Details
Originalsprache | Englisch |
---|---|
Titel des Sammelwerks | Participative Computing for Sustainable Futures - Proceedings of the 12th Nordic Conference on Human-Computer Interaction, NordiCHI 2022 |
Herausgeber (Verlag) | Association for Computing Machinery (ACM) |
ISBN (elektronisch) | 9781450396998 |
Publikationsstatus | Veröffentlicht - 8 Okt. 2022 |
Veranstaltung | 12th Nordic Conference on Human-Computer Interaction: Participative Computing for Sustainable Futures, NordiCHI 2022 - Aarhus, Dänemark Dauer: 8 Okt. 2022 → 12 Okt. 2022 |
Publikationsreihe
Name | ACM International Conference Proceeding Series |
---|
Abstract
Thermal attacks refer to the possibility of capturing heat traces that result from interacting with user interfaces to reveal sensitive input, such as passwords. The technical feasibility and effectiveness of thermal attacks have already been demonstrated. Yet, several preconditions have to be met for successful thermal attacks. In this paper, we investigate user awareness of thermal attacks and to which extent the attack's preconditions are met in the users' daily lives. We present results from an online study with 101 participants showing that users are frequently at risk of thermal attacks based on their behavior, e.g., due to leaving devices unattended, or their choice of authentication method. Further, only 7 of our 101 participants had heard of thermal attacks. Based on our results, we discuss the implications on user security, operators of public spaces, and the development of thermal attack-resistant input methods.
ASJC Scopus Sachgebiete
- Informatik (insg.)
- Software
- Informatik (insg.)
- Mensch-Maschine-Interaktion
- Informatik (insg.)
- Maschinelles Sehen und Mustererkennung
- Informatik (insg.)
- Computernetzwerke und -kommunikation
Zitieren
- Standard
- Harvard
- Apa
- Vancouver
- BibTex
- RIS
Participative Computing for Sustainable Futures - Proceedings of the 12th Nordic Conference on Human-Computer Interaction, NordiCHI 2022. Association for Computing Machinery (ACM), 2022. 3546706 (ACM International Conference Proceeding Series).
Publikation: Beitrag in Buch/Bericht/Sammelwerk/Konferenzband › Aufsatz in Konferenzband › Forschung › Peer-Review
}
TY - GEN
T1 - Are Thermal Attacks a Realistic Threat? Investigating the Preconditions of Thermal Attacks in Users' Daily Lives
AU - Bekaert, Paul
AU - Alotaibi, Norah
AU - Mathis, Florian
AU - Gerber, Nina
AU - Rafferty, Aidan Christopher
AU - Khamis, Mohamed
AU - Marky, Karola
N1 - Funding Information: This work was supported by the University of Edinburgh and the University of Glasgow jointly funded PhD studentships, by an EPSRC New Investigator award (EP/V008870/1) and by the PE-TRAS National Centre of Excellence for IoT Systems Cybersecurity, which has been funded by the UK EPSRC under grant number EP/S035362/1.
PY - 2022/10/8
Y1 - 2022/10/8
N2 - Thermal attacks refer to the possibility of capturing heat traces that result from interacting with user interfaces to reveal sensitive input, such as passwords. The technical feasibility and effectiveness of thermal attacks have already been demonstrated. Yet, several preconditions have to be met for successful thermal attacks. In this paper, we investigate user awareness of thermal attacks and to which extent the attack's preconditions are met in the users' daily lives. We present results from an online study with 101 participants showing that users are frequently at risk of thermal attacks based on their behavior, e.g., due to leaving devices unattended, or their choice of authentication method. Further, only 7 of our 101 participants had heard of thermal attacks. Based on our results, we discuss the implications on user security, operators of public spaces, and the development of thermal attack-resistant input methods.
AB - Thermal attacks refer to the possibility of capturing heat traces that result from interacting with user interfaces to reveal sensitive input, such as passwords. The technical feasibility and effectiveness of thermal attacks have already been demonstrated. Yet, several preconditions have to be met for successful thermal attacks. In this paper, we investigate user awareness of thermal attacks and to which extent the attack's preconditions are met in the users' daily lives. We present results from an online study with 101 participants showing that users are frequently at risk of thermal attacks based on their behavior, e.g., due to leaving devices unattended, or their choice of authentication method. Further, only 7 of our 101 participants had heard of thermal attacks. Based on our results, we discuss the implications on user security, operators of public spaces, and the development of thermal attack-resistant input methods.
KW - side-channel attacks
KW - thermal attacks
KW - usable privacy
KW - usable security
UR - http://www.scopus.com/inward/record.url?scp=85140900903&partnerID=8YFLogxK
U2 - 10.1145/3546155.3546706
DO - 10.1145/3546155.3546706
M3 - Conference contribution
AN - SCOPUS:85140900903
T3 - ACM International Conference Proceeding Series
BT - Participative Computing for Sustainable Futures - Proceedings of the 12th Nordic Conference on Human-Computer Interaction, NordiCHI 2022
PB - Association for Computing Machinery (ACM)
T2 - 12th Nordic Conference on Human-Computer Interaction: Participative Computing for Sustainable Futures, NordiCHI 2022
Y2 - 8 October 2022 through 12 October 2022
ER -