A team of researchers has managed to train an AI model capable of stealing data from keystrokes recorded through a microphone. The AI model has been shown to be 95% accurate. Keystrokes can also be recorded via a Zoom call where a malicious participant makes correlations between messages typed by the target and their sound recording.
A team of researchers from British universities has managed to train a deep learning AI model capable of stealing data from keystrokes recorded by a microphone with 95% accuracy.
When Zoom was used to train the sound classification algorithm, the prediction accuracy dropped to 93%, which is still dangerously high and a record for that medium.
In the Future, AI Could Crack Passwords with Relative Ease
This type of attack severely affects the security of the target’s data, as it could leak passwords, conversations, messages, or other sensitive information to malicious third parties.
This risk differs from other side channel hacks that require special conditions and are subject to data rate and distance limitations. Acoustic attacks have also become much simpler due to the abundance of microphoned devices that can capture high-quality audio.
Combining AI analytics with frequent key-click feedback would scare most users away. This, combined with rapid advances in machine learning, makes sound-based side channel hacks feasible. As well as harder to detect and far more dangerous than previously anticipated.
The first step of the hack is to record keystrokes on the target’s keyboard. Such data is needed to train the prediction algorithm. This can be accomplished by using a nearby microphone or the target’s phone that might have been infected by malware with access to their microphone.
AI Could Be Listening to Keys in the Middle of a Conversation
Alternatively, keystrokes can be recorded via a Zoom call where a malicious participant makes correlations between messages typed by the target and their sound recording.
The researchers collected training data by pressing 36 keys on a modern MacBook Pro 25 times each and recording the sound produced by each press. They then generated waveforms and spectrograms from the recordings that display identifiable differences for each key.
They then performed specific data processing steps to augment the signals that can be used to identify keystrokes.
Spectrogram images were used to train ‘CoAtNet’. CoAtNet is an image classifier trained based on the AI model. While the process required experimentation with epoch parameters, learning rate, and data splitting until the best prediction accuracy results could be achieved.
In their experiments, the researchers used the same laptop, the keyboard which has been used on all Apple laptops for the past two years. An iPhone 13 mini was placed 17 cm from the lens and Zoom was added to the device. The CoAtNet classifier achieved 95% accuracy on smartphone recordings and 93% on Zoom captures. Skype produced a lower but still usable accuracy of 91.7%.
Ways to Prevent a Potential Hack Using AI
For users who are overly concerned with side-channel acoustic attacks, they may try changing typing styles or using random passwords. Other possible defensive measures include the use of software to reproduce keystroke sounds, white noise, or software-based audio filters.
Ultimately, the use of biometric authentication where possible, as well as of password managers, is recommended, so as to avoid the need to manually enter sensitive information, thus mitigating factors in the face of this emerging data security threat.
By Audy Castaneda
