research-article

MoLe: Motion Leaks through Smartwatch Sensors

Authors:

Ted Tsung-Te Lai,

Romit Roy ChoudhuryAuthors Info & Claims

MobiCom '15: Proceedings of the 21st Annual International Conference on Mobile Computing and Networking

Pages 155 - 166

https://doi.org/10.1145/2789168.2790121

Published: 07 September 2015 Publication History

Abstract

Imagine a user typing on a laptop keyboard while wearing a smart watch. This paper asks whether motion sensors from the watch can leak information about what the user is typing. While its not surprising that some information will be leaked, the question is how much? We find that when motion signal processing is combined with patterns in English language, the leakage is substantial. Reported results show that when a user types a word $W$, it is possible to shortlist a median of 24 words, such that $W$ is in this shortlist. When the word is longer than $6$ characters, the median shortlist drops to $10$. Of course, such leaks happen without requiring any training from the user, and also under the (obvious) condition that the watch is only on the left hand. We believe this is surprising and merits awareness, especially in light of various continuous sensing apps that are emerging in the app market. Moreover, we discover additional "leaks" that can further reduce the shortlist -- we leave these exploitations to future work.

References

[1]

Sandip Agrawal, Ionut Constandache, Shravan Gaonkar, Romit Roy Choudhury, Kevin Caves, and Frank DeRuyter, "Using mobile phones to write in air," in Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services. 2011, MobiSys '11, pp. 15--28, ACM.

Digital Library

[2]

Shahriar Nirjon, Jeremy Gummeson, Dan Gelb, and Kyu-Han Kim, "TypingRing: A wearable ring platform for text input," in Proceedings of the 13th Annual International Conference on Mobile Systems, Applications, and Services. 2015, MobiSys '15, pp. 227--239, ACM.

Digital Library

[3]

Jiayang Liu, Zhen Wang, Lin Zhong, J. Wickramasuriya, and V. Vasudevan, "uWave: Accelerometer-based personalized gesture recognition and its applications," in Pervasive Computing and Communications, 2009. PerCom 2009. IEEE International Conference on, March 2009, pp. 1--9.

Digital Library

[4]

Chao Xu, Parth H. Pathak, and Prasant Mohapatra, "Finger-writing with smartwatch: A case for finger and hand gesture recognition using smartwatch," in Proceedings of the 16th International Workshop on Mobile Computing Systems and Applications. 2015, HotMobile '15, pp. 9--14, ACM.

Digital Library

[5]

Abhinav Parate, Meng-Chieh Chiu, Chaniel Chadowitz, Deepak Ganesan, and Evangelos Kalogerakis, "Risq: Recognizing smoking gestures with inertial sensors on a wristband," in Proceedings of the 12th Annual International Conference on Mobile Systems, Applications, and Services. 2014, MobiSys '14, pp. 149--161, ACM.

Digital Library

[6]

Sangki Yun, Yi-Chao Chen, and Lili Qiu, "Turning a mobile device into a mouse in the air," in Proceedings of the 13th Annual International Conference on Mobile Systems, Applications, and Services. 2015, MobiSys '15, pp. 15--29, ACM.

Digital Library

[7]

"Word Frequency Data Set," http://www.wordfrequency.info/.

[8]

"MATLAB Peak Analysis Library," http://www.mathworks.com/help/signal/examples/peak-analysis.html.

[9]

"Camera Calibration Toolbox for Matlab," http://www.vision.caltech.edu/bouguetj/calib_doc/.

[10]

Li Zhuang, Feng Zhou, and J. D. Tygar, "Keyboard acoustic emanations revisited," ACM Trans. Inf. Syst. Secur., vol. 13, no. 1, pp. 3:1--3:26, Nov. 2009.

Digital Library

[11]

Dmitri Asonov and Rakesh Agrawal, "Keyboard acoustic emanations," in Security and Privacy, 2004. Proceedings. 2004 IEEE Symposium on, May 2004, pp. 3--11.

[12]

Denis Foo Kune and Yongdae Kim, "Timing attacks on pin input devices," in Proceedings of the 17th ACM Conference on Computer and Communications Security. 2010, CCS '10, pp. 678--680, ACM.

Digital Library

[13]

Dawn Xiaodong Song, David Wagner, and Xuqing Tian, "Timing analysis of keystrokes and timing attacks on SSH," in Proceedings of the 10th Conference on USENIX Security Symposium - Volume 10. 2001, SSYM'01, USENIX Association.

