'Whispering keyboards' could be next attack trend

By Niall McKay, Contributing Writer 11 May 2004 | SearchSecurity.com

Digg This!     StumbleUpon     Del.icio.us

OAKLAND -- Listen to this: Eavesdroppers can decipher what is typed by simply listening to the sound of a keystroke, according to a scientist at this week's IEEE Symposium of Security and Privacy in Oakland, Calif.

Each key on computer keyboards, telephones and even ATM machines makes a unique sound as each key is depressed and released, according to a paper entitled "Keyboard Acoustic Emanations" presented Monday by IBM research scientist Dmitri Asonov.

All that is needed is about $200 worth of microphones and sound processing and PC neural networking software.

Today's keyboard, telephone keypads, ATM machines and even door locks have a rubber membrane underneath the keys.

"This membrane acts like a drum, and each key hits the drum in a different location and produces a unique frequency or sound that the neural networking software can decipher," said Asonov.

Asonov found that by recording the same sound of a keystroke about 30 times and feeding it into a PC running standard neural networking software, he could decipher the keys with an 80% accuracy rate. He was also able to train the software on one keyboard to decipher the keystrokes on any other keyboard of the same make and model.

Good sound quality is not required to recognize the acoustic signature or frequency of the key. In fact, Asonov was able to extract the audio captured by a cellular phone and still decipher the signal.

"But don't panic," Asonov cautioned. "There are some easy ways to fix the problem." First, close the door in the room where you're working. Second, buy a rubber keyboard coffee guard that will dampen the sound enough to make eavesdropping difficult.

However, Asonov said that he believed it was possible to use acoustical analysis algorithms to decipher key sounds based simply on gathering the data from just a couple of keys and extrapolating what other keys should sound like.

Asonov warned that his work was almost entirely based on the evidence from his experiments and that he has little or no theoretical information to back up his theories. For example, he discovered that it was the membrane that was providing the unique signature simply by cutting a keyboard in two and finding that the neural networking software no longer worked.

Tags: Emerging Information Security Threats,  Application Attacks (Buffer Overflows, Cross-Site Scripting),  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Emerging Information Security Threats Best practices for (small) botnets Cybersecurity grant to fund research into critical infrastructure threats RSA security conference 2010: news, interviews and updates Hackers to sharpen malware, malicious software in 2010 Modern malware, stealthy botnets, adapt quickly, expert says New ransomware Trojan pushes victims to buy software Bruce Schneier on outsourcing, awareness training Marcus Ranum on cyberwarfare, infosec careers US-CERT warns of BlackBerry snooping software Researchers find thousands of flawed embedded devices Application Attacks (Buffer Overflows, Cross-Site Scripting) Quiz: How to build secure applications Black box and white box testing: Which is best? Adobe warns of critical update for Reader, Acrobat 9.1.3 9 Ways to Improve Application Security After an Incident Developers Need Help with Security Errors Buffer overflow tutorial: How to find vulnerabilities, prevent attacks SQL injection protection: A guide on how to prevent and stop attacks Experts rebuke programmers who use SQL injection as feature SANS: Application threats, website flaws pose biggest security threats Mozilla helps Adobe push out faster patches Application Attacks (Buffer Overflows, Cross-Site Scripting) Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary DNS rebinding attack  (SearchSecurity.com) drive-by pharming  (SearchSecurity.com) JavaScript hijacking  (SearchSecurity.com) man in the browser  (SearchSecurity.com) phlashing  (SearchSecurity.com) polymorphic malware  (SearchSecurity.com) pulsing zombie  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary