Search papers, labs, and topics across Lattice.
The paper introduces FaceTell, a novel side-channel attack that recovers on-screen content by analyzing subtle facial reflections captured during video conferencing. By exploiting the human face as a reflector, the system can infer application activities with high accuracy. Experiments across various laptops, video conferencing platforms, and environments demonstrate FaceTell's effectiveness, achieving 99.32% accuracy in identifying 28 popular applications.
Your Zoom call isn't private: subtle facial reflections can leak sensitive on-screen information, enabling near-perfect eavesdropping on application activity.
In video conferencing, human faces serve as the primary visual focal points, playing multifaceted roles that enhance visual communication and emotional connection. However, we argue that a human face is also a side channel, which can unwittingly leak on-screen information through online video feeds. To demonstrate this, we conduct feasibility studies, which reveal that, illuminated by both ambient light and light emitted from displays, the human face can reflect optical variations of different on-screen content. The paper then proposes FaceTell, a novel side-channel attack system that eavesdrops on fine-grained application activities from pervasive yet subtle facial reflections during video conferencing. We implement FaceTell in a real-world testbed with three different brands of laptops and four mainstream video conferencing platforms. FaceTell is then evaluated with 24 human subjects across 13 unique indoor environments. With more than 12 hours of video data, FaceTell achieves a high accuracy of 99.32% for eavesdropping on 28 popular applications and is resilient to many practical impact factors. Finally, potential countermeasures are proposed to mitigate this new attack.
