Acoustic Side-Channel Attacks (ASCAs) extract sensitive information by using audio emitted from a computing devices and their peripherals. Attacks targeting keyboards are popular and have been explored in the literature. However, similar attacks targeting other human-interface peripherals, such as computer mice, are under-explored. To this end, this paper considers security leakage via acoustic signals emanating from normal mouse usage. We first confirm feasibility of such attacks by showing a proof-of-concept attack that classifies four mouse movements with 97% accuracy in a controlled environment. We then evolve the attack towards discerning twelve unique mouse movements using a smartphone to record the experiment. Using Machine Learning (ML) techniques, the model is trained on an experiment with six participants to be generalizable and discern among twelve movements with 94% accuracy. In addition, we experiment with an attack that detects a user action of closing a full-screen window on a laptop. Achieving an accuracy of 91%, this experiment highlights exploiting audio leakage from computer mouse movements in a realistic scenario.

Authentication and de-authentication phases should occur at the beginning and end of secure user sessions, respectively. A secure session requires the user to pass the former, but the latter is often underestimated or ignored. Unattended or dangling sessions expose users to well-known Lunchtime Attacks. To mitigate this threat, researchers focused on automated de-authentication systems, either as a stand-alone mechanism or as a result of continuous authentication failures. Unfortunately, no single approach offers security, privacy, and usability. Face-recognition methods, for example, may be suitable for security and usability, but they violate user privacy by continuously recording their actions and surroundings. In this work, we propose BLUFADER, a novel continuous authentication system that takes advantage of blurred face detection and recognition to fast, secure, and transparent de-authenticate users, preserving their privacy. We obfuscate a webcam with a physical blur layer and use deep learning algorithms to perform face detection and recognition continuously. To evaluate BLUFADER's practicality, we collected two datasets formed by 30 recruited subjects (users) and thousands of physically blurred celebrity photos. The de-authentication system was trained and evaluated using the former, while the latter was used to appraise the privacy and increase variance at training time. To guarantee the privacy-preserving effectiveness of the selected physical blurring filter, we show that state-of-the-art deblurring models are not able to revert our physical blur. Further, we demonstrate that our approach outperforms state-of-the-art methods in detecting blurred faces, achieving up to 95% accuracy. Moreover, BLUFADER effectively de-authenticates users up to 100% accuracy in under 3 seconds, while satisfying security, privacy, and usability requirements. Last, our continuous authentication face recognition module based on Siamese Neural Network preventively protect users from adversarial attacks, enhancing the overall system security.

Ideally, secure user sessions should start and end with authentication and de-Authentication phases, respectively. While the user must pass the former to start a secure session, the latter's importance is often ignored or underestimated. Dangling or unattended sessions expose users to well-known Lunchtime Attacks. To mitigate this threat, the research community focused on automated de-Authentication systems. Unfortunately, no single approach offers security, privacy, and usability. For instance, although facial recognition-based methods might be a good fit for security and usability, they violate user privacy by constantly recording the user and the surrounding environment.In this work, we propose BLUFADE, a fast, secure, and transparent de-Authentication system that takes advantage of blurred faces to preserve user privacy. We obfuscate a webcam with a physical blur layer and use deep learning algorithms to perform face detection continuously. To assess BLUFADE's practicality, we collected two datasets formed by 30 recruited subjects (users) and thousands of physically blurred celebrity photos. The former was used to train and evaluate the deauthentication system performances, the latter to assess the privacy and to increase variance in training data. We show that our approach outperforms state-of-The-Art methods in detecting blurred faces, achieving up to 95% accuracy. Furthermore, we demonstrate that BLUFADE effectively de-Authenticates users up to 100% accuracy in under 3 seconds, while satisfying security, privacy, and usability requirements.

Personal Identification Numbers (PINs) are the most common user authentication method for in-person banking transactions at ATMs. The US Federal Reserve reported that, in 2018, PINs secured 31.4 billion transactions in the US, with an overall worth of US$ 1.19 trillion. One well-known attack type involves the use of cameras to spy on the ATM PIN pad during PIN entry. Countermeasures include covering the PIN pad with a shield or with the other hand while typing. Although this protects PINs from visual attacks, acoustic emanations from the PIN pad itself open the door for another attack type. In this paper, we show the feasibility of an acoustic side-channel attack (called PinDrop ) to reconstruct PINs by profiling acoustic signatures of individual keys of a PIN pad. We demonstrate the practicality of PinDrop via two sets of data collection experiments involving two commercially available metal PIN pad models and 58 participants who entered a total of 5,800 5-digit PINs. We simulated two realistic attack scenarios: (1) a microphone placed near the ATM (0.3 m away) and (2) a real-time attacker (with a microphone) standing in the queue at a common courtesy distance of 2 m. In the former case, we show that PinDrop recovers 96% of 4-digit, and up to 94% of 5-digits, PINs. Whereas, at 2 m away, it recovers up to 57% of 4-digit, and up to 39% of 5-digit PINs in three attempts. We believe that these results are both significant and worrisome.

While user authentication (e.g., via passwords and/or biometrics) is considered important, the need for de-authentication is often underestimated. The so-called “lunchtime attack”, whereby a nearby attacker gains access to the casually departed user’s active log-in session, is a serious security risk that stems from lack of proper de-authentication. Although there have been several proposals for automatic de-authentication, all of them have certain drawbacks, ranging from user burden to deployment costs and high rate of false positives. In this paper we propose DE-auth of the Blue (DEB) – a cheap, unobtrusive, fast and reliable system based on the impact of the human body on wireless signal propagation. In DEB, the wireless signal emanates from a Bluetooth Low Energy Beacon, the only additional equipment needed. The user is not required to wear or to be continuously interacting with any device. DEB can be easily deployed at a very low cost. It uses physical properties of wireless signals that cannot be trivially manipulated by an attacker. DEB recognizes when the user physically steps away from the workstation, and transparently de-authenticates her in less than three seconds. We implemented DEB and conducted extensive experiments, showing a very high success rate, with a low risk of false positives when two beacons are used.

Named Data Networking (NDN) is a relatively new architecture, adhering to the Information-Centric Networking (ICN) paradigm, which focuses on explicitly named, routable and addressable content. While addressing and overcoming some of the current Internet issues, ICN is also affected by its own ones. Among those, content caching can be exploited, together with the Content Fetch Time (CFT), to identify the contents requested by the users. This attack is reactive, since the attacker infers whether a content has been requested after the victim has already sent a request for it. The defence mechanisms rely on the modification of the CFT, which, despite defending the users, also damage them from a usability point of view.In this paper, we investigate an enhanced version of the attack, which is proactive and is still feasible even under enabled countermeasures. In the proactive attack, the attacker forces a router to cache a content and only afterwards checks whether the victim sends requests for that content. With respect to the reactive attack the proactive one: (i) is resilient to the existing defence mechanisms; (ii) can be applied for both popular and unpopular contents; (iii) can be used also in case of multiple users connected to the same router of the victim. After several simulations, we identified the parameters required to setup the proactive attack and proved its feasibility, both in terms of effectiveness and in terms of bypassing the existing countermeasures. We, finally, explored new possible countermeasures.