Saved in:
Bibliographic Details
Main Authors: Ni, Tao, Du, Yuefeng, Zhao, Qingchuan, Wang, Cong
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2412.14815
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866916532756414464
author Ni, Tao
Du, Yuefeng
Zhao, Qingchuan
Wang, Cong
author_facet Ni, Tao
Du, Yuefeng
Zhao, Qingchuan
Wang, Cong
contents Virtual Reality (VR) technologies are increasingly employed in numerous applications across various areas. Therefore, it is essential to ensure the security of interactions between users and VR devices. In this paper, we disclose a new side-channel leakage in the constellation tracking system of mainstream VR platforms, where the infrared (IR) signals emitted from the VR controllers for controller-headset interactions can be maliciously exploited to reconstruct unconstrained input keystrokes on the virtual keyboard non-intrusively. We propose a novel keystroke inference attack named VRecKey to demonstrate the feasibility and practicality of this novel infrared side channel. Specifically, VRecKey leverages a customized 2D IR sensor array to intercept ambient IR signals emitted from VR controllers and subsequently infers (i) character-level key presses on the virtual keyboard and (ii) word-level keystrokes along with their typing trajectories. We extensively evaluate the effectiveness of VRecKey with two commercial VR devices, and the results indicate that it can achieve over 94.2% and 90.5% top-3 accuracy in inferring character-level and word-level keystrokes with varying lengths, respectively. In addition, empirical results show that VRecKey is resilient to several practical impact factors and presents effectiveness in various real-world scenarios, which provides a complementary and orthogonal attack surface for the exploration of keystroke inference attacks in VR platforms.
format Preprint
id arxiv_https___arxiv_org_abs_2412_14815
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Non-intrusive and Unconstrained Keystroke Inference in VR Platforms via Infrared Side Channel
Ni, Tao
Du, Yuefeng
Zhao, Qingchuan
Wang, Cong
Cryptography and Security
Virtual Reality (VR) technologies are increasingly employed in numerous applications across various areas. Therefore, it is essential to ensure the security of interactions between users and VR devices. In this paper, we disclose a new side-channel leakage in the constellation tracking system of mainstream VR platforms, where the infrared (IR) signals emitted from the VR controllers for controller-headset interactions can be maliciously exploited to reconstruct unconstrained input keystrokes on the virtual keyboard non-intrusively. We propose a novel keystroke inference attack named VRecKey to demonstrate the feasibility and practicality of this novel infrared side channel. Specifically, VRecKey leverages a customized 2D IR sensor array to intercept ambient IR signals emitted from VR controllers and subsequently infers (i) character-level key presses on the virtual keyboard and (ii) word-level keystrokes along with their typing trajectories. We extensively evaluate the effectiveness of VRecKey with two commercial VR devices, and the results indicate that it can achieve over 94.2% and 90.5% top-3 accuracy in inferring character-level and word-level keystrokes with varying lengths, respectively. In addition, empirical results show that VRecKey is resilient to several practical impact factors and presents effectiveness in various real-world scenarios, which provides a complementary and orthogonal attack surface for the exploration of keystroke inference attacks in VR platforms.
title Non-intrusive and Unconstrained Keystroke Inference in VR Platforms via Infrared Side Channel
topic Cryptography and Security
url https://arxiv.org/abs/2412.14815