Abstract
Acoustic Side-Channel Attacks (ASCAs) extract sensitive information by using audio emitted from a computing devices and their peripherals. Attacks targeting keyboards are popular and have been explored in the literature. However, similar attacks targeting other human-interface peripherals, such as computer mice, are under-explored. To this end, this paper considers security leakage via acoustic signals emanating from normal mouse usage.
We first confirm feasibility of such attacks by showing a proof-of-concept attack that classifies four mouse movements with 97% accuracy in a controlled environment. We then evolve the attack towards discerning twelve unique mouse movements using a smartphone to record the experiment. Using Machine Learning (ML) techniques, the model is trained on an experiment with six participants to be generalizable and discern among twelve movements with 94% accuracy. In addition, we experiment with an attack that detects a user action of closing a full-screen window on a laptop. Achieving an accuracy of 91%, this experiment highlights exploiting audio leakage from computer mouse movements in a realistic scenario.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Bailey, M., et al.: The Menlo report. IEEE Secur. Priv. 10(2), 71–75 (2012)
Balagani, K., et al.: We can hear your PIN drop: an acoustic sidechannel attack on ATM PIN pads. In: Atluri, V., Di Pietro, R., Jensen, C.D., Meng, W. (eds.) ESORICS 2022. LNCS, vol. 13554, pp. 633–652. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-17140-6_31
Cecconello, S., et al.: Skype & type: keyboard eavesdropping in voiceover- IP. ACM Trans. Priv. Secur. (TOPS) 22(4), 1–34 (2019)
Chabanne, H., et al.: Side channel attacks for architecture extraction of neural networks. CAAI Trans. Intell. Technol. 6(1), 3–16 (2021)
Chen, M., et al.: Behavicker: eavesdropping computer-usage activities through acoustic side channel. Wirel. Commun. Mob. Comput. 2022 (2022)
Cheng, P., et al.: SonarSnoop: active acoustic side-channel attacks. Int. J. Inf. Secur. 19, 213–228 (2020)
Ciesla, R.: Bits, sample rates, and other fundamentals of digital audio. In: Sound and Music for Games: The Basics of Digital Audio for Video Games, pp. 1–24. Apress, Berkeley (2022)
Edfors, O., et al.: An introduction to orthogonal frequency-division multiplexing (1996)
Fang, Y., et al.: Eavesdrop with PoKeMon: position free keystroke monitoring using acoustic data. Futur. Gener. Comput. Syst. 87, 704–711 (2018)
Genkin, D., Pattani, M., Schuster, R., Tromer, E.: Synesthesia: detecting screen content via remote acoustic side channels. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 853–869. IEEE (2019)
Gupta, H., Sural, S., Atluri, V., Vaidya, J.: Deciphering text from touchscreen key taps. In: Ranise, S., Swarup, V. (eds.) DBSec 2016. LNCS, vol. 9766, pp. 3–18. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-41483-6_1
Kogler, A., et al.: Collide+power: leaking inaccessible data with software-based power side channels. In: 32nd USENIX Security Symposium (USENIX Security 2023), pp. 7285–7302 (2023)
Li, H., et al.: Deep learning methods for protein torsion angle prediction. BMC Bioinform. 18(1), 1–13 (2017)
Lipp, M., et al.: PLATYPUS: software-based power side-channel attacks on x86. In: 2021 IEEE Symposium on Security and Privacy (SP), pp. 355–371. IEEE (2021)
Liu, J., et al.: Snooping keystrokes with mm-level audio ranging on a single phone. In: Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, pp. 142–154 (2015)
Nandakumar, R., et al.: FingerIO: using active sonar for finegrained finger tracking. In: Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems, pp. 1515–1525 (2016)
O’Shea, K., Nash, R.: An introduction to convolutional neural networks. In: arXiv preprint arXiv:1511.08458 (2015)
Spolaor, R., et al.: Plug and power: fingerprinting USB powered peripherals via power side-channel. In: IEEE INFOCOM 2023-IEEE Conference on Computer Communications, pp. 1–10. IEEE (2023)
Yilmaz, B.B., Prvulovic, M., Zajić, A.: Electromagnetic side channel information leakage created by execution of series of instructions in a computer processor. IEEE Trans. Inf. Forensics Secur. 15, 776–789 (2019)
Ying, X.: An overview of overfitting and its solutions. J. Phys.: Conf. Ser. 1168, 022022 (2019)
Zeng, Y., et al.: Spectrogram based multi-task audio classification. Multimed. Tools Appl. 78, 3705–3722 (2019)
Zhu, T., et al.: Context-free attacks using keyboard acoustic emanations. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 453–464 (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Conti, M., Duroyon, M., Orazi, G., Tsudik, G. (2024). Acoustic Side-Channel Attacks on a Computer Mouse. In: Maggi, F., Egele, M., Payer, M., Carminati, M. (eds) Detection of Intrusions and Malware, and Vulnerability Assessment. DIMVA 2024. Lecture Notes in Computer Science, vol 14828. Springer, Cham. https://doi.org/10.1007/978-3-031-64171-8_3
Download citation
DOI: https://doi.org/10.1007/978-3-031-64171-8_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-64170-1
Online ISBN: 978-3-031-64171-8
eBook Packages: Computer ScienceComputer Science (R0)