Digital Library

[14]

Kevin S. Killourhy and Roy A. Maxion, "Comparing anomaly-detection algorithms for keystroke dynamics," in Dependable Systems Networks, 2009. DSN '09. IEEE/IFIP International Conference on, June 2009, pp. 125--134.

[15]

"Key Sweeper," http://samy.pl/keysweeper/.

[16]

Martin Vuagnoux and Sylvain Pasini, "Compromising electromagnetic emanations of wired and wireless keyboards," in Proceedings of the 18th Conference on USENIX Security Symposium. 2009, SSYM'09, pp. 1--16, USENIX Association.

Digital Library

[17]

Philip Marquardt, Arunabh Verma, Henry Carter, and Patrick Traynor, "(sp)iphone: Decoding vibrations from nearby keyboards using mobile phone accelerometers," in Proceedings of the 18th ACM Conference on Computer and Communications Security. 2011, CCS '11, pp. 551--562, ACM.

Digital Library

[18]

Emmanuel Owusu, Jun Han, Sauvik Das, Adrian Perrig, and Joy Zhang, "Accessory: Password inference using accelerometers on smartphones," in Proceedings of the Twelfth Workshop on Mobile Computing Systems and Applications. 2012, HotMobile '12, pp. 9:1--9:6, ACM.

Digital Library

[19]

Liang Cai and Hao Chen, "TouchLogger: Inferring keystrokes on touch screen from smartphone motion," in Proceedings of the 6th USENIX Conference on Hot Topics in Security. 2011, HotSec'11, pp. 9--9, USENIX Association.

Digital Library

[20]

Liang Cai and Hao Chen, "On the practicality of motion based keystroke inference attack," in Proceedings of the 5th International Conference on Trust and Trustworthy Computing. 2012, TRUST'12, pp. 273--290, Springer-Verlag.

Digital Library

[21]

Emiliano Miluzzo, Alexander Varshavsky, Suhrid Balakrishnan, and Romit Roy Choudhury, "Tapprints: Your finger taps have fingerprints," in Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services. 2012, MobiSys '12, pp. 323--336, ACM.

Digital Library

[22]

Yan Michalevsky, Dan Boneh, and Gabi Nakibly, "Gyrophone: Recognizing speech from gyroscope signals," in 23rd USENIX Security Symposium (USENIX Security 14). Aug. 2014, pp. 1053--1067, USENIX Association.

Digital Library

Cited By

Ning JXie LYan ZBu YLuo JGanesan DShi W(2024)MoiréVision: A Generalized Moiré-based Mechanism for 6-DoF Motion SensingProceedings of the 30th Annual International Conference on Mobile Computing and Networking10.1145/3636534.3649374(467-481)Online publication date: 29-May-2024
https://dl.acm.org/doi/10.1145/3636534.3649374
Cao YLi FChen HLiu XZhai SYang SWang Y(2024)Live Speech Recognition via Earphone Motion SensorsIEEE Transactions on Mobile Computing10.1109/TMC.2023.333321423:6(7284-7300)Online publication date: Jun-2024
https://doi.org/10.1109/TMC.2023.3333214
Gao MZhang LShen LZou XHan JLin FRen K(2024)Exploring Practical Acoustic Transduction Attacks on Inertial Sensors in MDOF SystemsIEEE Transactions on Mobile Computing10.1109/TMC.2023.3277287(1-18)Online publication date: 2024
https://doi.org/10.1109/TMC.2023.3277287
Show More Cited By

Index Terms

MoLe: Motion Leaks through Smartwatch Sensors

Recommendations

Identification of Cryptographic Vulnerability and Malware Detection in Android

Android based Smartphones are nowadays getting more popular. While using Smartphone, user is always concerned about security and malicious attacks, cryptographic vulnerability of the applications. With increase in the number of Android mobiles, Android ...
Information protection of end users on the web: privacy issues and measures

In the current world, everyone needs to be connected to the internet. However, as technology develops, online scammers also advance with technology. To protect private information, the end users must ensure their data is protected. There are ways of ...
Security Busters

URL blacklists are used by the majority of modern web browsers as a means to protect users from rogue web sites, i.e. those serving malware and/or hosting phishing scams. There is a plethora of URL blacklists/reputation services, out of which Google's ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

MobiCom '15: Proceedings of the 21st Annual International Conference on Mobile Computing and Networking

