Acoustic Side-Channel Attacks on a Computer Mouse

TL;DR

This paper demonstrates that acoustic signals emitted during mouse usage can be exploited to accurately classify mouse movements and detect user actions, revealing a new side-channel vulnerability.

Contribution

It introduces the first comprehensive analysis of acoustic side-channel attacks on computer mice, including a proof-of-concept and real-world attack scenarios using machine learning.

Findings

Classified four mouse movements with 97% accuracy in controlled settings.

Discerning twelve mouse movements with 94% accuracy using a smartphone.

Detected user action of closing a window with 91% accuracy in realistic scenarios.

Abstract

Acoustic Side-Channel Attacks (ASCAs) extract sensitive information by using audio emitted from a computing devices and their peripherals. Attacks targeting keyboards are popular and have been explored in the literature. However, similar attacks targeting other human interface peripherals, such as computer mice, are under-explored. To this end, this paper considers security leakage via acoustic signals emanating from normal mouse usage. We first confirm feasibility of such attacks by showing a proof-of-concept attack that classifies four mouse movements with 97% accuracy in a controlled environment. We then evolve the attack towards discerning twelve unique mouse movements using a smartphone to record the experiment. Using Machine Learning (ML) techniques, the model is trained on an experiment with six participants to be generalizable and discern among twelve movements with 94% accuracy. In addition, we experiment with an attack that detects a user action of closing a full-screen window on a laptop. Achieving an accuracy of 91%, this experiment highlights exploiting audio leakage from computer mouse movements in a realistic scenario.