Study warns: AI-powered cyberattacks can now exploit audio cues to steal passwords

AI-Enabled Cyberattack: Learning Keystrokes through Sound Profiles

The realm of cyberattacks is expanding rapidly, and researchers have now uncovered a new method that utilizes artificial intelligence (AI) to learn and recognize the sound profiles of different keys on a keyboard. This groundbreaking research, which is yet to undergo peer-review and is available as a preprint on arXiv, highlights the potential dangers associated with this advanced technique.

In their experiment, a team of scientists including Joshua Harrison from Durham University in the UK leveraged a smartphone microphone to listen for keystrokes on an Apple MacBook Pro. Remarkably, they were able to reproduce the exact keys with an impressive accuracy of 95%.

To further validate their findings, the researchers tested the accuracy of the AI system during a Zoom call. By recording the laptop’s microphone during a meeting, they discovered that the AI model achieved a remarkable 93% accuracy. Subsequently, they conducted another test using Skype, revealing a slightly lower but still significant accuracy of about 92%.

This new cyberattack approach has been made possible due to advancements over the last decade in the number of microphones within acoustic range of keyboards. The model works by recognizing the unique patterns associated with users’ keystrokes, including the sound, intensity, and timing of each keystroke.

To train the AI model, the researchers used a MacBook Pro and pressed 36 individual keys 25 times each, allowing the system to recognize the patterns. They recorded the keystroke audio using an iPhone 13 mini positioned 17cm away from the keyboard. In subsequent tests, they recorded the laptop keys during video calls over Zoom using the built-in microphones. These findings have led scientists to categorically state that this trio of AI, microphones, and video calls “presents a greater threat to keyboards than ever.”

However, it is worth noting that the AI system does not work uniformly for every keyboard. Each keyboard requires separate training for the AI model, necessitating additional references to comprehend which character each keystroke corresponds to.

The study suggests that individuals can mitigate these kinds of attacks by modifying their typing style. Specifically, touch typing, where one relies on muscle memory rather than visually locating keys, significantly reduces keystroke recognition accuracy, ranging from 64% to 40%.

Additionally, scientists recommend the use of randomized passwords that incorporate multiple cases as a means of defense against such attacks. Full words in passwords may pose a greater risk, as large language models like ChatGPT can predict succeeding characters to complete words. Furthermore, introducing randomly generated fake keystrokes into transmitted audio can reduce the risk of password theft.

In terms of prevention, researchers emphasize the advantages of utilizing biometric passwords such as fingerprint or face scanning instead of typed passwords. These measures can significantly mitigate the risks associated with cyber attacks of this nature.

In conclusion, this research sheds light on the potential vulnerabilities of keyboards due to AI-driven cyberattacks. It underscores the importance of developing robust security measures and promoting awareness to safeguard against emerging threats in our increasingly digital world.

Reference

Denial of responsibility! VigourTimes is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
Denial of responsibility! Vigour Times is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
DMCA compliant image

Leave a Comment