Abstract

Keystroke inference attacks pose an increasing threat to ubiquitous mobile devices. This paper presents EyeTell, a novel video-assisted attack that can infer a victim's keystrokes on his touchscreen device from a video capturing his eye movements. EyeTell explores the observation that human eyes naturally focus on and follow the keys they type, so a typing sequence on a soft keyboard results in a unique gaze trace of continuous eye movements. In contrast to prior work, EyeTell requires neither the attacker to visually observe the victim's inputting process nor the victim device to be placed on a static holder. Comprehensive experiments on iOS and Android devices confirm the high efficacy of EyeTell for inferring PINs, lock patterns, and English words under various environmental conditions.

Original languageEnglish (US)
Title of host publicationProceedings - 2018 IEEE Symposium on Security and Privacy, SP 2018
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages144-160
Number of pages17
ISBN (Electronic)9781538643525
DOIs
StatePublished - Jul 23 2018
Event39th IEEE Symposium on Security and Privacy, SP 2018 - San Francisco, United States
Duration: May 21 2018May 23 2018

Publication series

NameProceedings - IEEE Symposium on Security and Privacy
Volume2018-May
ISSN (Print)1081-6011

Other

Other39th IEEE Symposium on Security and Privacy, SP 2018
Country/TerritoryUnited States
CitySan Francisco
Period5/21/185/23/18

Keywords

  • keystroke inference
  • mobile devices
  • security
  • video analysis

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Software
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'EyeTell: Video-Assisted Touchscreen Keystroke Inference from Eye Movements'. Together they form a unique fingerprint.

Cite this