Mobile devices are carried by many individuals in the world, which use them to communicate with friends, browse the web, and use different applications depending on their objectives. Normally the devices are equipped with integrated sensors such as accelerometers and magnetometers, through which application developers can obtain the inertial values of the dynamics of the device, and infer different behaviors about what the user is performing. As users type on the touch keyboard with one hand, they also tilt the smartphone to reach the area to be pressed. In this paper, we show that using these zero-permissions sensors it is possible to obtain the area pressed by the user with more than 80% of accuracy in some scenarios. Moreover, correlating subsequent areas related to keyboard keys together, it is also possible to determine the words typed by the user, even for long words. This would help understanding what user are doing, though raising privacy concerns.
Bedogni L., Alcaras A., Bononi L. (2019). Permission-free Keylogging through Touch Events Eavesdropping on Mobile Devices. New York : Institute of Electrical and Electronics Engineers Inc. [10.1109/PERCOMW.2019.8730731].
Permission-free Keylogging through Touch Events Eavesdropping on Mobile Devices
Bedogni L.
Membro del Collaboration Group
;Bononi L.Membro del Collaboration Group
2019
Abstract
Mobile devices are carried by many individuals in the world, which use them to communicate with friends, browse the web, and use different applications depending on their objectives. Normally the devices are equipped with integrated sensors such as accelerometers and magnetometers, through which application developers can obtain the inertial values of the dynamics of the device, and infer different behaviors about what the user is performing. As users type on the touch keyboard with one hand, they also tilt the smartphone to reach the area to be pressed. In this paper, we show that using these zero-permissions sensors it is possible to obtain the area pressed by the user with more than 80% of accuracy in some scenarios. Moreover, correlating subsequent areas related to keyboard keys together, it is also possible to determine the words typed by the user, even for long words. This would help understanding what user are doing, though raising privacy concerns.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
