markers. In Computer Graphics, Imaging and Visualisation, 2007.

Digital Library

[21]

M. Kuhn and C. Kuhn. Compromising emanations: eavesdropping risks of computer displays. Technical report, University of Cambridge, 2003.

[22]

M. Kumar, T. Garfinkel, D. Boneh, and T. Winograd. Reducing shoulder-surfing by using gaze-based password entry. In Symposium on Usable Privacy and Security, 2007.

Digital Library

[23]

A. Lavie. Evaluating the output of machine translation systems. AMTA Tutorial, 2010.

[24]

A. Lavie and M. J. Denkowski. The METEOR metric for automatic evaluation of machine translation. Machine Translation, 23(2--3):105--115, 2009.

Digital Library

[25]

B. Lee and J. Chun. Manipulation of virtual objects in marker-less AR system by fingertip tracking and hand gesture recognition. In Proceedings of the 2nd International Conference on Interaction Sciences, 2009.

Digital Library

[26]

T. Lee and T. Hollerer. Handy AR: Markerless inspection of augmented reality objects using fingertip tracking. In IEEE International Symposium on Wearable Computers, 2007.

Digital Library

[27]

E. Lutton, H. Maitre, and J. Lopez-Krahe. Contribution to the determination of vanishing points using Hough transform. Transactions on Pattern Analysis and Machine Intelligence, 16(4):430--438, 1994.

Digital Library

[28]

M. Magee and J. Aggarwal. Determining vanishing points from perspective images. Computer Vision, Graphics, and Image Processing, 26(2):256--267, 1984.

[29]

F. Maggi, A. Volpatto, S. Gasparini, G. Boracchi, and S. Zanero. A fast eavesdropping attack against touchscreens. In Information Assurance and Security (IAS). IEEE, 2011.

[30]

J. Nakamura. Image sensors and signal processing for digital still cameras. CRC, 2005.

Digital Library

[31]

D. Nguyen, T. Pham, and J. Jeon. Fingertip detection with morphology and geometric calculation. In IEEE/RSJ International Conference on Intelligent Robots and Systems, 2009.

Digital Library

[32]

K. Oka, Y. Sato, and H. Koike. Real-time fingertip tracking and gesture recognition. Computer Graphics and Applications, 22(6):64--71, 2002.

Digital Library

[33]

E. Owusu, J. Han, S. Das, A. Perrig, and J. Zhang. Accessory: password inference using accelerometers on smartphones. In Proceedings of the Twelfth Workshop on Mobile Computing Systems & Applications. ACM, 2012.

Digital Library

[34]

R. Raguram, A. White, D. Goswami, F. Monrose, and J. Frahm. iSpy: automatic reconstruction of typed input from compromising reflections. In Proceedings of the ACM Conference on Computer and Communications Security, 2011.

Digital Library

[35]

R. Raguram, A. M. White, Y. Xu, J.-M. Frahm, P. Georgel, and F. Monrose. On the privacy risks of virtual keyboards: automatic reconstruction of typed input from compromising reflections. IEEE Transactions on Dependable and Secure Computing, 2013.

Digital Library

[36]

L. Sobrado and J.-C. Birget. Graphical passwords. The Rutgers Scholar, 4, 2002.

[37]

E. Stelzer. Contrast, resolution, pixelation, dynamic range and signal-to-noise ratio: fundamental limits to resolution in fluorescence light microscopy. Journal of Microscopy, 189 (1):15--24, 1998.

[38]

R. Szeliski. Image alignment and stitching: A tutorial. Foundations and Trends in Computer Graphics and Vision, 2006.

Digital Library

[39]

D. S. Tan, P. Keyani, and M. Czerwinski. Spy-resistant keyboard: More secure password entry on public touch screen displays. In Proceedings of the 17th Australia Conference on Computer-Human Interaction, 2005.

Digital Library

[40]

N. Ukita and M. Kidode. Wearable virtual tablet: fingertip drawing on a portable plane-object using an active-infrared camera. In Proceedings of the International Conference on Intelligent User Interfaces. ACM, 2004.

