The Experts below are selected from a list of 11097 Experts worldwide ranked by ideXlab platform
Muhammad Shahzad - One of the best experts on this subject based on the ideXlab platform.
-
Recognizing Keystrokes Using WiFi Devices
IEEE Journal on Selected Areas in Communications, 2017Co-Authors: Kamran Ali, Alex X Liu, Wei Wang, Muhammad ShahzadAbstract:Keystroke privacy is critical for ensuring the security of computer systems and the privacy of human users as what is being typed could be passwords or privacy sensitive information. In this paper, we show for the first time that WiFi signals can also be exploited to recognize Keystrokes. The intuition is that while typing a certain key, the hands and fingers of a user move in a unique formation and direction and thus generate a unique pattern in the time-series of channel state information (CSI) values, which we call CSI-waveform for that key. In this paper, we propose a WiFi signal-based Keystroke recognition system called WiKey. WiKey consists of two commercial off-the-shelf WiFi devices, a sender (such as a router) and a receiver (such as a laptop). The sender continuously emits signals and the receiver continuously receives signals. When a human subject types on a keyboard, WiKey recognizes the typed keys based on how the CSI values at the WiFi signal receiver end. We implemented the WiKey system using a TP-Link TL-WR1043ND WiFi router and a Lenovo X200 laptop. WiKey achieves over 97.5% detection rate for detecting the Keystroke and 96.4% recognition accuracy for classifying single keys. In real-world experiments, WiKey can recognize Keystrokes in a continuously typed sentence with an accuracy of 93.5%. WiKey can also recognize complete words inside a sentence with over 85% accuracy.
-
Keystroke recognition using wifi signals
ACM IEEE International Conference on Mobile Computing and Networking, 2015Co-Authors: Kamran Ali, Alex X Liu, Wei Wang, Muhammad ShahzadAbstract:Keystroke privacy is critical for ensuring the security of computer systems and the privacy of human users as what being typed could be passwords or privacy sensitive information. In this paper, we show for the first time that WiFi signals can also be exploited to recognize Keystrokes. The intuition is that while typing a certain key, the hands and fingers of a user move in a unique formation and direction and thus generate a unique pattern in the time-series of Channel State Information (CSI) values, which we call CSI-waveform for that key. In this paper, we propose a WiFi signal based Keystroke recognition system called WiKey. WiKey consists of two Commercial Off-The-Shelf (COTS) WiFi devices, a sender (such as a router) and a receiver (such as a laptop). The sender continuously emits signals and the receiver continuously receives signals. When a human subject types on a keyboard, WiKey recognizes the typed keys based on how the CSI values at the WiFi signal receiver end. We implemented the WiKey system using a TP-Link TL-WR1043ND WiFi router and a Lenovo X200 laptop. WiKey achieves more than 97.5\% detection rate for detecting the Keystroke and 96.4% recognition accuracy for classifying single keys. In real-world experiments, WiKey can recognize Keystrokes in a continuously typed sentence with an accuracy of 93.5%.
-
MobiCom - Keystroke Recognition Using WiFi Signals
Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, 2015Co-Authors: Kamran Ali, Alex X Liu, Wei Wang, Muhammad ShahzadAbstract:Keystroke privacy is critical for ensuring the security of computer systems and the privacy of human users as what being typed could be passwords or privacy sensitive information. In this paper, we show for the first time that WiFi signals can also be exploited to recognize Keystrokes. The intuition is that while typing a certain key, the hands and fingers of a user move in a unique formation and direction and thus generate a unique pattern in the time-series of Channel State Information (CSI) values, which we call CSI-waveform for that key. In this paper, we propose a WiFi signal based Keystroke recognition system called WiKey. WiKey consists of two Commercial Off-The-Shelf (COTS) WiFi devices, a sender (such as a router) and a receiver (such as a laptop). The sender continuously emits signals and the receiver continuously receives signals. When a human subject types on a keyboard, WiKey recognizes the typed keys based on how the CSI values at the WiFi signal receiver end. We implemented the WiKey system using a TP-Link TL-WR1043ND WiFi router and a Lenovo X200 laptop. WiKey achieves more than 97.5\% detection rate for detecting the Keystroke and 96.4% recognition accuracy for classifying single keys. In real-world experiments, WiKey can recognize Keystrokes in a continuously typed sentence with an accuracy of 93.5%.
