Listening in on keyboards

Doug Tygar

University of California Berkeley

Friday, October 6, 2006
10:30am - SENSQ 5317

Refreshments/meet the speaker at 10 a.m.

Hosted by José Brustoloni

Abstract

I examine the problem of keyboard acoustic emanations. I present a novel attack taking as input a 10-minute sound recording of a user typing English text using a keyboard, and then recovering up to 96 percent of typed characters. There is no need for a labeled training recording. Moreover the recognizer bootstrapped this way can even recognize random text such as passwords: in our experiments, 90 percent of five-character random passwords using only letters can be generated in fewer than 20 attempts by an adversary; 80 percent of 10-character passwords can be generated in fewer than 75 attempts. Our attack uses the statistical constraints of the underlying content, English language, to reconstruct text from sound recordings without any labeled training data. The attack uses a combination of standard machine learning and speech recognition techniques, including cepstrum features, Hidden Markov Models, linear classification, and feedback-based incremental learning. This is joint work with Li Zhuang and Feng Zhao.

Biography of Speaker

Doug Tygar is a professor of computer science at UC Berkeley and also a professor of information management at UC Berkeley. He works in the areas of computer security, privacy, and electronic commerce. His current research includes privacy, security issues in sensor webs, digital rights management, and usable computer security. His awards include a National Science Foundation Presidential Young Investigator Award, an Okawa Foundation Fellowship, a teaching award from Carnegie Mellon University, and invited keynote addresses at PODC, PODS, VLDB, and many other conferences. Doug Tygar has written three books; his book Secure Broadcast Communication in Wired and Wireless Networks (with Adrian Perrig) is a standard reference and has been translated to Japanese. He designed cryptographic postage standards for the US Postal Service and has helped build a number of security and electronic commerce systems including: Strongbox, Dyad, Netbill, and Micro-Tesla. He served as chair of the Defense Department's ISAT Study Group on Security with Privacy, and was a founding board member of ACM's Special Interest Group on Electronic Commerce. He helped create and remains an active member of TRUST (Team for Research in Ubiquitous Security Technologies). TRUST is a new National Science Foundation Science and Technology Center with headquarters at UC Berkeley and involving faculty from Berkeley, Carnegie Mellon, Cornell, Stanford, and Vanderbilt. Before coming to UC Berkeley, Dr. Tygar was tenured faculty at Carnegie Mellon's Computer Science Department, where he continues to hold an adjunct professor position. He received his doctorate from Harvard and his undergraduate degree from Berkeley.

Top

You are using an older browser that does not support current Web standards. Although this site is viewable in all browsers, it will look much better in a browser that supports Web standards.