Threat of Side-Channel Attacks Increases with Deep-Learning Model
The rapid innovations in deep learning, expanding use of laptops, and growing number of smartphones with microphones are creating an environment that makes it easier for bad actors to compromise the laptops by recording the keystrokes on their keyboards, according to researchers with three UK universities.
In a study published recently, the researchers showed how they were able to train a deep-learning model and use smartphone microphones to record keystrokes and steal data like passwords from nearby laptops via acoustic side-channel attacks. The model was so effective it could classify the keystrokes recorded with a microphone with 95% accuracy.
When the model’s algorithm was trained on keystrokes recorded over Zoom, it still hit a very high accuracy rate of 93%, a record for the medium, according to the researchers from Durham University, the University of Surrey, and the Royal Holloway University of London.
Acoustic and other side-channel attacks threaten the security of data on systems like laptops. In side-channel attacks, bad actors are able to collect and interpret signals emitted by a device. Along with listening for the acoustics coming from the device, others use different signals, from electromagnetic waves, power consumption, and mobile sensors.
They’ve also targeted other devices, from printers and Intel processors.
Combining deep learning algorithms combined with a more portable computing environment and microphone-sporting smartphones raises the threat level to laptops and their keyboards. The high levels of accuracy put the risk into stark relief.
“The ubiquity of keyboard acoustic emanations makes them not only a readily available attack vector, but also prompts victims to underestimate (and therefore not try to hide) their output,” the researchers wrote. “For example, when typing a password, people will regularly hide their screen but will do little to obfuscate their keyboard’s sound. The lack of concern regarding keyboard acoustics could be due to the relatively small body of modern literature.”
Previous papers the created models for inferring the correct key from test data often were trained on older mechanical keyboards more pronounced acoustics. The acoustics from newer keyboards are less pronounced, but at the same time, the tools used for acoustic side-channel attacks have gotten significantly better, including improved microphones for voice-over-IP and smartwatches that can be used to collect the keystroke sounds.
Running the Experiment
For this study, the researchers pulled together the data to train the deep learning model on by recording the sound made by pressing 36 keys on a MacBook Pro laptop 25 times each. The keystrokes were pressed with varying pressure and recorded on an iPhone 12 mini smartphone located 17cm away from the laptop and Zoom.
They then isolated each keystroke – a more challenging task on those keystrokes recorded on Zoom – and created spectrograms from the recordings to visually represent the differences between each key. The images from the spectrograms were used to train a deep learning model called CoAtNet, an image classifier that is short for “convolution and self-attention network,” and used the PyTorch machine-learning framework for the CoAtNet.
Like other systems, MacBook keystrokes have two visible peaks – the “push” and “release” peaks, the researchers wrote.
The CoAtNet was 95% accurate with the smartphone recording and 93% with that from Zoom.
Reducing the Threat
Given the trends talked about earlier – improvements in deep learning technology, the seeming ubiquity of microphones in device, and the use of laptops – the threat of acoustic side-channel attacks will not go away. But there are ways to mitigate the risks, the researchers said.
Altering typing styles is one defense. They noted that when touch typing was used, keystroke recognition fell from 64% to 40%, “which (while still an impressive feat) may not be a high enough accuracy to account for a complex input featuring the shift key, backspace and other non-alphanumeric keys,” they wrote.
Other ways to thwart an attack including using randomized passwords, playing sounds over a speaker to mix in multiple sounds that the microphone is recording, and using software to produce fake keystroke sounds or white noise.
The researchers also noted that there is work being considered around automatically suppressing or removing keystroke acoustics from VoIP software. In addition, using a secondary device or a biometric check to allow access to data also would help to guard against these attacks.
“As more laptops begin to come with biometric scanners built in as standard, the requirement for input of passwords via keyboard is all but eliminated, making [acoustic side-channel attacks] far less dangerous,” they wrote. “However … a threat remains that data other than passwords may be retrieved via [an attack].”