s i d e c h a n n e l s
play

S i d e C h a n n e l s John Vinnie Monaco / U.S. Army - PowerPoint PPT Presentation

SoK: Keylogging S i d e C h a n n e l s John Vinnie Monaco / U.S. Army Research Laboratory Whats in a keystroke? User Keyboard Host Network + Hand moton + Matrix scan + USB polling + Transmission + Key travel + Debouncing +


  1. SoK: Keylogging S i d e C h a n n e l s John “Vinnie” Monaco / U.S. Army Research Laboratory

  2. What’s in a keystroke? User Keyboard Host Network + Hand moton + Matrix scan + USB polling + Transmission + Key travel + Debouncing + Process + Routng + Encoding scheduling

  3. Keylogging metrics • Detection •Establish the presence/absence of a keystroke •Precision/recall, ROC analysis • Identification •Determine which keyboard key was pressed •Information gain, classification accuracy

  4. Early attacks 1943 1984 TEMPEST Project GUNMAN

  5. Can you find all the side channels?

  6. Attack taxonomy Spatal Temporal Channel type Acoustc Within-subject Electromagnetc Between-subject Target/ CPU Training None Modality Cache Atuack Proximity Typing speed Fast Close Slow Far

  7. Spatial side channels First order Key locatoon Second order Key dintaocen

  8. Temporal side channels User A User B Key-press latency Inter-key distance

  9. The “side channel menagerie” A phenomenon reminiscent of the biometric menagerie Vulnerable Info gain (bits) Resilient

  10. Homogeneity as an indicator for side channel attack severity Very similar Somewhat similar High risk Medium risk

  11. Linking two fields Biometrics Side channels “Langlands program” Homogeneity Heterogeneity Identity/action information

  12. Summary/prediction •75 years of keylogging side channels •Behavior heterogeneity vs homogeneity •Temporal attacks will improve Contact: www.vmonaco.com

Recommend


More recommend