top of page
  • Mal McCallion

AI Eavesdropping: Decoding Passwords from Typing Sounds

Updated: Dec 11, 2023

Tap, tap, tap. That's the sound of your password, potentially falling into the wrong hands.

A recent study suggests that artificial intelligence (AI) can decipher what keys are being pressed just by the sound of the typing. This could turn your innocent Zoom chat into an open door for a cyber-attack.

As Zoom and other video conferencing tools have skyrocketed in usage, so too has the threat of sound-based cyber-attacks. Researchers have now developed a system that can identify which keys are being pressed on a laptop keyboard with over 90% accuracy, purely based on sound recordings.

Dr Ehsan Toreini, co-author of the study at the University of Surrey, warns, “I can only see the accuracy of such models, and such attacks, increasing.” With smart devices with built-in microphones becoming increasingly common, these potential attacks highlight the need for public debates on the governance of AI.

The study, part of the IEEE European Symposium on Security and Privacy Workshops, used machine learning algorithms to identify keys based on sound – a technique also used on the Enigma cipher device. The researchers recorded sounds of 36 keys on a MacBook Pro being pressed 25 times each, using different fingers and varying pressure. These sounds were recorded both over a Zoom call and on a smartphone placed near the keyboard.

The machine learning system was then trained to recognise the acoustic signals associated with each key. The system achieved an impressive 95% accuracy rate when the recording was made over a phone call, and 93% accuracy over a Zoom call.

While this study is a proof-of-principle and hasn't been used to crack passwords in real-world settings, it serves as a stark reminder of the need for vigilance. The researchers suggest mitigating the risk of such acoustic "side channel attacks" by opting for biometric passwords where possible, activating two-step verification systems, or using a mixture of upper and lower cases, numbers and symbols in passwords.

As we continue to navigate our increasingly digital world, it's clear that we must stay one step ahead in the cybersecurity game. So, next time you're typing away during a Zoom call, remember – your keyboard might be saying more than you think!

Made with TRUST_AI - see the Charter:

9 views0 comments


bottom of page