Practical Keystroke Timing Attacks in Sandboxed JavaScript

@inproceedings{Lipp2017PracticalKT,
  title={Practical Keystroke Timing Attacks in Sandboxed JavaScript},
  author={Moritz Lipp and Daniel Gruss and Michael Schwarz and David Bidner and Cl{\'e}mentine Maurice and Stefan Mangard},
  booktitle={ESORICS},
  year={2017}
}
Keystrokes trigger interrupts which can be detected through software side channels to reconstruct keystroke timings. Keystroke timing attacks use these side channels to infer typed words, passphrases, or create user fingerprints. While keystroke timing attacks are considered harmful, they typically require native code execution to exploit the side channels and, thus, may not be practical in many scenarios. In this paper, we present the first generic keystroke timing attack in sandboxed… CONTINUE READING
Recent Discussions
This paper has been referenced on Twitter 8 times over the past 90 days. VIEW TWEETS

Citations

Publications citing this paper.
Showing 1-10 of 10 extracted citations

References

Publications referenced by this paper.
Showing 1-10 of 45 references

Anti-Keylogging with Random Noise

  • M. Myers
  • PoC|GTFO. vol. 0x14
  • 2017
1 Excerpt

Similar Papers

Loading similar papers…