A team of researchers in the United Kingdom developed a deep learning model that can accurately predict what you are typing based on the sounds from keyboard keystrokes, Bleeping Computer reported on August 5.
According to the research paper, the model has a 95 percent accuracy when keystrokes are recorded with a nearby smartphone microphone and a 93 percent accuracy when keystrokes are recorded over a Zoom call.
Why does this matter: The paper notes that these types of attacks, known as acoustic side-channel attacks, can be carried out with off-the-shelf equipment and algorithms. In the wrong hands, this gives bad actors access to sensitive information. For example, imagine you are working from a cafe, and someone can discern all that you are typing, including your login passwords, credit card details or personal messages, just by recording the sound of your keystrokes sitting at the next table. Moreover, the research points towards another concerning issue: the use of artificial intelligence (AI) to develop cyber-attacks. While earlier, it would have required considerable time and other resources to train such classifiers, advances in AI-based deep learning make the process much faster and easier.
How did the researchers develop this model:
- To train their model, researchers pressed 36 keys on a MacBook Pro 16-inch (2021) 25 times each and recorded the sound produced by each press using an iPhone 13 mini placed 17 cm away from the laptop. Notably, the same keyboard has been used in all MacBooks for the past two years and is likely to be used in future MacBooks as well.
- The researchers then made a visual representation of the differences for each key by producing waveforms and spectrograms.
- These spectrogram images were used to train CoAtNet, an image classifier.
- The trained CoANet classifier was able to achieve 95 percent accuracy in identifying keystrokes recorded using a smartphone, 93 percent accuracy for recordings through Zoom, and 91.7 percent accuracy for recordings through Skype.
How to safeguard yourself from such attacks: The paper also listed measures you can take to avoid falling victim to such acoustic side-channel attacks. Some of these measures include:
- By simply changing the typing style. For instance, by using touch typing, the accuracy of such attacks is reduced dramatically.
- Using randomised passwords with multiple cases can reduce the accuracy of such attacks because of the use of the shift key.
- You can play white noise or sounds of fake keystrokes to confuse the classifier.
- Use two-factor authentication methods, such as biometric, for logins.
- India’s Cybersecurity Agency Warns About Threats Posed By AI Models
- Generative AI Can Lead To Rise In Threats To Cybersecurity: Flipkart To Parliament Committee
- Europol Report Highlights Criminal Use Cases Of Generative AI Models Such As ChatGPT
STAY ON TOP OF TECH NEWS: Our daily newsletter with the top story of the day from MediaNama, delivered to your inbox before 9 AM. Click here to sign up today!