An alarming revelation sheds light on the latest privacy onslaught caused by artificial intelligence as a groundbreaking study has uncovered a startling method that could jeopardise user passwords. Researchers have devised a way to train a sophisticated deep-learning model to covertly capture users’ sensitive information like passwords by merely listening to the sounds of their keystrokes.
A team of researchers at Cornell University, unveiled on August 3, in their research paper how an ingenious combination of deep learning prowess and audio recording can crack the code of what users type with astonishing precision.
Termed a “sound-based side channel attack,” this covert data-collection tactic usher in a fresh modus operandi for cybercriminals seeking to pilfer users’ personal information in the most surreptitious of ways.
“When trained on keystrokes recorded by a nearby phone, the [software] achieved an accuracy of 95%, the highest accuracy seen without the use of a language model,” articulate the researchers in the abstract of their paper.
This unprecedented success rate marks a watershed moment in the realm of silent data heists, leaving the cybersecurity community flabbergasted.
Algorithm behind
The experiment started with researchers recording the acoustic signatures of keystrokes and harnessing these auditory patterns to coach an algorithm.
The algorithm, in turn, acquired the remarkable ability to deduce specific keystrokes based solely on their accompanying sounds. Once the keystrokes were interwoven with a data model, the accuracy of the deductions was nothing short of remarkable.
The efficacy of this technique is even higher when a user employs a mechanical keyboard, whose resounding clicks amplify the auditory signals far beyond the ordinary laptop keyboard’s reach, the report said.
The researchers subjected their breakthrough method to rigorous trials over popular online communication platforms such as Zoom and Skype.
Astonishingly, the algorithm managed to decode typing sounds with a staggering 93 percent accuracy rate when recorded via Zoom, while the rate stood at an impressive 91 percent when the audio emanated from Skype sessions.
So, what’s the defence?
With these unsettling findings, the researchers offer defensive strategies for thwarting potential sonic snoopers. Users are urged to diversify their typing styles or opt for randomised passwords to stymie the eavesdropping endeavors.