A research team from several British universities has trained a sophisticated artificial intelligence model to predict what a person is typing through a microphone with impressive accuracy. The AI can identify keystrokes by capturing the minute differences in the sound waves each key produces, even through video conferencing software like Zoom. Such an innovation could potentially compromise personal data, private conversations, and company secrets.
Deep Learning Technology: High-Accuracy Prediction
The researchers conducted a “deep learning-based acoustic side-channel attack”, a class of security exploits designed to gain information from a system by monitoring its physical effects during the processing of sensitive data. As per the research paper, the AI model was trained to classify laptop keystrokes that are recorded using a nearby phone with 95% accuracy, and when trained using keystrokes recorded from the Zoom platform, an accuracy of 93% was achieved, establishing a new record for this medium.
How The Attack Works
• The team carried out experiments pressing each of the 36 keys (0-9, a-z) on an Apple MacBook Pro 25 times, with variations in pressure and finger, while recording the keystroke sounds via a nearby iPhone and Zoom.
• Individual keystrokes were then isolated and converted into a visual representation of sound waves called a mel-spectrogram.
• A deep learning model called CoAtNet was subsequently run on these keystroke images to classify them.
The Ubiquity of Keyboard Acoustic Emanations
The researchers found that the ubiquity of keyboard acoustic emanations not only makes them a readily available attack vector but also prompts victims to underestimate their output. People usually obscure their screen while typing passwords but rarely consider obfuscating their keyboard’s sound, a fact that these AI-based acoustic attacks could exploit.
Concerns Raised
The testing maintained its accuracy even on quieter keyboards, bringing attention to the vulnerability of data we often take for granted. While avoiding phishing attacks and ensuring strong passwords are common practices, this research highlights the need to consider who—or what—could be listening in on things you don’t want to be disclosed.
Countermeasures Against AI-based Acoustic Attacks
The researchers proposed several preventative measures against such attacks. These include:
• Changing one’s typing style • Using software that generates fake keystrokes or white noise
• Employing randomized passwords with a variety of characters (instead of using full words)
• Opting for biometric authentication over passwords to avoid data input via keyboard
The Implications
These findings underscore the continuing evolution of AI and deep learning models and the associated security risks that come with their development. In this ever-increasing digital world, being conscious of such potential threats is crucial to maintaining privacy and security. It’s not just our own security we need to be responsible for but also that of our peers, particularly during group activities like video conferencing. This research into AI-based acoustic attacks raises questions on the next advancements in AI technology: Could we see an AI that zooms in on fingerprints to access devices or a phone camera that captures retinal images? Only time will tell how these potential security threats unfold, making constant vigilance and awareness crucial for navigating the digital landscape.