Vir V. Phoha - One of the best experts on this subject based on the ideXlab platform.
-
WIFS - Enhanced free-text Keystroke continuous authentication based on dynamics of wrist motion
2017 IEEE Workshop on Information Forensics and Security (WIFS), 2017Co-Authors: Borui Li, Vir V. PhohaAbstract:Free-text Keystroke is a form of behavioral biometrics which has great potential for addressing the security limitations of conventional one-time authentication by continuously monitoring the user's typing behaviors. This paper presents a new, enhanced continuous authentication approach by incorporating the dynamics of both Keystrokes and wrist motions. Based upon two sets of features (free-text Keystroke latency features and statistical wrist motion patterns extracted from the wrist-worn smartwatches), two one-vs-all Random Forest Ensemble Classifiers (RFECs) are constructed and trained respectively. A Dynamic Trust Model (DTM) is then developed to fuse the two classifiers' decisions and realize non-time-blocked real-time authentication. In the free-text typing experiments involving 25 human subjects, an imposter/intruder can be detected within no more than one sentence (average 56 Keystrokes) with an FRR of 1.82% and an FAR of 1.94%. Compared with the scheme relying on only Keystroke latency which has an FRR of 4.66%, an FAR of 17.92% and the required number of Keystroke of 162, the proposed authentication system shows significant improvements in terms of accuracy, efficiency, and usability.
-
Examining a Large Keystroke Biometrics Dataset for Statistical-Attack Openings
ACM Transactions on Information and System Security, 2013Co-Authors: Abdul Serwadda, Vir V. PhohaAbstract:Research on Keystroke-based authentication has traditionally assumed human impostors who generate forgeries by physically typing on the keyboard. With bots now well understood to have the capacity to originate precisely timed Keystroke sequences, this model of attack is likely to underestimate the threat facing a Keystroke-based system in practice. In this work, we investigate how a Keystroke-based authentication system would perform if it were subjected to synthetic attacks designed to mimic the typical user. To implement the attacks, we perform a rigorous statistical analysis on Keystroke biometrics data collected over a 2-year period from more than 3000 users, and then use the observed statistical traits to design and launch algorithmic attacks against three state-of-the-art password-based Keystroke verification systems. Relative to the zero-effort attacks typically used to test the performance of Keystroke biometric systems, we show that our algorithmic attack increases the mean Equal Error Rates (EERs) of three high performance Keystroke verifiers by between 28.6p and 84.4p. We also find that the impact of the attack is more pronounced when the Keystroke profiles subjected to the attack are based on shorter strings, and that some users see considerably greater performance degradation under the attack than others. This article calls for a shift from the traditional zero-effort approach of testing the performance of password-based Keystroke verifiers, to a more rigorous algorithmic approach that captures the threat posed by today’s bots.
-
Snoop-Forge-Replay Attacks on Continuous Verification With Keystrokes
IEEE Transactions on Information Forensics and Security, 2013Co-Authors: Khandaker Abir Rahman, Kiran S. Balagani, Vir V. PhohaAbstract:We present a new attack called the snoop-forge-replay attack on Keystroke-based continuous verification systems. The snoop-forge-replay is a sample-level forgery attack and is not specific to any particular Keystroke-based continuous verification method or system. It can be launched with easily available keyloggers and APIs for Keystroke synthesis. Our results from 2640 experiments show that: 1) the snoop-forge-replay attacks achieve alarmingly high error rates compared to zero-effort impostor attacks, which have been the de facto standard for evaluating Keystroke-based continuous verification systems; 2) four state-of-the-art verification methods, three types of Keystroke latencies, and 11 matching-pair settings (-a key parameter in continuous verification with Keystrokes) that we examined in this paper were susceptible to the attack; 3) the attack is effective even when as low as 20 to 100 Keystrokes were snooped to create forgeries. In light of our results, we question the security offered by current Keystroke-based continuous verification systems. Additionally, in our experiments, we harnessed virtualization technology to generate thousands of Keystroke forgeries within a short time span. We point out that virtualization setup such as the one used in our experiments can also be exploited by an attacker to scale and speedup the attack.
