Dictionary attacks using keyboard acoustic emanations

@inproceedings{Berger2006DictionaryAU,
  title={Dictionary attacks using keyboard acoustic emanations},
  author={Yigael Berger and Avishai Wool and Arie Yeredor},
  booktitle={Conference on Computer and Communications Security},
  year={2006}
}
We present a dictionary attack that is based on keyboard acoustic emanations. We combine signal processing and efficient data structures and algorithms, to successfully reconstruct single words of 7-13 characters from a recording of the clicks made when typing them on a keyboard. Our attack does not require any training, and works on an individual recording of the typed word (may be under 5 seconds of sound). The attack is very efficient, taking under 20 seconds per word on a standard PC. We… 

A closer look at keyboard acoustic emanations: random passwords, typing styles and decoding techniques

This work takes the keyboard acoustic attack one step further, bringing it closer to a full-fledged vulnerability under realistic scenarios (different typing styles and random passwords), and introduces a novel technique -- time-frequency decoding -- that improves the detection accuracy compared to previous techniques.

Keyboard acoustic side channel attacks: exploring realistic and security-sensitive scenarios

This work investigates several existing signal processing techniques for keyboard acoustic attack and introduces a novel technique—time–frequency decoding—that improves the detection accuracy compared to previous techniques.

Acoustic attack on keyboard using spectrogram and neural network

A compromise between the time and frequency domains is decided and acoustic trace measured in the time-frequency domain is processed by using a spectrogram based on a simple algorithm and does not use any other tool to improve classification results.

Context-free Attacks Using Keyboard Acoustic Emanations

This work uses off-the-shelf smartphones to record acoustic emanations from keystrokes and estimates keystroke' physical positions based on the Time Difference of Arrival (TDoA) method, and shows that more than 72.2\% of keystroked can be successfully recovered.

Thermal (and Hybrid Thermal/Audio) Side-Channel Attacks on Keyboard Input

The takeaway of this work is three-fold: using plastic keyboards to enter secrets is even less secure than previously recognized, post-factum thermal imaging attacks are realistic, and hybrid (multiple side-channel) attacks are both realistic and effective.

Cracking Passwords using Keyboard Acoustics and Language Modeling

A novel keystroke error function is demonstrated which allows for optimal thresholds to be found when extracting keystrokes and a bagging technique is applied to previous clustering methods which increases the text recovery accuracy and removes the necessity for hand-labelled data.

LOL: localization-free online keystroke tracking using acoustic signals

This study presents a localization-free online keystroke tracking system (LOL), which enables people to use prior knowledge obtained from the keyboard in one location to recognize real-time keystrokes of the same type of keyboard in any other places, despite various background noises.

Robust keystroke transcription from the acoustic side-channel

A deep learning system is presented, leveraging related state-of-the-art techniques from speech transcription, that performs end- to-end, audio-to-keystroke transcription with superior performance and enables it to robustly handle overlapping waveforms and adapt to local noise profiles.

Dictionary Attacks based on TDOA Using a Smartphone

This paper proposes a method to obtain the relative position of keys by Time Difference of Arrival (TDoA) method and then recover the words using a dictionary and shows that this attack only uses one phone and does not require any training.

Keyboard Emanations in Remote Voice Calls: Password Leakage and Noise(less) Masking Defenses

This paper introduces an offense-defense system that highlights the threat of a remote adversary eavesdropping on keystrokes while the victim is on a VoIP call, and builds a way to mask the leakage through the use of system-generated sounds.
...

References

SHOWING 1-10 OF 15 REFERENCES

Keyboard acoustic emanations

We show that PC keyboards, notebook keyboards, telephone and ATM pads are vulnerable to attacks based on differentiating the sound emanated by different keys. Our attack employs a neural network to

Timing Analysis of Keystrokes and Timing Attacks on SSH

A statistical study of users' typing patterns is performed and it is shown that these patterns reveal information about the keys typed, and that timing leaks open a new set of security risks, and hence caution must be taken when designing this type of protocol.

Foiling the cracker: A survey of, and improvements to, password security

Some of the problems of current password security are outlined by demonstrating the ease by which individual accounts may be broken, and one solution to this point of system vulnerability, a proactive password checker is proposed.

Compromising emanations: eavesdropping risks of computer displays

A proposal for a civilian radio-frequency emission-security standard is outlined, based on path-loss estimates and published data about radio noise levels, and a new optical eavesdropping technique is demonstrated that reads CRT displays at a distance.

Information leakage from optical emanations

A taxonomy of compromising optical emanations is developed, and design changes are described that will successfully block this kind of "Optical Tempest" attack.

The Earth Mover's Distance as a Metric for Image Retrieval

This paper investigates the properties of a metric between two distributions, the Earth Mover's Distance (EMD), for content-based image retrieval, and compares the retrieval performance of the EMD with that of other distances.

Emanation: How to keep your data confidential

  • Symposium on Electromagnetic Security For Information Protection,
  • 1991

Table 4: ADJ, NEAR, DIST tables for each of the keys, as used in our algorithms

  • Table 4: ADJ, NEAR, DIST tables for each of the keys, as used in our algorithms

The Scientist and Engineers Guide to Digital Sound Processing

  • The Scientist and Engineers Guide to Digital Sound Processing
  • 1997

The corncob list

  • The corncob list