In this paper, we present the first contactless side-channel attack for identifying 360 videos being viewed in a Virtual Reality (VR) Head Mounted Display (HMD). Although the video content is displayed inside the HMD without any external exposure, we observe that user head movements are driven by the video content, which creates a unique side channel that does not exist in traditional 2D videos. By recording the user whose vision is blocked by the HMD via a malicious camera, an attacker can analyze the correlation between the user's head movements and the victim video to infer the video title. To exploit this new vulnerability, we present INTRUDE, a system for identifying 360 videos from recordings of user head movements. INTRUDE is empowered by an HMD-based head movement estimation scheme to extract a head movement trace from the recording and a video saliency-based trace-fingerprint matching framework to infer the video title. Evaluation results show that INTRUDE achieves over 96% of accuracy for video identification and is robust under different recording environments. Moreover, INTRUDE maintains its effectiveness in the open-world identification scenario.

翻译：本文提出了首个非接触式侧信道攻击方法，用于识别虚拟现实头戴式显示设备中正在观看的360度视频。尽管视频内容在头戴式设备内显示且无任何外部暴露，但我们观察到用户头部运动受视频内容驱动，形成了传统2D视频中不存在的独特侧信道。攻击者通过恶意摄像头记录被头戴式设备遮挡视线的用户，即可分析用户头部运动与受害者视频之间的关联性，进而推断视频标题。为利用这一新型漏洞，我们提出INTRUDE系统——通过记录用户头部运动来识别360度视频。该系统基于头戴式设备的头部运动估计方案，从记录中提取运动轨迹，并采用视频显著性轨迹-指纹匹配框架来推断视频标题。评估结果表明，INTRUDE的视频识别准确率超过96%，且在不同记录环境下具有鲁棒性。此外，INTRUDE在开放世界识别场景中仍保持有效性。