[IP] Microphones placed near keyboards can record keystrokes.

[David Farber <dave@xxxxxxxxxx>]

Begin forwarded message:

From: Bradley Malin <malin@xxxxxxxxxx>
Date: September 13, 2005 5:31:26 PM EDT
To: dave@xxxxxxxxxx, joehall@xxxxxxxxx
Subject: Re: [IP] Microphones placed near keyboards can record  
keystrokes.


I just read the paper and I agree, this is good research.  However,  
while it's flashy, it's not much of a breakthrough.  At its  
foudation, this paper combines two known concepts:

1) Asonov's finding (their reference [1]) that microphones capture  
different sounds for different keys, and

2) Probabilistic models (i.e. HMM's and mixture models) for resolving  
patterns in the acoustic components akin to speech recognition models.

Novelty, yes.  Breakthrough, no.

Also note, while the authors don't exactly lie, they do sweep certain  
aspects of their claims under the rug.  Specifically, they claim they  
can detect words in an unsupervised setting (i.e. they don't train a  
classifier for words like Asonov did).  However, this is not really  
true outside of pedantic machine learning jargon.  A quick sketch of  
my claim follows.

Every keytype pattern which they extract is compared to an English  
dictionary.  So, really what they do is input an acoustic emanation  
(space delimited) and convert into a string where each sound gets a  
character.  Then, they compare each sequence of characters to words  
in the dictionary and return the English word with the most similar  
pattern. Thus, while Asonov compared his acoustic patterns to  
"trained" neural-net classifiers of acoustics, the authors of this  
paper are comparing their sequences of characters to a standardized  
set of sequences of characters (i.e. English words).

One more thing, their "unsupervised" learning model only accounts for  
words which are in the dictionary.  If the word is not in the  
dictionary, then the authors move to a "supervised" (or trained)  
system.  Specifically, they "use the previously obtained corrected  
results [word matches] as labeled training samples".  So, password  
snarfing is achievable, but you may have to train your system against  
each user.

hopefully not offending anyone,

-brad
================================================
Bradley Malin, PhD candidate
Carnegie Mellon University
  School of Computer Science
    Data Privacy Laboratory

David Farber wrote:


> Begin forwarded message:
> From: Joseph Lorenzo Hall <joehall@xxxxxxxxx>
> Date: September 13, 2005 4:25:43 PM EDT
> To: Dave Farber <dave@xxxxxxxxxx>
> Subject: Microphones placed near keyboards can record keystrokes.
> Reply-To: joehall@xxxxxxxxx
> Here's a second try at submitting this one to IP... : )
> Since I last sent this, this research has made [Ed Felten's blog][6],
> [Bruce Schneier's blog][7] and [Slashdot][8].  I can imagine some
> IPers would have interesting things to say.  My own thoughts are
> [here][9]. best, Joe
> ----
> <http://tygar-blog.com/2005/09/keyboard-acoustic-emanations-  
> revisited.html>
> ## September 2, 2005
> ### Keyboard Acoustic Emanations Revisited
> Microphones placed near keyboards can record keystrokes. [Li
> Zhuang][1], [Feng Zhou][2], and [I (Doug Tygar)][3] have developed a
> set of algorithms for recreating the material typed directly from the
> keystrokes. Unlike previous approaches, our algorithms require no
> information about the typist, keyboard, room, or text typed. Unlike
> previous approaches, our algorithms do not require any "labeled
> training data" (matching acoustic recordings to the actual text typed
> by a particular typist.) In contrast, our algorithm can use data from
> a cheap microphone in the room with a typist, collect ten minutes
> worth of data, and the algorithm will be able to recover the typed
> text. In fact, once our algorithm has ten minutes worth of typed
> English text, it can recover arbitrary text, such as passwords. Even
> if the typist uses a "quiet keyboard", we can still recover the
> text. And our work further suggests that the microphone need not be
> placed in a room -- a parabolic microphone outside the room would work
> equally well at recovering the signals.
> Our paper on this work will appear in November 2005 at the ACM
> Conference on Computer and Communications Security.
> A preprint of our paper describing this work is available at
> [keyboard-emanations.org][4]. Copies of other papers by me are
> available at [my publications web site][5].
> Doug Tygar 9/02/2005 08:33:00 AM
> [1]: http://www.cs.berkeley.edu/~zl/
> [2]: http://www.cs.berkeley.edu/~zf/
> [3]: http://www.cs.berkeley.edu/~tygar/
> [4]: http://keyboard-emanations.org/
> [5]: http://www.cs.berkeley.edu/~tygar/publications.htm
> [6]: http://www.freedom-to-tinker.com/?p=893
> [7]: http://www.schneier.com/blog/archives/2005/09/ 
> snooping_on_tex.html
> [8]: http://it.slashdot.org/article.pl?  
> sid=05/09/13/1644259&tid=172&tid=218
> [9]: http://josephhall.org/nqb2/index.php/2005/09/04/mic_strokes
> --
> Joseph Lorenzo Hall
> UC Berkeley, SIMS PhD Student
> <http://josephhall.org/>
> This email is written in [markdown] - an easily-readable and parseable
> text format.
> [markdown]: http://daringfireball.net/projects/markdown/
> -------------------------------------
> You are subscribed as malin@xxxxxxxxxx
> To manage your subscription, go to
>  http://v2.listbox.com/member/?listname=ip
> Archives at: http://www.interesting-people.org/archives/interesting- 
> people/



-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/