Abstract
Thermal cameras can reveal heat traces on user interfaces, such as keyboards. This can be exploited maliciously to infer sensitive input, such as passwords. While previous work considered thermal attacks that rely on visual inspection of simple image processing techniques, we show that attackers can perform more effective artificial intelligence (AI)–driven attacks. We demonstrate this by presenting the development of ThermoSecure and its evaluation in two user studies (N = 21, N = 16), which reveal novel insights about thermal attacks. We detail the implementation of ThermoSecure and make a dataset of 1,500 thermal images of keyboards with heat traces resulting from input publicly available. Our first study shows that ThermoSecure successfully attacks 6-symbol, 8-symbol, 12-symbol, and 16-symbol passwords with an average accuracy of 92%, 80%, 71%, and 55% respectively, and even higher accuracy when thermal images are taken within 30 seconds. We found that typing behavior significantly impacts vulnerability to thermal attacks: hunt-and-peck typists are more vulnerable than fast typists (92% vs. 83% thermal attack success. respectively, if performed within 30 seconds). The second study showed that keycap material has a statistically significant effect on the effectiveness of thermal attacks: ABS keycaps retain the thermal trace of user presses for a longer period of time, making them more vulnerable to thermal attacks, with a 52% average attack accuracy compared with 14% for keyboards with PBT keycaps. Finally, we discuss how systems can leverage our results to protect from thermal attacks and present 7 mitigation approaches that are based on our results and previous work.
- [1] . 2017. Stay cool! Understanding thermal attacks on mobile-based user authentication. In Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems, Denver, Colorado, (
CHI’17 ). ACM, New York, NY, 3751–3763. Google ScholarDigital Library
- [2] . 2015. Investigation of material properties for thermal imaging-based interaction. In CHI Conference on Human Factors in Computing Systems, Seoul, Republic of Korea, April 18–23, 2015. ACM, New York, NY, 15–18. Google Scholar
Digital Library
- [3] . 2020. Are thermal attacks ubiquitous? When non-expert attackers use off the shelf thermal cameras. In Proceedings of the International Conference on Advanced Visual Interfaces, Salerno, Italy (
AVI’20 ). ACM, New York, NY, Article47 , 5 pages. Google ScholarDigital Library
- [4] . 2021. Passphrases beat thermal attacks: Evaluating text input characteristics against thermal attacks on laptops and smartphones. In Human-Computer Interaction – INTERACT 2021, , , , , , , and (Eds.). Springer International Publishing, Cham, 712–721. Google Scholar
- [5] . 1999. Users are not the enemy. Communications of the ACM 42, 12 (
Dec. 1999), 40–46. Google ScholarDigital Library
- [6] . 2022. Advanced techniques for preventing thermal imaging attacks. In 27th International Conference on Intelligent User Interfaces, Helsinki, Finland (
IUI’22 Companion ). ACM, New York, NY, 18–21. Google ScholarDigital Library
- [7] . 2010. Smudge attacks on smartphone touch screens. In Proceedings of the 4th USENIX Conference on Offensive Technologies, Washington, DC (
WOOT’10 ). USENIX Association, 1–7.Google ScholarDigital Library
- [8] . 2022. Are thermal attacks a realistic threat? Investigating the preconditions of thermal attacks in users’ daily lives. In Proceedings of the 12th Nordic Conference on Human-Computer Interaction (NordiCHI’22). ACM, New York, NY. Google Scholar
Digital Library
- [9] Joseph Bonneau, Cormac Herley, Paul C. van Oorschot, and Frank Stajano. 2012. The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes. In 2012 IEEE Symposium on Security and Privacy (San Francisco Bay Area, California). IEEE, 553–567. Google Scholar
Digital Library
- [10] . 2012. Touch Me Once and I Know It’s You! Implicit Authentication Based on Touch Screen Patterns. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, New York, NY, 987–996. Google Scholar
Digital Library
- [11] . 2015. An interactive curtain for media usage in the shower. In Proceedings of the 4th International Symposium on Pervasive Displays, Saarbruecken, Germany (
PerDis’15 ). ACM, New York, NY, 225–231. Google ScholarDigital Library
- [12] . 2017. Mask R-CNN. In Proceedings of the IEEE International Conference on Computer Vision. 2961–2969.Google Scholar
Cross Ref
- [13] . 2019. Thermanator: Thermal residue-based post factum attacks on keyboard data entry. In Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, Auckland, New Zealand (
Asia CCS’19 ). ACM, New York, NY, 586–593. Google ScholarDigital Library
- [14] . 2020. In Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems. The Role of Eye Gaze in Security and Privacy Applications: Survey and Future HCI Research Directions. ACM, New York, NY, 1–21. Google Scholar
Digital Library
- [15] . 2007. The usability of passphrases for authentication: An empirical field study. International Journal of Human-Computer Studies 65, 1 (2007), 17–28.
Google Scholar Digital Library
- [16] . 1998. Cold hands, warm heart. The Lancet 351, 9114 (1998), 1492.Google Scholar
Cross Ref
- [17] . 2020. Method and device for detecting a touch between a first object and a second object.
