New Deep Learning Model Can Steal Your Passwords Just by Listening to You Type
CoAtNet can predict passwords from keystroke sound with 95% accuracy, highlighting the growing threat of acoustic side-channel attacks.
New Deep Learning Model Can Predict Passwords From Keystroke Sound With 95% Accuracy
A team of researchers from Cornell University have developed a new deep-learning model that can predict passwords from the sound of keystrokes with 95% accuracy. The model, called "CoAtNet," was trained on a dataset of over 100,000 keystroke recordings. It can identify individual keys with 99% accuracy, and it can predict passwords up to 12 characters long with 95% accuracy.
CoAtNet works by first extracting features from the keystroke recordings. These features include the timing of each key press, the loudness of each key press, and the frequency spectrum of each key press. CoAtNet then uses these features to train a neural network to predict which key was pressed.
The researchers tested CoAtNet on a variety of different datasets, including recordings of people typing in a variety of environments, such as in a quiet room, in a noisy room, and over a phone call. CoAtNet was able to accurately predict passwords in all of these environments.
The researchers say that CoAtNet could be used by cybercriminals to steal passwords from unsuspecting users. For example, a cybercriminal could sit in a coffee shop and record the sound of people typing their passwords into public Wi-Fi networks. They could then use CoAtNet to predict the passwords and gain access to the users' accounts.
The researchers also say that CoAtNet could be used by security researchers to develop new ways to protect passwords from attacks. For example, they could develop software that can detect when CoAtNet is being used to steal passwords.
The development of CoAtNet highlights the growing threat of acoustic side-channel attacks. These attacks exploit the acoustic signatures of different devices and activities to gain unauthorized access to information. As devices become more sophisticated, they also produce more acoustic signatures that can be exploited by attackers.
Users can protect themselves from acoustic side-channel attacks by using strong passwords, being careful about where they type their passwords, and using a password manager. Security researchers should also continue to develop new ways to protect passwords from attacks.
In addition to the above, here are some tips for protecting yourself from acoustic side-channel attacks:
Use a keyboard with a built-in sound muffler.
Type in a quiet room.
Avoid typing your password over a phone call or video conference.
Use a password manager to generate and store strong passwords.
Keep your software up to date.
Be aware of the risks of acoustic side-channel attacks and take steps to protect yourself.