research-article

I Know Your Keyboard Input: A Robust Keystroke Eavesdropper Based-on Acoustic Signals

Authors:

Luchuan SongAuthors Info & Claims

MM '21: Proceedings of the 29th ACM International Conference on Multimedia

Pages 1239 - 1247

https://doi.org/10.1145/3474085.3475539

Published: 17 October 2021 Publication History

Abstract

Recently, smart devices equipped with microphones have become increasingly popular in people's lives. However, when users type on a keyboard near devices with microphones, the acoustic signals generated by different keystrokes may leak the user's privacy. This paper proposes a robust side-channel attack scheme to infer keystrokes on the surrounding keyboard, leveraging the smart devices' microphones. To address the challenge of non-cooperative attacking environments, we propose an efficient scheme to estimate the relative position between the microphones and the keyboard, and extract two robust features from the acoustic signals to alleviate the impact of various victims and keyboards. As a result, we can realize the side-channel attack through acoustic signals, regardless of the exact location of microphones, the victims, and the type of keyboards. We implement the proposed scheme on the commercial smartphone and conduct extensive experiments to evaluate its performance. Experimental results show that the proposed scheme could achieve good performance in predicting keyboard input under various conditions. Overall, we can correctly identify 91.2% of keystrokes with 10-fold cross-validation. When predicting keystrokes from unknown victims, the attack can obtain a Top-5 accuracy of 91.52%. Furthermore, the Top-5 accuracy of predicting keystrokes can reach 72.25% when the victims and keyboards are both unknown. When predicting meaningful contents, we can obtain a Top-5 accuracy of 96.67% for the words entered by the victim.

References

[1]

ISO 9613. 1993. Acoustics-Attenuation of sound during propagation outdoors -- Part 1: Calculation of the absorption of sound by the atmosphere.

[2]

Kamran Ali, Alex X Liu, Wei Wang, and Muhammad Shahzad. 2015. Keystroke recognition using wifi signals. In Proceedings of the 21st annual international conference on mobile computing and networking. 90--102.

Digital Library

[3]

Kamran Ali, Alex X Liu, Wei Wang, and Muhammad Shahzad. 2017. Recognizing keystrokes using WiFi devices. IEEE Journal on Selected Areas in Communications, Vol. 35, 5 (2017), 1175--1190.

Digital Library

[4]

Dmitri Asonov and Rakesh Agrawal. 2004. Keyboard acoustic emanations. In IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004. IEEE, 3--11.

[5]

Yigael Berger, Avishai Wool, and Arie Yeredor. 2006. Dictionary attacks using keyboard acoustic emanations. In Proceedings of the 13th ACM conference on Computer and communications security. 245--254.

Digital Library

[6]

Liang Cai and Hao Chen. 2011. TouchLogger: inferring keystrokes on touch screen from smartphone motion. In Proceedings of the 6th USENIX conference on Hot topics in security. USENIX Association, 9--9.

Digital Library

[7]

Stefano Cecconello, Alberto Compagno, Mauro Conti, Daniele Lain, and Gene Tsudik. 2019. Skype & Type: Keyboard Eavesdropping in Voice-over-IP. ACM Transactions on Privacy and Security (TOPS), Vol. 22, 4 (2019), 1--34.

Digital Library

[8]

Bo Chen, Vivek Yenamandra, and Kannan Srinivasan. 2015. Tracking keystrokes using wireless signals. In Proceedings of the 13th Annual International Conference on Mobile Systems, Applications, and Services. 31--44.

Digital Library

[9]

Corinna Cortes and Vladimir Vapnik. 1995. Support-vector networks. Machine learning, Vol. 20, 3 (1995), 273--297.

Digital Library

[10]

Tyler Giallanza, Travis Siems, Elena Smith, Erik Gabrielsen, Ian Johnson, Mitchell A Thornton, and Eric C Larson. 2019. Keyboard Snooping from Mobile Phone Arrays with Mixed Convolutional and Recurrent Neural Networks. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies, Vol. 3, 2 (2019), 1--22.

Digital Library

[11]

Nikolaus Hansen, Nikolaus Hansen, Andreas Ostermeier, and Andreas Ostermeier. 1997. Convergence Properties of Evolution Strategies with the Derandomized Covariance Matrix Adaptation: The...-CMA-ES.

[12]

Andrew Kelly. 2010. Cracking passwords using keyboard acoustics and language modeling. University of Edinburgh, http://citeseerx. ist. psu. edu/viewdoc/download (2010), 54.

[13]

Mengyuan Li, Yan Meng, Junyi Liu, Haojin Zhu, Xiaohui Liang, Yao Liu, and Na Ruan. 2016. When CSI meets public WiFi: Inferring your mobile phone password via WiFi signals. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. 1068--1079.