US Patent 10,877,605. Google Scholar - [18] Vladimir I. Levenshtein et al. 1966. Binary codes capable of correcting deletions, insertions, and reversals. In Soviet Physics Doklady, Vol. 10. Soviet Union, 707–710.Google Scholar
- [19] . 2018. Physical password breaking via thermal sequence analysis. IEEE Transactions on Information Forensics and Security 14, 5 (2018), 1142–1154.Google Scholar
Digital Library
- [20] . 2021. RepliCueAuth: Validating the Use of a Lab-Based Virtual Reality Setup for Evaluating Authentication Systems. ACM, New York, NY. Google Scholar
Digital Library
- [21] . 2021. Fast and secure authentication in virtual reality using coordinated 3D manipulation and pointing. ACM Transactions on Computer-Human Interaction 28, 1, Article
6 (Jan. 2021), 44 pages. Google ScholarDigital Library
- [22] . 1997. Authentication via keystroke dynamics. In Proceedings of the 4th ACM Conference on Computer and Communications Security, Zurich, Switzerland (
CCS’97 ). ACM, New York, NY, 48–56. Google ScholarDigital Library
- [23] . 2011. Heat of the moment: Characterizing the efficacy of thermal camera-based attacks. In Proceedings of the 5th USENIX Conference on Offensive Technologies. 6–6.Google Scholar
Digital Library
- [24] . 2014. Exploiting thermal reflection for interactive systems. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, Toronto, Ontario, Canada (
CHI’14 ). ACM, New York, NY, 3483–3492. Google ScholarDigital Library
- [25] . 2013. Exploring the design space of graphical passwords on smartphones. In Proceedings of the 9th Symposium on Usable Privacy and Security, Newcastle, United Kingdom (
SOUPS’13 ). ACM, New York, NY, Article11 , 14 pages. Google ScholarDigital Library
- [26] . 2014. SmudgeSafe: Geometric image transformations for smudge-resistant user authentication. In Proceedings of the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing, Seattle, Washington (
UbiComp’14 ). ACM, New York, NY, 775–786. Google ScholarDigital Library
- [27] . 2016. Designing password policies for strength and usability. ACM Transactions on Information and System Security 18, 4, Article
13 (May 2016), 34 pages. Google ScholarDigital Library
- [28] . 2015. SwiPIN: Fast and Secure PIN-Entry on Smartphones. ACM, New York, NY, 1403–1406. Google Scholar
Digital Library
- [29] . 2013. Making graphic-based authentication secure against smudge attacks. In Proceedings of the 2013 International Conference on Intelligent User Interfaces, Santa Monica, CA, (
IUI’13 ). ACM, New York, NY, 277–286. Google ScholarDigital Library
- [30] . 2011. Is older colder or colder older? The association of age with body temperature in 18,630 individuals. The Journals of Gerontology: Series A 66A, 5 (
02 2011), 487–492.arXiv:https://academic.oup.com/biomedgerontology/article-pdf/66A/5/487/1 529621/glr001.pdf .Google ScholarCross Ref
- [31] . 2016. Thermal imaging attacks on keypad security systems. In SECRYPT. 458–464.Google Scholar
- [32] . 2014. Contrast limited adaptive histogram equalization based enhancement for real time video system. In 2014 International Conference on Advances in Computing, Communications and Informatics (ICACCI’14). 2392–2397. Google Scholar
Cross Ref
- [33] . 2007. Thermal Conductivity. Springer, New York, NY, 155–163. Google Scholar
Cross Ref
- [34] . 2018. A video-based attack for Android pattern lock. ACM Transactions on Privacy and Security 21, 4, Article
19 (July 2018), 31 pages. Google ScholarDigital Library
Index Terms
ThermoSecure: Investigating the Effectiveness of AI-Driven Thermal Attacks on Commonly Used Computer Keyboards
Recommendations
Advanced Techniques for Preventing Thermal Imaging Attacks
IUI '22 Companion: 27th International Conference on Intelligent User InterfacesThermal cameras can be used to detect user input on interfaces, such as touchscreens, keyboards, and PIN pads, by recording the heat traces left by the users’ fingers after interaction (e.g., typing a message or entering a PIN) and using them to ...
Are Thermal Attacks Ubiquitous?: When Non-Expert Attackers Use Off the shelf Thermal Cameras
AVI '20: Proceedings of the International Conference on Advanced Visual InterfacesRecent work showed that using image processing techniques on thermal images taken by high-end equipment reveals passwords entered on touchscreens and keyboards. In this paper, we investigate the susceptibility of common touch inputs to thermal attacks ...
Are Thermal Attacks a Realistic Threat? Investigating the Preconditions of Thermal Attacks in Users’ Daily Lives
NordiCHI '22: Nordic Human-Computer Interaction ConferenceThermal attacks refer to the possibility of capturing heat traces that result from interacting with user interfaces to reveal sensitive input, such as passwords. The technical feasibility and effectiveness of thermal attacks have already been ...






Comments