A research team from Cornell University (Ithaca, New York) has utilized AI to accurately predict typed content simply by listening to keystrokes.
The team trained their AI using a database of keystroke sounds. This approach allows the AI to predict the content being typed on a keyboard with an accuracy of up to 95%. This accuracy only drops to 93% when training the system via Zoom.
However, the AI training method employed by the Cornell University team still has several drawbacks. For instance, the AI’s predictive capabilities cannot be immediately applied to arbitrary keyboard types.
In other words, the AI needs some time to “get accustomed” to each specific type of keyboard, as each keystroke sound will be used as a reference for the AI to guess the character during the training process. Training the AI model can be done on-site using a microphone or even remotely via applications like Zoom to capture the keystroke sounds.
AI can accurately guess what you are typing just by listening to the keystrokes. (Illustrative image).
It is known that the research team used a MacBook Pro to demonstrate the AI’s ability to predict content. They pressed 36 different keys, each key pressed 25 times. This created a foundation for the AI model to recognize which character was being typed corresponding to the keystroke sound produced. Although the acoustic wave generated for each keystroke has slight differences, the AI still identified each key with astonishing accuracy.
Of course, using this AI model for malicious purposes (such as data theft) is not a good idea, as there are still many weaknesses present.
There have been some concerns about the potential misuse of this AI model for harmful purposes (like data theft). However, this type of attack is not without its weaknesses, according to the research team.
For example, simply changing the typing style can significantly reduce the AI’s accuracy in predicting the typed content. When typing with a very light touch, the AI’s accuracy in recognizing the content drops from 64% to 40%. Additionally, users can employ software to generate noise that interferes with the input (using white noise) or add extra keystrokes to confuse the AI.
Each type of keyboard also presents different risks in terms of being vulnerable to AI data theft. For instance, the AI’s accuracy in predicting data is generally higher when users employ mechanical keyboards, which produce louder sounds than regular keyboards. Nevertheless, membrane keyboards (which use a rubber dome instead of a switch under each key) still generate sufficient sound to train the AI model.
Therefore, the best way to mitigate this type of attack is to implement software solutions, rather than switching from a “noisy” keyboard to a “quieter” one.
