|
 ABSTRACT
We examine the problem of keyboard acoustic emanations. We present a novel attack taking as input a 10-minute sound recording of a user typing English text using a keyboard, and then recovering up to 96% of typed characters. There is no need for a labeled training recording. Moreover the recognizer bootstrapped this way can even recognize random text such as passwords: In our experiments, 90% of 5-character random passwords using only letters can be generated in fewer than 20 attempts by an adversary; 80% of 10-character passwords can be generated in fewer than 75 attempts. Our attack uses the statistical constraints of the underlying content, English language, to reconstruct text from sound recordings without any labeled training data. The attack uses a combination of standard machine learning and speech recognition techniques, including cepstrum features, Hidden Markov Models, linear classification, and feedback-based incremental learning.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
Asonov, D., and Agrawal, R. "Keyboard Acoustic Emanations". In Proceedings of the IEEE Symposium on Security and Privacy (2004), pp. 3--11.
|
| |
2
|
Atkinson, K. GNU Aspell. http://aspell.sourceforge.net/.
|
| |
3
|
Atkinson, K. Spell Checker Oriented Word Lists. http://wordlist.sourceforge.net/.
|
| |
4
|
Bilmes, J. A. A Gentle Tutorial of the EM Algorithm and its Application to Parameter Estimation for Gaussian Mixture and Hidden Markov Models. Technical Report ICSI-TR-97-021, International Computer Science Institute, Berkeley, California, 1997.
|
| |
5
|
Briol, R. "Emanation: How to Keep Your Data Confidential". In Proceedings of Symposium on Electromagnetic Security For Information Protection (1991).
|
| |
6
|
|
| |
7
|
Jordan, M. I. An Introduction to Probabilistic Graphical Models. In preparation.
|
| |
8
|
|
| |
9
|
|
| |
10
|
Kuhn, M. G. "Compromising Emanations: Eavesdropping Risks of of Computer Displays". Technical Report UCAM-CL-TR-577, Computer Laboratory, University of Cambridge, 2003.
|
| |
11
|
|
| |
12
|
Shamir, A., and Tromer, E. Acoustic Cryptanalysis. http://www.wisdom.weizmann.ac.il/~tromer/acoustic/.
|
| |
13
|
Speech Vision and Robotics Group of the Cambridge University Engineering Department. HTK Speech Recognition Toolkit. http://htk.eng.cam.ac.uk/.
|
| |
14
|
|
| |
15
|
|
CITED BY 7
|
|
|
|
|
Joshua Mason , Kathryn Watkins , Jason Eisner , Adam Stubblefield, A natural language approach to automated cryptanalysis of two-time pads, Proceedings of the 13th ACM conference on Computer and communications security, October 30-November 03, 2006, Alexandria, Virginia, USA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Lourdes López , José-F Martínez , Alfonso Muñoz , Vicente Hernández , Antonio Dasilva , Ana-B García, ASA: advanced secure architecture for preventing unauthorized access in personal computer platforms and BIOS, Proceedings of the 2007 Euro American conference on Telematics and information systems, May 14-17, 2007, Faro, Portugal
|
INDEX TERMS
Primary Classification:
K.
Computing Milieux
K.6
MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
K.6.5
Security and Protection (D.4.6, K.4.2)
Subjects:
Unauthorized access (e.g., hacking, phreaking)
Additional Classification:
K.
Computing Milieux
K.4
COMPUTERS AND SOCIETY
K.4.1
Public Policy Issues
Subjects:
Privacy
General Terms:
Security
Keywords:
HMM,
acoustic emanations,
cepstrum,
computer security,
electronic eavesdropping,
hidden Markov models,
human factors,
keyboards,
learning theory,
privacy,
signal analysis
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf