Gwyn Wilkinson
"What did you say?": Extracting unintentional secrets from predictive text learning systems
Wilkinson, Gwyn; Legg, Phil
Abstract
As a primary form of communication, text is used widely in applications including e-mail conversations, mobile text messaging, chatrooms, and forum discussions. Modern systems include facilities such as predictive text, recently implemented using deep learning algorithms, to estimate the next word to be written based on previous historical entries. However, we often enter sensitive information such as passwords using the same input devices-namely, smartphone soft keyboards. In this paper, we explore the problem of deep learning models which memorise sensitive training data, and how secrets can be extracted from predictive text models. We propose a general black-box attack algorithm to accomplish this for all kinds of memorised sequences, discuss mitigations and countermeasures, and explore how this attack vector could be deployed on an Android or iOS mobile device platforms as part of target reconnaissance.
Citation
Wilkinson, G., & Legg, P. (2020, June). "What did you say?": Extracting unintentional secrets from predictive text learning systems. Paper presented at IEEE International Conference on Cyber Security and Protection of Digital Services (Cyber Science 2020)
Presentation Conference Type | Conference Paper (unpublished) |
---|---|
Conference Name | IEEE International Conference on Cyber Security and Protection of Digital Services (Cyber Science 2020) |
Start Date | Jun 15, 2020 |
End Date | Jun 19, 2020 |
Deposit Date | May 17, 2020 |
Publicly Available Date | Mar 29, 2024 |
Public URL | https://uwe-repository.worktribe.com/output/5981540 |
Publisher URL | https://www.c-mric.com/csa2020 |
Files
Wilkinson2020 Cyberscience
(197 Kb)
PDF
You might also like
Analyst-driven XAI for time series forecasting: Analytics for telecoms maintenance
(2024)
Conference Proceeding
Improving search space analysis of fuzzing mutators using cryptographic structures
(2023)
Conference Proceeding
Longitudinal risk-based security assessment of docker software container images
(2023)
Journal Article
Teaching offensive and defensive cyber security in schools using a Raspberry Pi Cyber Range
(2023)
Journal Article
Downloadable Citations
About UWE Bristol Research Repository
Administrator e-mail: repository@uwe.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search