New Acoustic Attack Records Laptop Keystrokes With Nearby Phone

The constant deep-learning advancements, widespread microphones, and online services are actively escalating the threat of acoustic side-channel attacks on keyboards.

An innovative deep learning model uses a nearby phone’s microphone to classify laptop keystrokes with 95% accuracy and 93% accuracy when trained on Zoom recordings, setting new benchmarks for acoustic attack implementation.

While all these findings are recently unveiled by cybersecurity researchers from the following British universities:-

  • Joshua Harrison from Durham University
  • Ehsan Toreini from the University of Surrey
  • Maryam Mehrnezhad Royal Holloway University of London

Data Targeted by the Attack

The targeted acoustic attack compromises data security, potentially leaking the following data to malicious third parties:-

Unlike other side-channel attacks with limitations, acoustic attacks are now simpler with widespread microphone-bearing devices. 

These devices enable high-quality audio captures without special conditions or data rate restrictions.

While rapid machine learning advancements enable feasible and highly dangerous sound-based side-channel attacks, surpassing previous expectations.

Design of the Attack

To initiate the attack, keystrokes are recorded on the target’s keyboard for training the prediction algorithm. This can be done using a nearby microphone or an infected phone with microphone access.

The Zoom-based recording of keystrokes links typed messages to sound recordings by rogue participants. Researchers trained data by pressing 36 keys on a modern MacBook Pro 25 times and capturing the produced sounds.

Keystroke isolation process (Source – Arxiv)

‘CoAtNet’ trained with spectrogram images, an image classifier that required experimentation with the following elements to achieve optimal prediction accuracy:-

  • Epoch
  • Learning rate
  • Data splitting parameters
Waveform and corresponding mel-spectrogram (Source – Arxiv)

While in this experiment following things are used by the security analysts:-

  • Standard Apple laptop keyboard
  • iPhone 13 mini (Positioned 17cm from target) 
  • Zoom

Accuracy Achievements

Here below, we have mentioned the accuracy achievements of CoANet:-

  • From smartphone recordings: 95% accuracy
  • Zoom: 93% accuracy
  • Skype captures 91.7% accuracy.

Recommendations

Here below, we have mentioned all the recommendations offered by the cybersecurity researchers:-

  • Alter typing styles or employ randomized passwords to counter acoustic side-channel attacks.
  • Additional defense measures involve software-based replication of keystroke sounds, white noise, or audio filters for keystrokes.
  • Make sure to use biometric authentication where possible.
  • Ensure the use of robust password managers.

Keep informed about the latest Cyber Security News by following us on GoogleNews, Linkedin, Twitter, and Facebook.

Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.