Description of subarea C.1 coming soon…
Current PhD project of subarea C.1:
Information (In-)security of Human-Centric Sensor Data
In our world of increasingly complex computing systems it becomes more and more difficult to stay in control of the information gathered by sensors of everyday devices. An increasing number of more accurate sensors create opportunities but also possibilities to violate the privacy of users in ways they are often unaware of. Wearables with typical human-centric sensors like accelerometers or gyroscopes, but also with emerging sensors like electromyographic sensors, can be exploited to infer human actions like typing on a keyboard.
The effectiveness of such human-targeted keylogging side-channel attacks varies with different sensor modalities and different sensor locations, but also under varying typing settings. Similarly, the success of such an attack also depends on the victims themselves (e.g. on their typing style, physiological differences, etc.), as well as on the actual input to be retrieved. On the one hand, continuous text is usually typed faster than unstructured text, possibly increasing the difficulty to discern individual keystrokes. On the other hand, they are constrained by the structure of the language used, easing a potential attack.
In my thesis, I will focus on developing a framework to study the effectiveness of keylogging side-channel attacks when using different sensor modalities in varying settings on different persons. With this framework, I am pursuing the goal of making the privacy risks of using human-centric sensors more tangible, deriving defenses and showing capabilities of such side-channel attacks under varying conditions.