Change Policy or Users? Mitigating the Security Risks of Thermal Attacks

Macdonald, S. A. , Farzand, H., Alotaibi, N. , Islam, M. S. and Khamis, M. (2023) Change Policy or Users? Mitigating the Security Risks of Thermal Attacks. In: 2023 CHI Conference on Human Factors in Computing Systems (CHI '23), Hamburg, Germany, 23-28 Apr 2023,

[img] Text
294369.pdf - Accepted Version
Available under License Creative Commons Attribution.

662kB

Abstract

Attacks on passwords by thermal cameras are a poignant example of how emerging technologies can pose unforeseen security risks. Despite being easy to perform and effective, thermal attacks are not commonly understood or counteracted, hence a strategy to mitigate this is required. In this paper, we propose an AI-driven strategy to obfuscate vulnerable interfaces in the view of thermal cameras automatically, then discuss the advantages and limitations of attempting to enforce such a system-centred solution as policy, versus instead attempting to shape user behaviour.

Item Type:Conference Proceedings
Additional Information:This work was supported by the EPSRC (EP/V008870/1), and the PETRAS National Centre of Excellence for IoT Systems Cybersecurity, which is also funded by the EPSRC (EP/S035362/1).
Status:Published
Refereed:Yes
Glasgow Author(s) Enlighten ID:Alotaibi, Norah Mohsen T and Islam, Mr Md Shafiqul and Macdonald, Mr Shaun and Khamis, Dr Mohamed and Farzand, Ms Habiba
Authors: Macdonald, S. A., Farzand, H., Alotaibi, N., Islam, M. S., and Khamis, M.
College/School:College of Science and Engineering
College of Science and Engineering > School of Computing Science
Copyright Holders:Copyright © 2023 The Authors
First Published:First published in Design x Policy Workshop 2023 CHI Conference on Human Factors in Computing Systems (CHI '23)
Publisher Policy:Reproduced in accordance with the publisher copyright policy
Related URLs:

University Staff: Request a correction | Enlighten Editors: Update this record

Project CodeAward NoProject NamePrincipal InvestigatorFunder's NameFunder RefLead Dept
310627TAPS: Assessing, Mitigating and Raising Awareness of the Security and Privacy Risks of Thermal ImagingMohamed KhamisEngineering and Physical Sciences Research Council (EPSRC)EP/V008870/1Computing Science
313490Preventing THErmal ATtacks using AI-driven ApproachesMohamed KhamisEngineering and Physical Sciences Research Council (EPSRC)5676417Computing Science