Keystroke Timing Analysis of on-the-fly Web Apps
The Google Suggestions service used in Google Search is one example of an interactivity rich Javascript application. In this paper, we analyse the timing side channel of Google Suggestions by reverse engineering the communication model from obfuscated Javascript code. We consider an attacker who att...
Saved in:
Main Authors: | , , , |
---|---|
Format: | text |
Language: | English |
Published: |
Institutional Knowledge at Singapore Management University
2013
|
Subjects: | |
Online Access: | https://ink.library.smu.edu.sg/sis_research/2037 https://ink.library.smu.edu.sg/context/sis_research/article/3036/viewcontent/acns13.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Singapore Management University |
Language: | English |
id |
sg-smu-ink.sis_research-3036 |
---|---|
record_format |
dspace |
spelling |
sg-smu-ink.sis_research-30362014-02-04T11:54:04Z Keystroke Timing Analysis of on-the-fly Web Apps TEY, Chee Meng GUPTA, Payas GAO, Debin ZHANG, YAN The Google Suggestions service used in Google Search is one example of an interactivity rich Javascript application. In this paper, we analyse the timing side channel of Google Suggestions by reverse engineering the communication model from obfuscated Javascript code. We consider an attacker who attempts to infer the typing pattern of a victim. From our experiments involving 11 participants, we found that for each keypair with at least 20 samples, the mean of the inter-keystroke timing can be determined with an error of less than 20%. 2013-06-25T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/2037 info:doi/10.1007/978-3-642-38980-1_25 https://ink.library.smu.edu.sg/context/sis_research/article/3036/viewcontent/acns13.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Information Security |
institution |
Singapore Management University |
building |
SMU Libraries |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
SMU Libraries |
collection |
InK@SMU |
language |
English |
topic |
Information Security |
spellingShingle |
Information Security TEY, Chee Meng GUPTA, Payas GAO, Debin ZHANG, YAN Keystroke Timing Analysis of on-the-fly Web Apps |
description |
The Google Suggestions service used in Google Search is one example of an interactivity rich Javascript application. In this paper, we analyse the timing side channel of Google Suggestions by reverse engineering the communication model from obfuscated Javascript code. We consider an attacker who attempts to infer the typing pattern of a victim. From our experiments involving 11 participants, we found that for each keypair with at least 20 samples, the mean of the inter-keystroke timing can be determined with an error of less than 20%. |
format |
text |
author |
TEY, Chee Meng GUPTA, Payas GAO, Debin ZHANG, YAN |
author_facet |
TEY, Chee Meng GUPTA, Payas GAO, Debin ZHANG, YAN |
author_sort |
TEY, Chee Meng |
title |
Keystroke Timing Analysis of on-the-fly Web Apps |
title_short |
Keystroke Timing Analysis of on-the-fly Web Apps |
title_full |
Keystroke Timing Analysis of on-the-fly Web Apps |
title_fullStr |
Keystroke Timing Analysis of on-the-fly Web Apps |
title_full_unstemmed |
Keystroke Timing Analysis of on-the-fly Web Apps |
title_sort |
keystroke timing analysis of on-the-fly web apps |
publisher |
Institutional Knowledge at Singapore Management University |
publishDate |
2013 |
url |
https://ink.library.smu.edu.sg/sis_research/2037 https://ink.library.smu.edu.sg/context/sis_research/article/3036/viewcontent/acns13.pdf |
_version_ |
1770571778112880640 |