research-article

Skype & Type: Keyboard Eavesdropping in Voice-over-IP

Authors:

Stefano Cecconello,

Alberto Compagno,

Gene TsudikAuthors Info & Claims

ACM Transactions on Privacy and Security (TOPS), Volume 22, Issue 4

Article No.: 24, Pages 1 - 34

https://doi.org/10.1145/3365366

Published: 06 December 2019 Publication History

Abstract

Voice-over-IP (VoIP) software are among the most widely spread and pervasive software, counting millions of monthly users. However, we argue that people ignore the drawbacks of transmitting information along with their voice, such as keystroke sounds—as such sound can reveal what someone is typing on a keyboard.

In this article, we present and assess a new keyboard acoustic eavesdropping attack that involves VoIP, called Skype & Type (S&T). Unlike previous attacks, S&T assumes a weak adversary model that is very practical in many real-world settings. Indeed, S&T is very feasible, as it does not require (i) the attacker to be physically close to the victim (either in person or with a recording device) and (ii) precise profiling of the victim’s typing style and keyboard; moreover, it can work with a very small amount of leaked keystrokes. We observe that leakage of keystrokes during a VoIP call is likely, as people often “multi-task” during such calls. As expected, VoIP software acquires and faithfully transmits all sounds, including emanations of pressed keystrokes, which can include passwords and other sensitive information. We show that one very popular VoIP software (Skype) conveys enough audio information to reconstruct the victim’s input—keystrokes typed on the remote keyboard. Our results demonstrate that, given some knowledge on the victim’s typing style and keyboard model, the attacker attains top-5 accuracy of 91.7% in guessing a random key pressed by the victim. This work extends previous results on S&T, demonstrating that our attack is effective with many different recording devices (such as laptop microphones, headset microphones, and smartphones located in proximity of the target keyboard), diverse typing styles and speed, and is particularly threatening when the victim is typing in a known language.

References

[1]

[n.d.]. Opus Codec Support. Retrieved from https://wiki.xiph.org/OpuSupport.

[2]

[n.d.]. Oxford Dictionary. Which Letters in the Alphabet Are Used Most Often. Retrieved from http://www.oxforddictionaries.com/words/which-letters-are-used-most.

[3]

[n.d.]. 2015: Skype’s Year in Review. Retrieved from http://blogs.skype.com/2015/12/17/2015-skypes-year-in-review/.

[4]

[n.d.]. Over 1 billion Skype Mobile Downloads. Retrieved from http://blogs.skype.com/2016/04/28/over-1-billion-skype-mobile-downloads-thank-you/.

[5]

[n.d.]. Microsoft BUILD 2016 Keynote. Retrieved from https://channel9.msdn.com/Events/Build/2016/KEY01.

[6]

Kamran Ali, Alex Liu, Wei Wang, and Muhammad Shahzad. 2015. Keystroke recognition using WiFi signals. In Proceedings of the ACM Annual International Conference on Mobile Computing and Networking (MobiCom’15). 90--102.

Digital Library

[7]

S. Abhishek Anand and Nitesh Saxena. 2018. Keyboard emanations in remote voice calls: Password leakage and noise (less) masking defenses. In Proceedings of the ACM Conference on Data and Application Security and Privacy (CODASPY’18).

[8]

Dmitri Asonov and Rakesh Agrawal. 2004. Keyboard acoustic emanations. In Proceedings of the IEEE Symposium on Security and Privacy (S8P’04). 3--11.

[9]

Kiran S. Balagani, Mauro Conti, Paolo Gasti, Martin Georgiev, Tristan Gurtler, Daniele Lain, Charissa Miller, Kendall Molas, Nikita Samarin, Eugen Saraci, et al. 2018. SILK-TV: Secret information leakage from keystroke timing videos. In Proceedings of the European Symposium on Research in Computer Security. Springer, 263--280.

[10]

Davide Balzarotti, Marco Cova, and Giovanni Vigna. 2008. Clearshot: Eavesdropping on keyboard input from video. In Proceedings of the IEEE Symposium on Security and Privacy (S8P’08). 170--183.

Digital Library

[11]

Dipak Basu. 2000. Dictionary of Pure and Applied Physics. CRC Press.

[12]

Yigael Berger, Avishai Wool, and Arie Yeredor. 2006. Dictionary attacks using keyboard acoustic emanations. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’06). 245--254.

Digital Library

[13]

Stephen Boyd, Corinna Cortes, Mehryar Mohri, and Ana Radovanovic. 2012. Accuracy at the top. In Proceedings of the Conference and Workshop on Neural Information Processing Systems (NIPS’12). 953--961.

[14]

Stuart Card, Thomas Moran, and Allen Newell. 1980. The keystroke-level model for user performance time with interactive systems. Commun. ACM 23, 7 (1980), 396--410.

Digital Library

[15]

Yimin Chen, Tao Li, Rui Zhang, Yanchao Zhang, and Terri Hedgpeth. 2018. Eyetell: Video-assisted touchscreen keystroke inference from eye movements. In Proceedings of the IEEE Symposium on Security and Privacy (S8P’18). 144--160.

[16]

Charles J. Clopper and Egon S. Pearson. 1934. The use of confidence or fiducial limits illustrated in the case of the binomial. Biometrika 26, 4 (1934), 404--413.

[17]

Alberto Compagno, Mauro Conti, Daniele Lain, and Gene Tsudik. 2017. Don’t skype 8 type&excl;: Acoustic eavesdropping in voice-over-IP. In Proceedings of the ACM Asia Conference on Computer and Communications Security (ASIACCS’17).

[18]

Anupam Das, Nikita Borisov, and Matthew Caesar. 2014. Do you hear what I hear?: Fingerprinting smart devices through embedded acoustic components. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’14). 441--452.

Digital Library

[19]

Song Fang, Ian Markwood, Yao Liu, Shangqing Zhao, Zhuo Lu, and Haojin Zhu. 2018. No training hurdles: Fast training-agnostic attacks to infer your typing. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’18). 1747--1760.

Digital Library

[20]

Jeffrey Friedman. 1972. Tempest: A signal problem. NSA Cryptologic Spectrum (1972). https://www.nsa.gov/Portals/70/documents/news-features/declassified-documents/cryptologic-spectrum/tempest.pdf.

[21]

Daniel Genkin, Mihir Pattani, Roei Schuster, and Eran Tromer. 2018. Synesthesia: Detecting screen content via remote acoustic side channels. In Proceedings of the IEEE Symposium on Security and Privacy (S8P’19).

[22]

Isabelle Guyon, Jason Weston, Stephen Barnhill, and Vladimir Vapnik. 2002. Gene selection for cancer classification using support vector machines. Mach. Learn. 46, 1--3 (2002), 389--422.

Digital Library

[23]

Tzipora Halevi and Nitesh Saxena. 2012. A closer look at keyboard acoustic emanations: Random passwords, typing styles and decoding techniques. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’12). 89--90.

Digital Library

[24]

Tzipora Halevi and Nitesh Saxena. 2015. Keyboard acoustic side channel attacks: Exploring realistic and security-sensitive scenarios. Int. J. Inf. Secur. 14, 5 (2015), 443--456.

Digital Library

[25]

Kun Jin, Si Fang, Chunyi Peng, Zhiyang Teng, Xufei Mao, Lan Zhang, and Xiangyang Li. 2017. Vivisnoop: Someone is snooping your typing without seeing it&excl;. In Proceedings of the IEEE Conference on Communications and Network Security Dedicated to Communications and Network Security (CNS’17). 1--9.

[26]

Tyler Kaczmarek, Ercan Ozturk, and Gene Tsudik. 2018. Thermanator: Thermal residue-based post factum attacks on keyboard password entry. In Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security (ASIACCS’19).

[27]

Tadayoshi Kohno, Andre Broido, and Kimberly Claffy. 2005. Remote physical device fingerprinting. IEEE Trans. Depend. Sec. Comput. 2, 2 (2005), 93--108.

Digital Library

[28]

Paul Lamere, Philip Kwok, Evandro Gouvea, Bhiksha Raj, Rita Singh, William Walker, Manfred Warmuth, and Peter Wolf. 2003. The CMU SPHINX-4 speech recognition system. In Proceedings of the IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP’03), Vol. 1. 2--5.

[29]

Jian Liu, Yan Wang, Gorkem Kar, Yingying Chen, Jie Yang, and Marco Gruteser. 2015. Snooping keystrokes with mm-level audio ranging on a single phone. In Proceedings of the ACM Annual International Conference on Mobile Computing and Networking (MobiCom’15). 142--154.

Digital Library

[30]

Beth Logan et al. 2000. Mel frequency cepstral coefficients for music modeling. In Proceedings of the Conference of the International Society for Music Information Retrieval (ISMIR’08).

[31]

Jan Lukas, Jessica Fridrich, and Miroslav Goljan. 2006. Digital camera identification from sensor pattern noise. IEEE Trans. Inf. Forens. Secur. 1, 2 (2006), 205--214.

Digital Library

[32]

Philip Marquardt, Arunabh Verma, Henry Carter, and Patrick Traynor. 2011. (sp) iPhone: Decoding vibrations from nearby keyboards using mobile phone accelerometers. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’11). 551--562.

Digital Library

[33]

Zdenek Martinasek, Vlastimil Clupek, and Krisztina Trasy. 2015. Acoustic attack on keyboard using spectrogram and neural network. In Proceedings of the International Conference on Telecommunications and Signal Processing (TSP’15). 637--641.

[34]

John Monaco. 2018. SoK: Keylogging side channels. In Proceedings of the IEEE Symposium on Security and Privacy (S8P’18).

[35]

E. H. Rothauser, W. D. Chapman, N. Guttman, K. S. Nordby, H. R. Silbiger, G. E. Urbanek, and M. Weinstock. 1969. IEEE recommended practice for speech quality measurements. IEEE Trans. Aud. Electroacoust. 17, 3 (1969), 225--246.

[36]

Diksha Shukla, Rajesh Kumar, Abdul Serwadda, and Vir Phoha. 2014. Beware, your hands reveal your secrets&excl;. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’14). 904--917.

[37]

Dawn Xiaodong Song, David Wagner, and Xuqing Tian. 2001. Timing analysis of keystrokes and timing attacks on SSH. In Proceedings of the USENIX Security Symposium, Vol. 2001.

[38]

Jean-Marc Valin, Koen Vos, and T. Terriberry. 2012. Definition of the Opus audio codec. IETF J. RFC 6716: 1-326 (2012).

[39]

Martin Vuagnoux and Sylvain Pasini. 2009. Compromising electromagnetic emanations of wired and wireless keyboards. In Proceedings of the USENIX Security Symposium. 1--16.

[40]

Junjue Wang, Kaichen Zhao, Xinyu Zhang, and Chunyi Peng. 2014. Ubiquitous keyboard for small mobile devices: Harnessing multipath fading for fine-grained keystroke localization. In Proceedings of the ACM International Conference on Mobile Systems, Applications, and Services (MobiSys’14). 14--27.

Digital Library

[41]

R. L. Wegel and C. E. Lane. 1924. The auditory masking of one pure tone by another and its probable relation to the dynamics of the inner ear. Phys. Rev. 23, 2 (1924), 266.

[42]

Teng Wei, Shu Wang, Anfu Zhou, and Xinyu Zhang. 2015. Acoustic eavesdropping through wireless vibrometry. In Proceedings of the ACM Annual International Conference on Mobile Computing and Networking (MobiCom’15). 130--141.

Digital Library

[43]

Wojciech Wodo and Lucjan Hanzlik. 2016. Thermal imaging attacks on keypad security systems. In Proceedings of the International Joint Conference on E-Business and Telecommunications (ICETE’16).

Digital Library

[44]

Tong Zhu, Qiang Ma, Shanfeng Zhang, and Yunhao Liu. 2014. Context-free attacks using keyboard acoustic emanations. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’14). 453--464.

Digital Library

[45]

Li Zhuang, Feng Zhou, and Doug Tygar. 2009. Keyboard acoustic emanations revisited. ACM Trans. Inf. Syst. Sec. 13, 1 (2009), 3.

Digital Library

Cited By

Huang JBai JZhang XLiu ZFeng YLiu JSun XDong MLi M(2024)KeystrokeSniffer: An Off-the-Shelf Smartphone Can Eavesdrop on Your Privacy From AnywhereIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.342430119(6840-6855)Online publication date: 2024
https://doi.org/10.1109/TIFS.2024.3424301
Tanaka TRampazzi SSugawara T(2024)LightTouch: Harnessing Laser-Based Signal Injection to Manipulate Optical Human-Computer InterfacesIEEE Access10.1109/ACCESS.2024.341357112(84033-84045)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3413571
Ozkan AKilic BAcarturk C(2024)Keystroke Transcription from Acoustic Emanations Using Continuous Wavelet TransformMachine Learning for Cyber Security10.1007/978-981-97-2458-1_1(1-16)Online publication date: 23-Apr-2024
https://doi.org/10.1007/978-981-97-2458-1_1
Show More Cited By

Index Terms

Skype & Type: Keyboard Eavesdropping in Voice-over-IP
1. Security and privacy
  1. Security in hardware
    1. Hardware attacks and countermeasures
      1. Side-channel analysis and countermeasures
  2. Security services
    1. Authentication

