|Bekaert, Paul; Alotaibi, Norah; Mathis, Florian; Gerber, Nina; Rafferty, Aidan Christopher; Khamis, Mohamed; Marky, Karola
|Thermal attacks refer to the possibility of capturing heat traces that result from interacting with user interfaces to reveal sensitive input, such as passwords. The technical feasibility and effectiveness of thermal attacks have already been demonstrated. Yet, several preconditions have to be met for successful thermal attacks. In this paper, we investigate user awareness of thermal attacks and to which extent the attack's preconditions are met in the users’ daily lives. We present results from an online study with 101 participants showing that users are frequently at risk of thermal attacks based on their behavior, e.g., due to leaving devices unattended, or their choice of authentication method. Further, only 7 of our 101 participants had heard of thermal attacks. Based on our results, we discuss the implications on user security, operators of public spaces, and the development of thermal attack-resistant input methods.
|Nordic Human-Computer Interaction Conference (NordiCHI '22)
|Proceedings of the 12th Nordic Conference on Human-Computer Interaction, p.1-9