AI Listening to the Sound of Typing By Brian Simpson
This is just a warning; AI has now been developed which can crack private information such as passwords, credit card numbers and private messages, just by the sound of key strokes. And, it can do this with up to 95 percent accuracy. That is a worry, but it was coming. Details from Yahoo below, but what to do about this is most important. As this is a problem, potentially with laptops in public spaces e.g. airports, methods of disguising the sounds might be made. Two-factor authentication using two forms of identification, such as a text sent to one’s mobile phone, could be used. Biometric authentication, such as fingerprint scans and facial recognition, are other possibilities.
Yet, there is now something of an AI arms race, and no doubt, all such detours will be frustrated given enough time. As I see it, this insecurity is an intrinsic part of the AI world that they have created for us.
https://finance.yahoo.com/news/identify-keystrokes-just-sound-typing-175509837.html
“You may have gotten used to covering your webcam, but now you might have to start muffling the sound of your keyboard, too.
Laptop users are at risk of having sensitive information including private messages, passwords, and credit card numbers stolen just by typing on their keyboard. A new paper by a team of researchers from British universities shows that artificial intelligence can identify keystrokes by sound alone with 95% accuracy. And as technology continues to develop at rapid paces, attacks such as these will become more sophisticated.
In this study, experimenters correctly identified keystrokes on a MacBook Pro through a nearby phone recording 95% of the time, and through a recorded Zoom call at a 93% rate.
The research paper details what it calls “acoustic side channel attacks” in which a malicious third party uses a secondary device, like a cell phone sitting next to a laptop or an unmuted microphone on a video-conferencing software such as Zoom, to record the sound of typing. The third party then feeds the recording through a deep-learning A.I. trained to recognize the sound of individual pressed keys to decipher what exactly was typed.
Deep learning (DL) is a subset of machine learning in which computers are taught to process data in a way similar to the human brain—essentially using a multi-layered “neural network” to “learn” from large amounts of data and accurately produce insights and predictions. Deep-learning models can recognize patterns in pictures, texts, sounds, and other data. This type of A.I. is in everyday products like digital assistants like Amazon’s Alexa and voice-enabled TV remotes, as well as newer technologies like self-driving cars.
“With the recent developments in both the performance of (and access to) both microphones and DL models, the feasibility of an acoustic attack on keyboards begins to look likely,” the paper said.
The paper, published on August 3, was authored by Joshua Harrison, a software development engineer at Amazon who recently graduated with a Masters of Engineering from Durham University, as well as University of Surrey lecturer Ehsan Toreini and Royal Holloway University of London senior lecturer Maryam Mehrenzhad.
Mitigating the ever-developing threat
Laptops are especially ideal targets for these attacks because of their portability, according to the paper. People often take their laptops to work in public spaces like libraries, coffee shops, and study areas, where the sound of typing can easily be recorded without notice from the targeted user.
One of the main concerns of the paper is that people are unaware of these kinds of attacks, so they do nothing to prevent them.
“The ubiquity of keyboard acoustic emanations makes them not only a readily available attack vector, but also prompts victims to underestimate (and therefore not try to hide) their output,” the paper said. “For example, when typing a password, people will regularly hide their screen but will do little to obfuscate their keyboard’s sound.”
One way to mitigate the threat of this attack is by using stronger passwords with multiple cases, like special characters, upper and lowercase letters, and numbers. Passwords with full words might be more easily deduced and therefore at greater risk of attack.
And while the pressing of the shift key can be recognized by A.I., it cannot yet recognize the “release peak” of the shift key amidst the sound of other keys, “doubling the search space of potential characters following a press of the shift key,” the paper said.
Another simple way to deter these kinds of attacks is by using two-factor authentication. This is a security method that requires two forms of identification to access accounts and data. For instance, the first factor may be a password and the second may be an account activity confirmation through an email or on a separate device.
Biometric authentication, like fingerprint scans and facial recognition, can also lessen the risk of an attack.
But as A.I. continues to evolve, so too will these attacks. The authors of the paper recommended that future studies analyze the use of smart speakers to record keystrokes, “as these devices remain always-on and are present in many homes.”
The authors also suggested that future research should explore the implementation of a language model used in tandem with a deep-learning A.I. Language models, like viral chatbot ChatGPT, are trained on large series of text to recognize patterns of speech.
A language model “could improve keystroke recognition when identifying defined words as well as an end-to-end real-world implementation of an ASC attack on a keyboard,” the paper said.”
https://arxiv.org/pdf/2308.01074.pdf
“With recent developments in deep learning, the ubiquity of microphones and the rise in online services via personal devices, acoustic side channel attacks present a greater threat to keyboards than ever. This paper presents a practical implementation of a state-of-the-art deep learning model in order to classify laptop keystrokes, using a smartphone integrated microphone. When trained on keystrokes recorded by a nearby phone, the classifier achieved an accuracy of 95%, the highest accuracy seen without the use of a language model. When trained on keystrokes recorded using the video-conferencing software Zoom, an accuracy of 93% was achieved, a new best for the medium. Our results prove the practicality of these side channel attacks via off-the-shelf equipment and algorithms. We discuss a series of mitigation methods to protect users against these series of attacks.”
Comments