A group of academics has devised a "deep learning-based acoustic side-channel attack" that can be used to classify laptop keystrokes recorded using a nearby phone with 95% accuracy. "When trained on keystrokes recorded using the video conferencing software Zoom, an accuracy of 93% was achieved, a new best for the medium," researchers Joshua Harrison, Ehsan Toreini, and Maryam Mehrnezhad said in a new study.
Side-channel attacks refer to a class of security exploits that aim to glean insights from a system by monitoring and measuring its physical effects while processing sensitive data. Common observable effects include runtime behavior, power consumption, electromagnetic radiation, acoustics, and cache accesses. A side-channel attack is a form of reverse engineering. Electronic circuits are inherently leaky and produce emissions as byproducts that make it possible for an attacker without access to the circuitry to deduce how the circuit works and what data it is processing.[1]
Although a completely side-channel-free implementation does not exist, practical attacks can damage user privacy and security as a malicious actor could weaponize them to obtain passwords and other confidential data.
The ubiquity of keyboard acoustic emanations makes them a readily available attack vector and prompts victims to underestimate (and therefore not try to hide) their output. For example, when typing a password, people will regularly hide their screen but will do little to obfuscate their keyboard's sound.
To succeed in the attack, the researchers first carried out experiments in which 36 of the Apple MacBook Pro's keys were used (0-9, a-z), with each key pressed 25 times in a row, varying in pressure and finger. This information was recorded via a phone in close proximity to the laptop and Zoom. The next phase entailed isolating the individual keystrokes and converting them into a mel-spectrogram, on which a deep learning model called CoAtNet (pronounced "coat" nets and short for convolution and self-attention networks) was run to classify the keystroke images.
A meal-frequency spectrogram is related to the linear-frequency spectrogram, i.e., the short-time Fourier transform (STFT) magnitude. It is obtained by applying a nonlinear transform to the frequency axis of the STFT, inspired by measured responses from the human auditory system. It summarizes the frequency content with fewer dimensions.
As countermeasures, the researchers recommend typing style changes, using randomized passwords instead of passwords containing full words and adding randomly generated fake keystrokes for voice call-based attacks.
This article is presented at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
Reporting: https://www.redskyalliance.org/
Website: https://www.redskyalliance.com/
LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5993554863383553632
[1] https://thehackernews.com/2023/08/new-deep-learning-attack-deciphers.html
Comments