The fact that artificial intelligence can predict with such accuracy could open the door to cyberattacks. Experts say that as video conferencing tools like Zoom and devices with built-in microphones become more popular, the risk of audio-based cyberattacks will increase.
 |
| Artificial intelligence can guess which key is being pressed with over 90% accuracy just from sound. |
Accordingly, researchers have created an artificial intelligence system that can guess which key is being pressed on a laptop keyboard with an astonishing accuracy of more than 90%, based only on audio recordings.
Dr Ehsan Toreini, co-author of the study at the University of Surrey (UK), commented that the accuracy of the models as well as cyber attacks will increase. According to him, there needs to be a public debate on the issue of artificial intelligence (AI) governance, especially as smart devices equipped with microphones become more familiar in families.
Mr. Toreini and his colleagues also used machine learning algorithms to develop an artificial intelligence system that can determine which keys are pressed on a laptop based on the sound.
Specifically, in the study, they pressed each of the 36 keys on the MacBook Pro, including both numbers and characters, 25 times in a row, using different fingers and pressure. The audio was recorded through a Zoom call and on a smartphone placed near the keyboard.
The team then fed the data into an artificial intelligence machine learning system that learned to recognize the characteristics of the audio signals associated with each key. The results showed that the system could assign a key to the correct sound 95% of the time when recording a phone call and 93% of the time when recording a Zoom call.
While the study is purely demonstrative and not intended to be used to crack passwords or in a real-world setting, the authors say people should be wary, especially since laptops use similar keyboards and are often used in public places like coffee shops. The eavesdropping method could be applied to any keyboard.
The researchers also offer a number of ways to reduce the risk of being attacked via audio, such as opting for biometric login if available or enabling two-step verification.
Additionally, users should use the Shift key to combine lowercase and uppercase letters, numbers, and symbols in their passwords. Joshua Harrison, one of the authors, commented that it is very difficult to determine if the Shift key is used.
Meanwhile, Professor Feng Hao of the University of Warwick warns users against typing sensitive messages, including passwords, on the keyboard during Zoom calls. “In addition to sound, visual images of small shoulder and wrist movements can also reveal information about which keys are being pressed, even if the keyboard is not visible on camera,” he said.
Source
Comment (0)