- The attack leverages acoustic signals or sound waves that are produced when a user is typing on a computer keyboard.
- These signals are then picked up by smartphone sensors including the microphone, the accelerometer, and the gyroscope.
Malicious actors can now silently steal your data and private conversation while you are typing on your laptop. Apparently, this is even possible while you are working with your device in a crowded place.
How is it possible?
Devised by researchers from SMU's Darwin Deason Institute for Cybersecurity, the attack is possible through acoustic signals or sound waves that are produced when a user is typing on a computer keyboard. These signals are then picked up by smartphone sensors including the microphone, the accelerometer, and the gyroscope.
While the microphone detects the sounds made by keystrokes, the accelerometer, and the gyroscope is used to capture the faint vibration that reverberates through a table when someone types.
How accurate is the experiment?
The SMU team tested their hypothesis using an iPhone app built using artificial intelligence & Swift and Apple's open-source programming language. Using the app, they had managed to detect 41.8% of keystrokes and 27% of typed words correctly. This accuracy includes the data collected even in a noisy environment.
"We found that increasing the number of smartphones used causes overall accuracy to increase up to about 4 phones, but adding any more than 4 phones causes only minimal accuracy increases with our technique," confirmed Mitchell Thornton, a professor of electrical and computer engineering at Southern Methodist University (SMU), Forbes reported.
Limitations of the technique
Despite the success, the security researchers found two major challenges for this attack:
- The first is that each type of keyboard is like a different drum with a specific sound;
- The second is that not all table vibrate the same.
"The characteristics of the vibrations are affected differently depending upon the composition of the material of the table," added Thorton.