27 Oct, 2022

Hackers Can Use Thermal Cameras to Steal Passwords

Mohammed Khamis, who continues his research in the Department of Computer Science at Glasgow University, and his research team have developed a system that detects passwords in seconds as a result of their research.

The researchers developed a new system called thermal attack, taking advantage of the falling prices of thermal cameras and combining this advantage with machine learning.

It’s pretty scary if a screen or keyboard image is enough for attackers.

So What Is a Thermal Attack?

When you access a keypad, keyboard or smartphone screen to enter your passcode or passcode, a small but perceptible heat remains in the area concerned after contact between your fingers and the surface. Said heat can be detected by thermal cameras up to 60 seconds after contact. 

While you’re protecting the keypad while entering your ATM password, it means that seconds later, a thermal imager can detect keys touched in the process. 

The researchers found that recently touched keys appear brighter on thermal cameras, and it is possible to determine the order of numbers, letters, and even symbols that make up a password.

How Does the System Provide Password Detection?

The researchers created a dataset (Approximately 1,500 images) of images taken from different angles of QWERTY keyboards after typing in various combinations of passwords. They then used an AI-powered probabilistic model to guess passwords from thermal cues to read those images.

Researchers found that the system, called ThermoSecure, was able to correctly guess 86 percent of passwords when images were taken within 20 seconds of contact. It was observed that the accuracy decreased to 62 percent as the image interval increased to 60 seconds.


To request a quotation for the following: Cyber Security, Digital Transformation, MSSP, Penetration Testing, KVKK, GDPR, ISO 27001 and ISO 27701, please click here.


 

Mohammed Khamis, who continues his research in the Department of Computer Science at Glasgow University, and his research team have developed a system that detects passwords in seconds as a result of their research.

The researchers developed a new system called thermal attack, taking advantage of the falling prices of thermal cameras and combining this advantage with machine learning.

It’s pretty scary if a screen or keyboard image is enough for attackers.

So What Is a Thermal Attack?

When you access a keypad, keyboard or smartphone screen to enter your passcode or passcode, a small but perceptible heat remains in the area concerned after contact between your fingers and the surface. Said heat can be detected by thermal cameras up to 60 seconds after contact.

While you’re protecting the keypad while entering your ATM password, it means that seconds later, a thermal imager can detect keys touched in the process.

The researchers found that recently touched keys appear brighter on thermal cameras, and it is possible to determine the order of numbers, letters, and even symbols that make up a password.

How Does the System Provide Password Detection?

The researchers created a dataset (Approximately 1,500 images) of images taken from different angles of QWERTY keyboards after typing in various combinations of passwords. They then used an AI-powered probabilistic model to guess passwords from thermal cues to read those images.

Researchers found that the system, called ThermoSecure, was able to correctly guess 86 percent of passwords when images were taken within 20 seconds of contact. It was observed that the accuracy decreased to 62 percent as the image interval increased to 60 seconds.


To request a quotation for the following: Cyber Security, Digital Transformation, MSSP, Penetration Testing, KVKK, GDPR, ISO 27001 and ISO 27701, please click here.


 

About Content:
Share on Social Media:
Facebook
Twitter
LinkedIn
Telegram