Preventing THErmal ATtacks (PT.HEAT)


The PT.HEAT project aims to prevent the users of thermal imaging cameras from using them maliciously.

Like many ambient sensors, thermal imaging cameras are becoming increasingly ubiquitous and accessible. While useful in many ways, thermal cameras can also be used maliciously to infer sensitive input on keyboards, touchscreens and other types of user interfaces. The fact that anyone can buy a thermal camera online for £200 and use it maliciously underlines the importance and timeliness of developing methods to prevent thermal attacks. Opposed to other work that mitigates thermal attacks after they take place, this project aims to prevent thermal attacks.

The team will develop methods to detect user interfaces, such as keyboards and touchscreens, in the feed of thermal cameras and prevent users from viewing heat traces on said interfaces. The concept is similar to how printers prevent money foraging by detecting banknotes.

Researchers will work with CENSIS, who is part of University of Glasgow (UofG) and the Scottish Business Resilience Centre (SBRC) to achieve these objectives:

  • collect a dataset of thermal images of interfaces that are vulnerable to thermal attacks, like touchscreens, keyboards and PIN pads, in different contexts including different temperature regimes,
  • develop and evaluate the accuracy of machine learning (ML) models that identify interfaces in thermal images,
  • develop and evaluate a user-centered thermal imaging system that uses the developed methods to prevent its users from using thermal imaging maliciously without inhibiting its function, and
  • raise awareness of our solutions and ensure exploitation through impact activities.