Digital Library

[14]

Kang Ling, Yuntang Liu, Ke Sun, Wei Wang, Lei Xie, and Qing Gu. 2020. SpiderMon: Towards Using Cell Towers as Illuminating Sources for Keystroke Monitoring. In IEEE INFOCOM 2020-IEEE Conference on Computer Communications. IEEE, 666--675.

Digital Library

[15]

Jian Liu, Yan Wang, Gorkem Kar, Yingying Chen, Jie Yang, and Marco Gruteser. 2015a. Snooping keystrokes with mm-level audio ranging on a single phone. In Proceedings of the 21st Annual International Conference on Mobile Computing and Networking. 142--154.

Digital Library

[16]

Xiangyu Liu, Zhe Zhou, Wenrui Diao, Zhou Li, and Kehuan Zhang. 2015b. When good becomes evil: Keystroke inference with smartwatch. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. 1273--1285.

Digital Library

[17]

Yang Liu and Zhenjiang Li. 2018. aleak: Privacy leakage through context-free wearable side-channel. In IEEE INFOCOM 2018-IEEE Conference on Computer Communications. IEEE, 1232--1240.

[18]

Li Lu, Jiadi Yu, Yingying Chen, Yanmin Zhu, Xiangyu Xu, Guangtao Xue, and Minglu Li. 2019. KeyLiSterber: Inferring keystrokes on QWERTY keyboard of touch screen through acoustic signals. In IEEE INFOCOM 2019-IEEE Conference on Computer Communications. IEEE, 775--783.

[19]

Anindya Maiti, Murtuza Jadliwala, Jibo He, and Igor Bilogrevic. 2015. (Smart) watch your taps: side-channel keystroke inference attacks using smartwatches. In Proceedings of the 2015 ACM International Symposium on Wearable Computers. 27--30.

Digital Library

[20]

Philip Marquardt, Arunabh Verma, Henry Carter, and Patrick Traynor. 2011. (sp) iphone: Decoding vibrations from nearby keyboards using mobile phone accelerometers. In Proceedings of the 18th ACM conference on Computer and communications security. 551--562.

Digital Library

[21]

Maryam Mehrnezhad, Ehsan Toreini, Siamak F Shahandashti, and Feng Hao. 2018. Stealing PINs via mobile sensors: actual risk versus user perception. International Journal of Information Security, Vol. 17, 3 (2018), 291--313.

Digital Library

[22]

A Norman Mortensen and GL Johnson. 1988. A power system digital harmonic analyzer. IEEE transactions on instrumentation and measurement, Vol. 37, 4 (1988), 537--540.

[23]

Emmanuel Owusu, Jun Han, Sauvik Das, Adrian Perrig, and Joy Zhang. 2012. Accessory: password inference using accelerometers on smartphones. In proceedings of the twelfth workshop on mobile computing systems & applications. 1--6.

Digital Library

[24]

Sougata Sen, Karan Grover, Vigneshwaran Subbaraju, and Archan Misra. 2017. Inferring smartphone keypress via smartwatch inertial sensing. In 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops). IEEE, 685--690.

[25]

Junjue Wang, Kaichen Zhao, Xinyu Zhang, and Chunyi Peng. 2014. Ubiquitous keyboard for small mobile devices: harnessing multipath fading for fine-grained keystroke localization. In Proceedings of the 12th annual international conference on Mobile systems, applications, and services. 14--27.

Digital Library

[26]

Norbert Wiener et almbox. 1930. Generalized harmonic analysis. Acta mathematica, Vol. 55 (1930), 117--258.

[27]

Zhen Xiao, Tao Chen, Yang Liu, and Zhenjiang Li. 2020. Mobile Phones Know Your Keystrokes through the Sounds from Finger's Tapping on the Screen. In 40th IEEE International Conference on Distributed Computing Systems. IEEE.

[28]

Zhi Xu, Kun Bai, and Sencun Zhu. 2012. Taplogger: Inferring user inputs on smartphone touchscreens using on-board motion sensors. In Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks. 113--124.

Digital Library

[29]

Jie Zhang, Xiaolong Zheng, Zhanyong Tang, Tianzhang Xing, Xiaojiang Chen, Dingyi Fang, Rong Li, Xiaoqing Gong, and Feng Chen. 2016. Privacy leakage in mobile sensing: Your unlock passwords can be leaked through wireless hotspot functionality. Mobile Information Systems, Vol. 2016 (2016).

[30]

Li Zhuang, Feng Zhou, and J Doug Tygar. 2009. Keyboard acoustic emanations revisited. ACM Transactions on Information and System Security (TISSEC), Vol. 13, 1 (2009), 1--26.

