SILK-TV: Secret Information Leakage from Keystroke Timing Videos

  • Kiran S. Balagani
  • Mauro Conti
  • Paolo Gasti
  • Martin Georgiev
  • Tristan Gurtler
  • Daniele LainEmail author
  • Charissa Miller
  • Kendall Molas
  • Nikita Samarin
  • Eugen Saraci
  • Gene Tsudik
  • Lynn Wu
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11098)


Shoulder surfing attacks are an unfortunate consequence of entering passwords or PINs into computers, smartphones, PoS terminals, and ATMs. Such attacks generally involve observing the victim’s input device. This paper studies leakage of user secrets (passwords and PINs) based on observations of output devices (screens or projectors) that provide “helpful” feedback to users in the form of masking characters, each corresponding to a keystroke. To this end, we developed a new attack called Secret Information Leakage from Keystroke Timing Videos (SILK-TV). Our attack extracts inter-keystroke timing information from videos of password masking characters displayed when users type their password on a computer, or their PIN at an ATM or PoS. We conducted several studies in various envisaged attack scenarios. Results indicate that, while in some cases leakage is minor, it is quite substantial in others. By leveraging inter-keystroke timings, SILK-TV recovers 8-character alphanumeric passwords in as little as 19 attempts. However, when guessing PINs, SILK-TV yields no substantial speedup compared to brute force. Our results strongly indicate that secure password masking GUIs must consider the information leakage identified in this paper.



Kiran Balagani and Paolo Gasti were supported but the National Science Foundation under Grant No. CNS-1619023. Tristan Gurtler, Charissa Miller, Kendall Molas, and Lynn Wu were supported by the National Science Foundation under Grant No. CNS-1559652. This work is partially supported by the EU TagItSmart! Project (agreement H2020-ICT30-2015-688061), and the EU-India REACH Project (agreement ICI+/2014/342-896).


  1. 1.
  2. 2.
    Linkedin password leak (2016).
  3. 3.
    Asonov, D., Agrawal, R.: Keyboard acoustic emanations. In: IEEE S&P (2004)Google Scholar
  4. 4.
    Balzarotti, D., Cova, M., Vigna, G.: ClearShot: eavesdropping on keyboard input from video. In: IEEE S&P (2008)Google Scholar
  5. 5.
    Banerjee, R., Feng, S., Kang, J.S., Choi, Y.: Keystroke patterns as prosody in digital writings: a case study with deceptive reviews and essays. In: EMNLP. Association for Computational Linguistics (2014)Google Scholar
  6. 6.
    Bartlow, N., Cukic, B.: Evaluating the reliability of credential hardening through keystroke dynamics. In: IEEE ISSRE (2006)Google Scholar
  7. 7.
    Burnett, M.: Today I am releasing 10 million passwords (2015).
  8. 8.
    Compagno, A., Conti, M., Lain, D., Tsudik, G.: Don’t skype & type!: Acoustic eavesdropping in Voice-Over-IP. In: ACM ASIACCS (2017)Google Scholar
  9. 9.
    Ding, L., Goshtasby, A.: On the canny edge detector. Pattern Recogn. 34(3), 721–725 (2001)CrossRefGoogle Scholar
  10. 10.
    Fiegerman, S.: Yahoo says 500 million accounts stolen (2017).
  11. 11.
    Florencio, D., Herley, C.: A large-scale study of web password habits. In: ACM WWW (2007)Google Scholar
  12. 12.
    Hitaj, B., Gasti, P., Ateniese, G., Perez-Cruz, F.: PassGAN: a deep learning approach for password guessing. arXiv preprint arXiv:1709.00440 (2017)
  13. 13.
    Ho, T.K.: Random decision forests. In: IEEE Document Analysis and Recognition (1995)Google Scholar
  14. 14.
    Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: DDoS in the IoT: Mirai and other botnets. Computer 50(7), 80–84 (2017)CrossRefGoogle Scholar
  15. 15.
    Ma, J., Yang, W., Luo, M., Li, N.: A study of probabilistic password models. In: IEEE S&P (2014)Google Scholar
  16. 16.
    Owusu, E., Han, J., Das, S., Perrig, A., Zhang, J.: ACCessory: password inference using accelerometers on smartphones. In: ACM HotMobile (2012)Google Scholar
  17. 17.
    Pulli, K., Baksheev, A., Kornyakov, K., Eruhimov, V.: Real-time computer vision with OpenCV. Commun. ACM 55(6), 61–69 (2012)CrossRefGoogle Scholar
  18. 18.
    Roth, J., Liu, X., Metaxas, D.: On continuous user authentication via typing behavior. IEEE Trans. Image Process. 23(10), 4611–4624 (2014)MathSciNetCrossRefGoogle Scholar
  19. 19.
    Schalkoff, R.J.: Artificial Neural Networks, vol. 1. McGraw-Hill, New York (1997)zbMATHGoogle Scholar
  20. 20.
    Shukla, D., Kumar, R., Serwadda, A., Phoha, V.V.: Beware, your hands reveal your secrets! In: ACM CCS (2014)Google Scholar
  21. 21.
    Song, D.X., Wagner, D., Tian, X.: Timing analysis of keystrokes and timing attacks on SSH. In: USENIX Security Symposium (2001)Google Scholar
  22. 22.
    Sun, J., Jin, X., Chen, Y., Zhang, J., Zhang, Y., Zhang, R.: VISIBLE: video-assisted keystroke inference from tablet backside motion. In: NDSS (2016)Google Scholar
  23. 23.
    Tari, F., Ozok, A., Holden, S.H.: A comparison of perceived and real shoulder-surfing risks between alphanumeric and graphical passwords. In: ACM SOUPS (2006)Google Scholar
  24. 24.
  25. 25.
    Tomasi, C., Manduchi, R.: Bilateral filtering for gray and color images. In: IEEE Computer Vision (1998)Google Scholar
  26. 26.
    Vural, E., Huang, J., Hou, D., Schuckers, S.: Shared research dataset to support development of keystroke authentication. In: IEEE IJCB (2014)Google Scholar
  27. 27.
    Wang, C., Guo, X., Wang, Y., Chen, Y., Liu, B.: Friend or foe? Your wearable devices reveal your personal pin. In: ACM ASIACCS (2016)Google Scholar
  28. 28.
    Wang, C., Jan, S.T., Hu, H., Bossart, D., Wang, G.: The next domino to fall: empirical analysis of user passwords across online services. In: ACM CODASPY (2018)Google Scholar
  29. 29.
    Weir, M., Aggarwal, S., De Medeiros, B., Glodek, B.: Password cracking using probabilistic context-free grammars. In: IEEE S&P (2009)Google Scholar
  30. 30.
    Xu, Y., Heinly, J., White, A.M., Monrose, F., Frahm, J.M.: Seeing double: reconstructing obscured typed input from repeated compromising reflections. In: ACM CCS (2013)Google Scholar
  31. 31.
    Zhu, T., Ma, Q., Zhang, S., Liu, Y.: Context-free attacks using keyboard acoustic emanations. In: ACM CCS (2014)Google Scholar
  32. 32.
    Zhuang, L., Zhou, F., Tygar, J.D.: Keyboard acoustic emanations revisited. ACM TISSEC 13(1), 3 (2009)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Kiran S. Balagani
    • 1
  • Mauro Conti
    • 2
  • Paolo Gasti
    • 1
  • Martin Georgiev
    • 3
    • 4
  • Tristan Gurtler
    • 1
    • 5
  • Daniele Lain
    • 2
    • 6
  • Charissa Miller
    • 1
    • 7
  • Kendall Molas
    • 1
  • Nikita Samarin
    • 3
    • 8
  • Eugen Saraci
    • 2
  • Gene Tsudik
    • 3
  • Lynn Wu
    • 1
    • 9
  1. 1.New York Institute of TechnologyNew YorkUSA
  2. 2.University of PaduaPaduaItaly
  3. 3.University of CaliforniaIrvineUSA
  4. 4.University of OxfordOxfordUK
  5. 5.University of Illinois at Urbana-ChampaignChampaignUSA
  6. 6.ETH ZurichZurichSwitzerland
  7. 7.Rochester Institute of TechnologyRochesterUSA
  8. 8.University of CaliforniaBerkeleyUSA
  9. 9.Bryn Mawr CollegePhiladelphiaUSA

Personalised recommendations