September 2015

638 pages

ISBN:9781450336192

DOI:10.1145/2789168

General Chairs:
Serge Fdida
UPMC/LIP6, France
,
Giovanni Pau
UPMC/LIP6, France
,
Program Chairs:
Sneha Kumar Kasera
University of Utah, USA
,
Heather Zheng
University of California, Santa Barbara, USA

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 September 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

MobiCom'15

Sponsor:

SIGMOBILE

MobiCom'15: The 21th Annual International Conference on Mobile Computing and Networking

September 7 - 11, 2015

Paris, France

Acceptance Rates

MobiCom '15 Paper Acceptance Rate 38 of 207 submissions, 18%;

Overall Acceptance Rate 440 of 2,972 submissions, 15%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

178
Total Citations
View Citations
1,638
Total Downloads

Downloads (Last 12 months)77
Downloads (Last 6 weeks)4

Reflects downloads up to 10 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Ning JXie LYan ZBu YLuo JGanesan DShi W(2024)MoiréVision: A Generalized Moiré-based Mechanism for 6-DoF Motion SensingProceedings of the 30th Annual International Conference on Mobile Computing and Networking10.1145/3636534.3649374(467-481)Online publication date: 29-May-2024
https://dl.acm.org/doi/10.1145/3636534.3649374
Cao YLi FChen HLiu XZhai SYang SWang Y(2024)Live Speech Recognition via Earphone Motion SensorsIEEE Transactions on Mobile Computing10.1109/TMC.2023.333321423:6(7284-7300)Online publication date: Jun-2024
https://doi.org/10.1109/TMC.2023.3333214
Gao MZhang LShen LZou XHan JLin FRen K(2024)Exploring Practical Acoustic Transduction Attacks on Inertial Sensors in MDOF SystemsIEEE Transactions on Mobile Computing10.1109/TMC.2023.3277287(1-18)Online publication date: 2024
https://doi.org/10.1109/TMC.2023.3277287
Yin YXie LJiang ZXiao FCao JLu S(2024)A Systematic Review of Human Activity Recognition Based on Mobile Devices: Overview, Progress and TrendsIEEE Communications Surveys & Tutorials10.1109/COMST.2024.335759126:2(890-929)Online publication date: Oct-2025
https://doi.org/10.1109/COMST.2024.3357591
Flores GNahapetian A(2024)Keyboardless Keyboard: Smart Phone Gyroscope for Improved User Interface2024 IEEE 21st Consumer Communications & Networking Conference (CCNC)10.1109/CCNC51664.2024.10454832(472-477)Online publication date: 6-Jan-2024
https://doi.org/10.1109/CCNC51664.2024.10454832
Althebeiti HGedawy RAlghuried ANyang DMohaisen D(2024)Defending AirType Against Inference Attacks Using 3D In-Air Keyboard Layouts: Design and EvaluationInformation Security Applications10.1007/978-981-99-8024-6_13(159-174)Online publication date: 11-Jan-2024
https://doi.org/10.1007/978-981-99-8024-6_13
Weber DThomas FGerlach LZhang RSchwarz M(2024)Indirect Meltdown: Building Novel Side-Channel Attacks from Transient-Execution AttacksComputer Security – ESORICS 202310.1007/978-3-031-51479-1_2(22-42)Online publication date: 12-Jan-2024
https://doi.org/10.1007/978-3-031-51479-1_2
Gong TKim YOrzikulova ALiu YHwang SShin JLee S(2023)DAPPERProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/35962567:2(1-27)Online publication date: 12-Jun-2023
https://dl.acm.org/doi/10.1145/3596256
Zhang TYe ZMahdad AAkanda MShi CWang YSaxena NChen YMeng WJensen CCremers CKirda E(2023)FaceReader: Unobtrusively Mining Vital Signs and Vital Sign Embedded Sensitive Info via AR/VR Motion SensorsProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623102(446-459)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623102
Kinfe AJung CLin KClyburn MSuya F(2023)HackWrt: Network Traffic-Based Eavesdropping of HandwritingProceedings of Cyber-Physical Systems and Internet of Things Week 202310.1145/3576914.3589667(55-60)Online publication date: 9-May-2023
https://dl.acm.org/doi/10.1145/3576914.3589667
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

ePub

View this article in ePub.

Media

Figures

Other

Tables

View Table of Contents