Digital Library

Cited By

Rodrigues DMacedo GConti MPinto P(2024)A Prototype for Generating Random Key Sounds to Prevent Keyboard Acoustic Side-Channel Attacks2024 IEEE 22nd Mediterranean Electrotechnical Conference (MELECON)10.1109/MELECON56669.2024.10608505(1287-1292)Online publication date: 25-Jun-2024
https://doi.org/10.1109/MELECON56669.2024.10608505
Ozkan AKilic BAcarturk C(2024)Keystroke Transcription from Acoustic Emanations Using Continuous Wavelet TransformMachine Learning for Cyber Security10.1007/978-981-97-2458-1_1(1-16)Online publication date: 23-Apr-2024
https://doi.org/10.1007/978-981-97-2458-1_1
Spata MOrtis ABattiato SRusso V(2024)A New Deep Learning Pipeline for Acoustic Attack on KeyboardsIntelligent Systems and Applications10.1007/978-3-031-66329-1_26(402-414)Online publication date: 31-Jul-2024
https://doi.org/10.1007/978-3-031-66329-1_26
Show More Cited By

Index Terms

I Know Your Keyboard Input: A Robust Keystroke Eavesdropper Based-on Acoustic Signals
1. Computing methodologies
  1. Machine learning
2. Human-centered computing
  1. Ubiquitous and mobile computing

Recommendations

A closer look at keyboard acoustic emanations: random passwords, typing styles and decoding techniques
ASIACCS '12: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security

We take a closer look at keyboard acoustic emanations specifically for the purpose of eavesdropping over random passwords. In this scenario, dictionary and HMM language models are not applicable; the attacker can only utilize the raw acoustic ...
Keyboard Snooping from Mobile Phone Arrays with Mixed Convolutional and Recurrent Neural Networks

The ubiquity of modern smartphones, because they are equipped with a wide range of sensors, poses a potential security risk---malicious actors could utilize these sensors to detect private information such as the keystrokes a user enters on a nearby ...
Keyboard Emanations in Remote Voice Calls: Password Leakage and Noise(less) Masking Defenses
CODASPY '18: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy

Keyboard acoustic side channel attacks to date have been mostly studied in the context of an adversary eavesdropping on keystrokes by placing a listening device near the intended victim creating a local eavesdropping scenario. However, being in close ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

MM '21: Proceedings of the 29th ACM International Conference on Multimedia

October 2021

5796 pages

ISBN:9781450386517

DOI:10.1145/3474085

General Chairs:
Heng Tao Shen
University of Electronic Science&Technology of China, China
,
Yueting Zhuang
Zhejiang University, China
,
John R. Smith
IBM, USA
,
Program Chairs:
Yang Yang
University of Electronic Science and Technology of China, China
,
Pablo Cesar
CWI&TU Delft, The Netherlands
,
Florian Metze
FACEBOOK, Inc., USA
,
Balakrishnan Prabhakaran
University of Texas at Dallas, USA

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGMM: ACM Special Interest Group on Multimedia

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 October 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

MM '21

Sponsor:

SIGMM

MM '21: ACM Multimedia Conference

October 20 - 24, 2021

Virtual Event, China

Acceptance Rates

Overall Acceptance Rate 2,145 of 8,556 submissions, 25%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
459
Total Downloads

Downloads (Last 12 months)125
Downloads (Last 6 weeks)29

Reflects downloads up to 25 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Rodrigues DMacedo GConti MPinto P(2024)A Prototype for Generating Random Key Sounds to Prevent Keyboard Acoustic Side-Channel Attacks2024 IEEE 22nd Mediterranean Electrotechnical Conference (MELECON)10.1109/MELECON56669.2024.10608505(1287-1292)Online publication date: 25-Jun-2024
https://doi.org/10.1109/MELECON56669.2024.10608505
Ozkan AKilic BAcarturk C(2024)Keystroke Transcription from Acoustic Emanations Using Continuous Wavelet TransformMachine Learning for Cyber Security10.1007/978-981-97-2458-1_1(1-16)Online publication date: 23-Apr-2024
https://doi.org/10.1007/978-981-97-2458-1_1
Spata MOrtis ABattiato SRusso V(2024)A New Deep Learning Pipeline for Acoustic Attack on KeyboardsIntelligent Systems and Applications10.1007/978-3-031-66329-1_26(402-414)Online publication date: 31-Jul-2024
https://doi.org/10.1007/978-3-031-66329-1_26
Harrison JToreini EMehrnezhad M(2023)A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)10.1109/EuroSPW59978.2023.00034(270-280)Online publication date: Jul-2023
https://doi.org/10.1109/EuroSPW59978.2023.00034
Ying LLili J(2023)Keystroke Sound Recognition Based on Gaussian Fitting Segmentation2023 International Conference on Artificial Intelligence of Things and Systems (AIoTSys)10.1109/AIoTSys58602.2023.00028(44-50)Online publication date: 19-Oct-2023
https://doi.org/10.1109/AIoTSys58602.2023.00028

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents