aLeak : Context-Free Side-Channel from Your Smart Watch Leaks Your Typing Privacy

Research output: Journal Publications and Reviews (RGC: 21, 22, 62)21_Publication in refereed journal

View graph of relations

Related Research Unit(s)

Detail(s)

Original languageEnglish
Article number8718344
Pages (from-to)1775-1788
Journal / PublicationIEEE Transactions on Mobile Computing
Volume19
Issue number8
Online published20 May 2019
Publication statusPublished - Aug 2020

Abstract

We revisit a crucial privacy problem in this paper — can the sensitive information, like the numeric passwords and personal data, frequently typed by user on mobile devices be inferred through the motion sensors of wearable device on user's wrist, e.g., smart watch or wrist band? Existing works have achieved the initial success under certain context-aware conditions, such as 1) the horizontal keypad plane, 2) the known keyboard size, 3) and/or the last keystroke on a fixed "enter" button. Taking one step further, the key contribution of this paper is to fully demonstrate, more importantly alarm people, the further risks of typing privacy leakage in much more generalized context-free scenarios, which are related to most of us for the daily usage of mobile devices. We validate this feasibility by addressing a series of unsolved challenges and developing a prototype system aLeak. Extensive experiments show the efficacy of aLeak, which achieves promising successful rates in the attack from more than 500 rounds of different users' typings on various mobile platforms without any context-related information.

Research Area(s)

  • Privacy leakage, Wearable device, Wearable sensing, Side-channel