Enlighten Publications

In this section

Change Policy or Users? Mitigating the Security Risks of Thermal Attacks

Macdonald, S. A. , Farzand, H., Alotaibi, N. , Islam, M. S. and Khamis, M. (2023) Change Policy or Users? Mitigating the Security Risks of Thermal Attacks. In: 2023 CHI Conference on Human Factors in Computing Systems (CHI '23), Hamburg, Germany, 23-28 Apr 2023,

Text
294369.pdf - Accepted Version
Available under License Creative Commons Attribution.
662kB

Abstract

Attacks on passwords by thermal cameras are a poignant example of how emerging technologies can pose unforeseen security risks. Despite being easy to perform and effective, thermal attacks are not commonly understood or counteracted, hence a strategy to mitigate this is required. In this paper, we propose an AI-driven strategy to obfuscate vulnerable interfaces in the view of thermal cameras automatically, then discuss the advantages and limitations of attempting to enforce such a system-centred solution as policy, versus instead attempting to shape user behaviour.

Item Type:	Conference Proceedings
Additional Information:	This work was supported by the EPSRC (EP/V008870/1), and the PETRAS National Centre of Excellence for IoT Systems Cybersecurity, which is also funded by the EPSRC (EP/S035362/1).
Status:	Published
Refereed:	Yes
Glasgow Author(s) Enlighten ID:	Alotaibi, Norah Mohsen T and Islam, Mr Md Shafiqul and Macdonald, Mr Shaun and Khamis, Dr Mohamed and Farzand, Ms Habiba
Authors:	Macdonald, S. A., Farzand, H., Alotaibi, N., Islam, M. S., and Khamis, M.
College/School:	College of Science and Engineering College of Science and Engineering > School of Computing Science
Copyright Holders:	Copyright © 2023 The Authors
First Published:	First published in Design x Policy Workshop 2023 CHI Conference on Human Factors in Computing Systems (CHI '23)
Publisher Policy:	Reproduced in accordance with the publisher copyright policy
Related URLs:	Organisation Publisher

University Staff: Request a correction | Enlighten Editors: Update this record

Funder and Project Information

Project Code	Award No	Project Name	Principal Investigator	Funder's Name	Funder Ref	Lead Dept
310627		TAPS: Assessing, Mitigating and Raising Awareness of the Security and Privacy Risks of Thermal Imaging	Mohamed Khamis	Engineering and Physical Sciences Research Council (EPSRC)	EP/V008870/1	Computing Science
313490		Preventing THErmal ATtacks using AI-driven Approaches	Mohamed Khamis	Engineering and Physical Sciences Research Council (EPSRC)	5676417	Computing Science

Deposit and Record Details

ID Code:	294369
Depositing User:	Miss Leigh Bunton
Datestamp:	15 Mar 2023 10:25
Last Modified:	11 May 2023 11:59
Date of acceptance:	11 March 2023
Date of first online publication:	28 April 2023
Date Deposited:	15 March 2023