Digital Library

[41]

W. van Eck. Electromagnetic radiation from video display units: an eavesdropping risk Computer Security, 4: 269--286, December 1985.

Digital Library

[42]

A. Vedaldi and B. Fulkerson. VLFeat: An open and portable library of computer vision algorithms. In Proceedings of the International Conference on Multimedia, 2010.

Digital Library

[43]

M. Vuagnoux and S. Pasini. Compromising electromagnetic emanations of wired and wireless keyboards. In Proceedings of the 18th USENIX Security Symposium, 2009.

Digital Library

[44]

J. Weaver, K. J. Mock, and B. Hoanca. Gaze-based password authentication through automatic clustering of gaze points. In IEEE International Conference on Systems, Man and Cybernetics, 2011.

[45]

J. Weickert. Anisotropic diffusion in image processing, volume 1. Teubner Stuttgart, 1998.

[46]

D. Yang, L. Jin, and J. Yin. An effective robust fingertip detection method for finger writing character recognition system. In Proceedings of the International Conference on Machine Learning and Cybernetics, 2005.

[47]

Y. Zhang, P. Xia, J. Luo, Z. Ling, B. Liu, and X. Fu. Fingerprint attack against touch-enabled devices. In Security and Privacy in Smartphones and Mobile Devices, SPSM '12, 2012.

Digital Library

[48]

Z. Zhang. Vision-based interaction with fingers and papers. In Proceedings International Symposium on the CREST Digital Archiving Project, 2003.

[49]

L. Zhuang, F. Zhou, and J. Tygar. Keyboard acoustic emanations revisited. In Proceedings of the 12th ACM Conference on Computer and Communications Security, 2005.

Digital Library

Cited By

Zhang GFu HXiang ZZhou XHu PCheng XYang Y(2025)Ambient Light Reflection-Based Eavesdropping Enhanced With cGANIEEE Transactions on Mobile Computing10.1109/TMC.2024.346039224:1(72-85)Online publication date: Jan-2025
https://doi.org/10.1109/TMC.2024.3460392
Xiao GLing ZFan QXu XWu WDing DChen CFu X(2024)Pivot: Panoramic-Image-Based VR User Authentication against Side-Channel AttacksACM Transactions on Multimedia Computing, Communications, and Applications10.1145/369497521:2(1-19)Online publication date: 9-Sep-2024
https://dl.acm.org/doi/10.1145/3694975
Akiirne ZNaji ZSaoudi ABouzidi D(2024)Dynamic swipe gestures based Continuous Authentication using similarity learningProceedings of the 7th International Conference on Networking, Intelligent Systems and Security10.1145/3659677.3659739(1-9)Online publication date: 18-Apr-2024
https://dl.acm.org/doi/10.1145/3659677.3659739
Show More Cited By

Index Terms

Seeing double: reconstructing obscured typed input from repeated compromising reflections
1. Security and privacy
  1. Human and societal aspects of security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Privacy policies

Recommendations

Beware, Your Hands Reveal Your Secrets!
CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

Research on attacks which exploit video-based side-channels to decode text typed on a smartphone has traditionally assumed that the adversary is able to leverage some information from the screen display (say, a reflection of the screen or a low ...
iSpy: automatic reconstruction of typed input from compromising reflections
CCS '11: Proceedings of the 18th ACM conference on Computer and communications security

We investigate the implications of the ubiquity of personal mobile devices and reveal new techniques for compromising the privacy of users typing on virtual keyboards. Specifi- cally, we show that so-called compromising reflections (in, for example, a ...
On the Privacy Risks of Virtual Keyboards: Automatic Reconstruction of Typed Input from Compromising Reflections

We investigate the implications of the ubiquity of personal mobile devices and reveal new techniques for compromising the privacy of users typing on virtual keyboards. Specifically, we show that so-called compromising reflections (in, for example, a ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

November 2013

1530 pages

ISBN:9781450324779

DOI:10.1145/2508859

General Chair:
Ahmad-Reza Sadeghi
TU Darmstadt, CASED, Intel ICRI-SC, Germany
,
Program Chairs:
Virgil Gligor
Carnegie Mellon University, USA
,
Moti Yung
Columbia University, USA

Copyright © 2013 Owner/Author.

