Table 10 Capability and limitations of some keystroke dynamics spoofing methods
Methods | Attacker interaction | Remote exploitation | Detection likelihood | Other limitations |
|---|---|---|---|---|
Malboard [21] | Required, attacker must install hardware keylogger into victim’s keyboard | No | Likely, the attached hardware keylogger is easier to be noticed | The attack requires Internet connection to transfer the collected keystroke behaviours |
Mimicry [30] | Required, attacker must be able to record the victim’s finger and the smartphone’s screen while the victim is typing | No | Likely, the attacker must be in close proximity to the victim to record their typing activity on the smartphone | The attack is not automated, the proposed method only provides visual guidance. |
Our Method | Semi-required, attacker could passively obtain the screen-recorded video via the victim’s screen-sharing activity | Yes | Unlikely, the victim is less-likely to notice when their screen is being recorded remotely (e.g., via the screen-sharing activity) | Evasion Rates (ER) is lower, and only lowercase characters are supported (as of now) |