2022 article
A Keylogging Inference Attack on Air-Tapping Keyboards in Virtual Environments
2022 IEEE CONFERENCE ON VIRTUAL REALITY AND 3D USER INTERFACES (VR 2022), pp. 765–774.
author keywords: Security and privacy; Privacy protections; Human-entered computing; Text input; Human-centered computing; Ubiquitous and mobile devices
TL;DR:
This paper presents a keylogging inference attack to infer user inputs typed with in-air tapping keyboards, and shows that this attack achieves a pinpoint accuracy ranging from 40% to 87% within at most the top-500 candidate reconstructions.
(via Semantic Scholar)
UN Sustainable Development Goal Categories
4. Quality Education
(Web of Science)
16. Peace, Justice and Strong Institutions
(OpenAlex)
Source: Web Of Science
Added: August 15, 2022
Enabling users to push the physical world’s limits, augmented and virtual reality platforms opened a new chapter in perception. Novel immersive experiences resulted in the emergence of new interaction methods for virtual environments, which came with unprecedented security and privacy risks. This paper presents a keylogging inference attack to infer user inputs typed with in-air tapping keyboards. We observe that hands follow specific patterns when typing in the air and exploit this observation to carry out our attack. Starting with three plausible attack scenarios where the adversary obtains the hand trace patterns of the victim, we build a pipeline to reconstruct the user input. Our attack pipeline takes the hand traces of the victim as an input and outputs a set of input inferences ordered from the best to worst. Through various experiments, we showed that our inference attack achieves a pinpoint accuracy ranging from 40% to 87% within at most the top-500 candidate reconstructions. Finally, we discuss countermeasures, while the results presented provide a cautionary tale of the security and privacy risk of the immersive mobile technology.