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 November 2013

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'13

Sponsor:

SIGSAC

CCS'13: 2013 ACM SIGSAC Conference on Computer and Communications Security

November 4 - 8, 2013

Berlin, Germany

Acceptance Rates

CCS '13 Paper Acceptance Rate 105 of 530 submissions, 20%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

62
Total Citations
View Citations
4,904
Total Downloads

Downloads (Last 12 months)154
Downloads (Last 6 weeks)25

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhang GFu HXiang ZZhou XHu PCheng XYang Y(2025)Ambient Light Reflection-Based Eavesdropping Enhanced With cGANIEEE Transactions on Mobile Computing10.1109/TMC.2024.346039224:1(72-85)Online publication date: Jan-2025
https://doi.org/10.1109/TMC.2024.3460392
Xiao GLing ZFan QXu XWu WDing DChen CFu X(2024)Pivot: Panoramic-Image-Based VR User Authentication against Side-Channel AttacksACM Transactions on Multimedia Computing, Communications, and Applications10.1145/369497521:2(1-19)Online publication date: 9-Sep-2024
https://dl.acm.org/doi/10.1145/3694975
Akiirne ZNaji ZSaoudi ABouzidi D(2024)Dynamic swipe gestures based Continuous Authentication using similarity learningProceedings of the 7th International Conference on Networking, Intelligent Systems and Security10.1145/3659677.3659739(1-9)Online publication date: 18-Apr-2024
https://dl.acm.org/doi/10.1145/3659677.3659739
Nassi BIluz ECohen OVayner ONassi DZadov BElovici Y(2024)Video-Based Cryptanalysis: Extracting Cryptographic Keys from Video Footage of a Device’s Power LED Captured by Standard Video Cameras2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00163(2422-2440)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00163
Zhang GXiang ZFu HYang YHu P(2024)EchoLight: Sound Eavesdropping based on Ambient Light ReflectionIEEE INFOCOM 2024 - IEEE Conference on Computer Communications10.1109/INFOCOM52122.2024.10621338(341-350)Online publication date: 20-May-2024
https://doi.org/10.1109/INFOCOM52122.2024.10621338
Qiao HWang KHuang TXu XLiu SChen J(2024)A TEMPEST Attack Implementation based on Hidden Markov model in Smart GridJournal of Physics: Conference Series10.1088/1742-6596/2774/1/0120092774:1(012009)Online publication date: 1-Jul-2024
https://doi.org/10.1088/1742-6596/2774/1/012009
Gopal SShukla DWheelock JSaxena NCalandrino JTroncoso C(2023)Hidden realityProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620286(859-876)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620286
Saad ALiebers JSchneegass SGruenefeld U(2023)“They see me scrollin”—Lessons Learned from Investigating Shoulder Surfing Behavior and Attack Mitigation StrategiesHuman Factors in Privacy Research10.1007/978-3-031-28643-8_10(199-218)Online publication date: 10-Mar-2023
https://doi.org/10.1007/978-3-031-28643-8_10
Naji ZBouzidi D(2023)Deep Learning Approach for a Dynamic Swipe Gestures Based Continuous AuthenticationThe 3rd International Conference on Artificial Intelligence and Computer Vision (AICV2023), March 5–7, 202310.1007/978-3-031-27762-7_5(48-57)Online publication date: 1-Mar-2023
https://doi.org/10.1007/978-3-031-27762-7_5
Wasswa HSerwadda ASung AVerma RYap R(2022)The Proof is in the GlareProceedings of the 2022 ACM on International Workshop on Security and Privacy Analytics10.1145/3510548.3519378(46-54)Online publication date: 18-Apr-2022
https://dl.acm.org/doi/10.1145/3510548.3519378
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten