Silent Cyber Threat: Protect Your Keystrokes from AI Keylogging via Sound Waves
Published on: March 10, 2024
In a groundbreaking study, British researchers have trained an artificial intelligence system to identify keystrokes by their sound. Using a smartphone as a microphone placed near a laptop, the AI demonstrated a remarkable ability to decipher typing based on audio cues.
The research involved correlating the sound of each keypress with its corresponding letter. This method was tested by typing a password into a laptop and having the AI predict the word based on the sound. Impressively, the AI recognized the password with a 95 percent accuracy rate.
To test the practical application of this technique, the researchers assessed its effectiveness in eavesdropping on passwords during video calls on platforms like Zoom and Skype. The AI maintained high accuracy, achieving around 92 percent for Skype and 93 percent for Zoom, proving its effectiveness in realistic scenarios.
As a countermeasure to this potential security threat, the researchers recommend using password managers like Keepass. These tools automatically fill in passwords in login fields, preventing the AI from intercepting keystroke data.
The experiment was conducted using a 2021 MacBook Pro with an M1 chip and a 16-inch screen. The smartphone used was an iPhone 13 Mini, positioned 17 centimeters away from the laptop, alongside tests conducted with Zoom and Skype.
The researchers transformed the audio recordings into visual waveforms and spectrograms to train an image-based AI. They also discovered that typing with the ten-finger system significantly reduces the AI's ability to accurately identify individual keystrokes.
Enhancing password security with upper and lower case letters and special characters can further complicate AI-based password reconstruction. However, the most effective protection against such AI techniques is the use of a password manager that auto-fills passwords, minimizing the risk of audio eavesdropping.
This study highlights the evolving landscape of cybersecurity and the need for robust measures to safeguard against sophisticated AI threats. The use of password managers is highly recommended for enhanced security, and users are encouraged to explore the best options available.