cs.CRcs.CVcs.HC
ThermalTap: Passive Application Fingerprinting in VR Headsets via Thermal Side Channels
May 13, 2026
ThermalTap presents the first passive, non-contact side-channel attack that fingerprints virtual reality (VR) applications by analyzing the long-wave infrared (LWIR) thermal radiation emitted by the headset chassis.
Standalone virtual reality (VR) headsets process highly sensitive personal, professional, and health-related data, yet their susceptibility to non-contact physical side channels remains largely unexplored. Existing side-channel attacks typically require malicious software execution or physical access to peripherals, making them conspicuous and potentially patchable. This paper introduces ThermalTap, the first passive, non-contact side-channel attack that fingerprints VR applications solely from the long-wave infrared (LWIR) radiation emitted by the headset chassis. By treating a headset's thermal signature as a high-fidelity proxy for internal computational workloads, ThermalTap enables remote application inference at meter-scale distances without any device interaction. To achieve robust performance in real-world settings, the system combines a commodity thermal camera with a multi-modal sensor suite (capturing ambient temperature, humidity, and airflow) to normalize environmental noise. We evaluate ThermalTap using six applications across three commercial standalone headsets. In indoor settings, ThermalTap identifies applications with over 90% accuracy using only 10 seconds of thermal camera data. Under outdoor conditions, with longer session-level observations, several applications remain identifiable despite environmental variability, with the strongest outdoor application reaching 81% accuracy. Our findings establish thermal radiation as a fundamental and unavoidable privacy risk for immersive systems, exposing a critical security gap that bypasses current software-level protections and physical access controls.
Hardening Confidential Federated Compute against Side-channel Attacks
This paper identifies side-channel vulnerabilities in Confidential Federated Com…
Feature-Aware Anisotropic Local Differential Privacy for Utility-Preserving Graph Representation Lea…
The paper proposes FI-LDP-HGAT, a novel framework that combines a hierarchical g…
Robust Covert Quantum Communication under Bounded Channel Uncertainty
The paper develops a robust framework for covert quantum communication by analyz…
Adversarial Vulnerabilities in Neural Operator Digital Twins: Gradient-Free Attacks on Nuclear Therm…
This paper demonstrates that neural operators used in digital twins for nuclear…
Security Implications of 5G Communication in Industrial Systems
This paper evaluates the security of industrial control systems (ICS) transition…
AmBox: Device-to-Blockchain Ambient Sensing for Food Traceability
AmBox is a system that integrates ambient sensors directly with a blockchain to…
Shape and Substance: Dual-Layer Side-Channel Attacks on Local Vision-Language Models
This paper introduces a dual-layer side-channel attack framework that exploits t…
Mitigating S-RAHA: An On-device Framework to Prevent Forwarding of Re-Captured Images
The paper proposes an on-device framework to detect and prevent the forwarding o…