Recommendations

Don't Skype & Type!: Acoustic Eavesdropping in Voice-Over-IP
ASIA CCS '17: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security

Acoustic emanations of computer keyboards represent a serious privacy issue. As demonstrated in prior work, physical properties of keystroke sounds might reveal what a user is typing. However, previous attacks assumed relatively strong adversary models ...
3D Freehand Gestural Navigation for Interactive Public Displays

Users increasingly expect more-interactive experiences with public displays for applications including learning, gaming, urban visualization, and planning. However, user interaction with applications on public displays is challenging and often doesn't ...
Acoustic Side-Channel Attacks on a Computer Mouse
Detection of Intrusions and Malware, and Vulnerability Assessment
Abstract
Acoustic Side-Channel Attacks (ASCAs) extract sensitive information by using audio emitted from a computing devices and their peripherals. Attacks targeting keyboards are popular and have been explored in the literature. However, similar attacks ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Privacy and Security

ACM Transactions on Privacy and Security Volume 22, Issue 4

November 2019

170 pages

ISSN:2471-2566

EISSN:2471-2574

DOI:10.1145/3364835

Editor:
David Basin
ETH Zurich, Switzerland

Issue’s Table of Contents

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 December 2019

Accepted: 01 September 2019

Revised: 01 April 2019

Received: 01 November 2018

Published in TOPS Volume 22, Issue 4

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

H2020 European Research Council

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
637
Total Downloads

Downloads (Last 12 months)75
Downloads (Last 6 weeks)9

Reflects downloads up to 26 Jul 2024

Other Metrics

View Author Metrics

Citations

Cited By

Huang JBai JZhang XLiu ZFeng YLiu JSun XDong MLi M(2024)KeystrokeSniffer: An Off-the-Shelf Smartphone Can Eavesdrop on Your Privacy From AnywhereIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.342430119(6840-6855)Online publication date: 2024
https://doi.org/10.1109/TIFS.2024.3424301
Tanaka TRampazzi SSugawara T(2024)LightTouch: Harnessing Laser-Based Signal Injection to Manipulate Optical Human-Computer InterfacesIEEE Access10.1109/ACCESS.2024.341357112(84033-84045)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3413571
Ozkan AKilic BAcarturk C(2024)Keystroke Transcription from Acoustic Emanations Using Continuous Wavelet TransformMachine Learning for Cyber Security10.1007/978-981-97-2458-1_1(1-16)Online publication date: 23-Apr-2024
https://doi.org/10.1007/978-981-97-2458-1_1
Conti MDuroyon MOrazi GTsudik G(2024)Acoustic Side-Channel Attacks on a Computer MouseDetection of Intrusions and Malware, and Vulnerability Assessment10.1007/978-3-031-64171-8_3(44-63)Online publication date: 17-Jul-2024
https://dl.acm.org/doi/10.1007/978-3-031-64171-8_3
Long YYan CXiao SPrasad SXu WFu K(2023)Private Eye: On the Limits of Textual Screen Peeking via Eyeglass Reflections in Video Conferencing2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179423(3432-3449)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179423
Balagani KCardaioli MCecconello SConti MTsudik G(2022)We Can Hear Your PIN Drop: An Acoustic Side-Channel Attack on ATM PIN PadsComputer Security – ESORICS 202210.1007/978-3-031-17140-6_31(633-652)Online publication date: 26-Sep-2022
https://dl.acm.org/doi/10.1007/978-3-031-17140-6_31
Bai JLiu BSong LShen HZhuang YSmith JYang YCesar PMetze FPrabhakaran B(2021)I Know Your Keyboard InputProceedings of the 29th ACM International Conference on Multimedia10.1145/3474085.3475539(1239-1247)Online publication date: 17-Oct-2021
https://dl.acm.org/doi/10.1145/3474085.3475539
Lee KLee JChoi CYim K(2021)Offensive Security of Keyboard Data Using Machine Learning for Password Authentication in IoTIEEE Access10.1109/ACCESS.2021.30502399(10925-10939)Online publication date: 2021
https://doi.org/10.1109/ACCESS.2021.3050239
Liu HSpolaor RTurrin FBonafede RConti M(2021)USB Powered Devices: A Survey of Side-Channel Threats and CountermeasuresHigh-Confidence Computing10.1016/j.hcc.2021.100007(100007)Online publication date: Mar-2021
https://doi.org/10.1016/j.hcc.2021.100007

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View Issue’s Table of Contents