-
On the discriminability of Keystroke feature vectors used in fixed text Keystroke authentication
Pattern Recognition Letters, 2011Co-Authors: Kiran S. Balagani, Vir V. Phoha, Asok Ray, Shashi PhohaAbstract:Heterogeneous and aggregate vectors are the two widely used feature vectors in fixed text Keystroke authentication. In this paper, we address the question ''Which vectors, heterogeneous, aggregate, or a combination of both, are more discriminative and why?'' We accomplish this in three ways - (1) by providing an intuitive example to illustrate how aggregation of features inherently reduces discriminability; (2) by formulating ''discriminability'' as a non-parametric estimate of Bhattacharya distance, we show theoretically that the discriminability of a heterogeneous vector is higher than an aggregate vector; and (3) by conducting user recognition experiments using a dataset containing Keystrokes from 33 users typing a 32-character reference text, we empirically validate our theoretical analysis. To compare the discriminability of heterogeneous and aggregate vectors with different combinations of Keystroke features, we conduct feature selection analysis using three methods: (1) ReliefF, (2) correlation based feature selection, and (3) consistency based feature selection. Results of feature selection analysis reinforce the findings of our theoretical analysis.
Kamran Ali - One of the best experts on this subject based on the ideXlab platform.
-
Recognizing Keystrokes Using WiFi Devices
IEEE Journal on Selected Areas in Communications, 2017Co-Authors: Kamran Ali, Alex X Liu, Wei Wang, Muhammad ShahzadAbstract:Keystroke privacy is critical for ensuring the security of computer systems and the privacy of human users as what is being typed could be passwords or privacy sensitive information. In this paper, we show for the first time that WiFi signals can also be exploited to recognize Keystrokes. The intuition is that while typing a certain key, the hands and fingers of a user move in a unique formation and direction and thus generate a unique pattern in the time-series of channel state information (CSI) values, which we call CSI-waveform for that key. In this paper, we propose a WiFi signal-based Keystroke recognition system called WiKey. WiKey consists of two commercial off-the-shelf WiFi devices, a sender (such as a router) and a receiver (such as a laptop). The sender continuously emits signals and the receiver continuously receives signals. When a human subject types on a keyboard, WiKey recognizes the typed keys based on how the CSI values at the WiFi signal receiver end. We implemented the WiKey system using a TP-Link TL-WR1043ND WiFi router and a Lenovo X200 laptop. WiKey achieves over 97.5% detection rate for detecting the Keystroke and 96.4% recognition accuracy for classifying single keys. In real-world experiments, WiKey can recognize Keystrokes in a continuously typed sentence with an accuracy of 93.5%. WiKey can also recognize complete words inside a sentence with over 85% accuracy.
-
Keystroke recognition using wifi signals
ACM IEEE International Conference on Mobile Computing and Networking, 2015Co-Authors: Kamran Ali, Alex X Liu, Wei Wang, Muhammad ShahzadAbstract:Keystroke privacy is critical for ensuring the security of computer systems and the privacy of human users as what being typed could be passwords or privacy sensitive information. In this paper, we show for the first time that WiFi signals can also be exploited to recognize Keystrokes. The intuition is that while typing a certain key, the hands and fingers of a user move in a unique formation and direction and thus generate a unique pattern in the time-series of Channel State Information (CSI) values, which we call CSI-waveform for that key. In this paper, we propose a WiFi signal based Keystroke recognition system called WiKey. WiKey consists of two Commercial Off-The-Shelf (COTS) WiFi devices, a sender (such as a router) and a receiver (such as a laptop). The sender continuously emits signals and the receiver continuously receives signals. When a human subject types on a keyboard, WiKey recognizes the typed keys based on how the CSI values at the WiFi signal receiver end. We implemented the WiKey system using a TP-Link TL-WR1043ND WiFi router and a Lenovo X200 laptop. WiKey achieves more than 97.5\% detection rate for detecting the Keystroke and 96.4% recognition accuracy for classifying single keys. In real-world experiments, WiKey can recognize Keystrokes in a continuously typed sentence with an accuracy of 93.5%.
-
MobiCom - Keystroke Recognition Using WiFi Signals
Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, 2015Co-Authors: Kamran Ali, Alex X Liu, Wei Wang, Muhammad ShahzadAbstract:Keystroke privacy is critical for ensuring the security of computer systems and the privacy of human users as what being typed could be passwords or privacy sensitive information. In this paper, we show for the first time that WiFi signals can also be exploited to recognize Keystrokes. The intuition is that while typing a certain key, the hands and fingers of a user move in a unique formation and direction and thus generate a unique pattern in the time-series of Channel State Information (CSI) values, which we call CSI-waveform for that key. In this paper, we propose a WiFi signal based Keystroke recognition system called WiKey. WiKey consists of two Commercial Off-The-Shelf (COTS) WiFi devices, a sender (such as a router) and a receiver (such as a laptop). The sender continuously emits signals and the receiver continuously receives signals. When a human subject types on a keyboard, WiKey recognizes the typed keys based on how the CSI values at the WiFi signal receiver end. We implemented the WiKey system using a TP-Link TL-WR1043ND WiFi router and a Lenovo X200 laptop. WiKey achieves more than 97.5\% detection rate for detecting the Keystroke and 96.4% recognition accuracy for classifying single keys. In real-world experiments, WiKey can recognize Keystrokes in a continuously typed sentence with an accuracy of 93.5%.
Marco Gruteser - One of the best experts on this subject based on the ideXlab platform.
-
MobiCom - VibKeyboard: virtual keyboard leveraging physical vibration: demo
Proceedings of the 22nd Annual International Conference on Mobile Computing and Networking, 2016Co-Authors: Yingying Chen, Marco GruteserAbstract:VibKeyboard could accurately determine the location of a Keystroke on extended surface areas leveraging a single vibration sensor. Unlike capacitive sensing, it does not require conductive materials and compared to audio sensing it is more robust to acoustic noise. In VibKeyboard, the received vibration signals are determined by the location of the touch impact. This allows location discrimination of touches precise enough to enable emerging applications such as virtual keyboards on ubiquitous surfaces for mobile devices. VibKeyboard seeks to extract unique features in frequency domain embedded in the vibration signal attenuation and interference and perform fine grained localization. Our experimental results demonstrate that VibKeyboard could accurately recognize Keystrokes from close-by keys on a nearby virtual keyboard.
-
MobiCom - Snooping Keystrokes with mm-level Audio Ranging on a Single Phone
Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, 2015Co-Authors: Jian Liu, Yingying Chen, Yan Wang, Gorkem Kar, Jie Yang, Marco GruteserAbstract:This paper explores the limits of audio ranging on mobile devices in the context of a Keystroke snooping scenario. Acoustic Keystroke snooping is challenging because it requires distinguishing and labeling sounds generated by tens of keys in very close proximity. Existing work on acoustic Keystroke recognition relies on training with labeled data, linguistic context, or multiple phones placed around a keyboard --- requirements that limit usefulness in an adversarial context. In this work, we show that mobile audio hardware advances can be exploited to discriminate mm-level position differences and that this makes it feasible to locate the origin of Keystrokes from only a single phone behind the keyboard. The technique clusters Keystrokes using time-difference of arrival measurements as well as acoustic features to identify multiple strokes of the same key. It then computes the origin of these sounds precise enough to identify and label each key. By locating Keystrokes this technique avoids the need for labeled training data or linguistic context. Experiments with three types of keyboards and off-the-shelf smartphones demonstrate scenarios where our system can recover $94\%$ of Keystrokes, which to our knowledge, is the first single-device technique that enables acoustic snooping of passwords.
Wei Wang - One of the best experts on this subject based on the ideXlab platform.
-
Recognizing Keystrokes Using WiFi Devices
IEEE Journal on Selected Areas in Communications, 2017Co-Authors: Kamran Ali, Alex X Liu, Wei Wang, Muhammad ShahzadAbstract:Keystroke privacy is critical for ensuring the security of computer systems and the privacy of human users as what is being typed could be passwords or privacy sensitive information. In this paper, we show for the first time that WiFi signals can also be exploited to recognize Keystrokes. The intuition is that while typing a certain key, the hands and fingers of a user move in a unique formation and direction and thus generate a unique pattern in the time-series of channel state information (CSI) values, which we call CSI-waveform for that key. In this paper, we propose a WiFi signal-based Keystroke recognition system called WiKey. WiKey consists of two commercial off-the-shelf WiFi devices, a sender (such as a router) and a receiver (such as a laptop). The sender continuously emits signals and the receiver continuously receives signals. When a human subject types on a keyboard, WiKey recognizes the typed keys based on how the CSI values at the WiFi signal receiver end. We implemented the WiKey system using a TP-Link TL-WR1043ND WiFi router and a Lenovo X200 laptop. WiKey achieves over 97.5% detection rate for detecting the Keystroke and 96.4% recognition accuracy for classifying single keys. In real-world experiments, WiKey can recognize Keystrokes in a continuously typed sentence with an accuracy of 93.5%. WiKey can also recognize complete words inside a sentence with over 85% accuracy.
-
Keystroke recognition using wifi signals
ACM IEEE International Conference on Mobile Computing and Networking, 2015Co-Authors: Kamran Ali, Alex X Liu, Wei Wang, Muhammad ShahzadAbstract:Keystroke privacy is critical for ensuring the security of computer systems and the privacy of human users as what being typed could be passwords or privacy sensitive information. In this paper, we show for the first time that WiFi signals can also be exploited to recognize Keystrokes. The intuition is that while typing a certain key, the hands and fingers of a user move in a unique formation and direction and thus generate a unique pattern in the time-series of Channel State Information (CSI) values, which we call CSI-waveform for that key. In this paper, we propose a WiFi signal based Keystroke recognition system called WiKey. WiKey consists of two Commercial Off-The-Shelf (COTS) WiFi devices, a sender (such as a router) and a receiver (such as a laptop). The sender continuously emits signals and the receiver continuously receives signals. When a human subject types on a keyboard, WiKey recognizes the typed keys based on how the CSI values at the WiFi signal receiver end. We implemented the WiKey system using a TP-Link TL-WR1043ND WiFi router and a Lenovo X200 laptop. WiKey achieves more than 97.5\% detection rate for detecting the Keystroke and 96.4% recognition accuracy for classifying single keys. In real-world experiments, WiKey can recognize Keystrokes in a continuously typed sentence with an accuracy of 93.5%.
-
MobiCom - Keystroke Recognition Using WiFi Signals
Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, 2015Co-Authors: Kamran Ali, Alex X Liu, Wei Wang, Muhammad ShahzadAbstract:Keystroke privacy is critical for ensuring the security of computer systems and the privacy of human users as what being typed could be passwords or privacy sensitive information. In this paper, we show for the first time that WiFi signals can also be exploited to recognize Keystrokes. The intuition is that while typing a certain key, the hands and fingers of a user move in a unique formation and direction and thus generate a unique pattern in the time-series of Channel State Information (CSI) values, which we call CSI-waveform for that key. In this paper, we propose a WiFi signal based Keystroke recognition system called WiKey. WiKey consists of two Commercial Off-The-Shelf (COTS) WiFi devices, a sender (such as a router) and a receiver (such as a laptop). The sender continuously emits signals and the receiver continuously receives signals. When a human subject types on a keyboard, WiKey recognizes the typed keys based on how the CSI values at the WiFi signal receiver end. We implemented the WiKey system using a TP-Link TL-WR1043ND WiFi router and a Lenovo X200 laptop. WiKey achieves more than 97.5\% detection rate for detecting the Keystroke and 96.4% recognition accuracy for classifying single keys. In real-world experiments, WiKey can recognize Keystrokes in a continuously typed sentence with an accuracy of 93.5%.
