SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
29 Aug 2016

Hackers can track your keystrokes through your Wi-Fi signal

It is theoretically possible to accurately detect keystrokes using the Wi-Fi signals from a plain router, scientists from Michigan State University and the Nanjing University in China have discovered.

Researchers say that, in environments with minimal signal interference, an attacker could use the disruptions in the router's Wi-Fi signals to detect the keys an individual presses on their laptop and use this data to steal their passwords.

This is not a science fiction scenario because scientists did demo technologies in the past where they used Wi-Fi signals to detect a person's presence and movements in a room. Wi-Fi signals were also previously used to read hand gestures and lip movements, so the accuracy of Wi-Fi signals is well established in scientific circles. WiKey attack uses off-the-shelf equipment. For their experiment, called WiKey, researchers employed off-the-shelf equipment, such as a TP-Link TL-WR1043ND Wi-Fi router and a Lenovo X200 laptop.

In order to collect the tiny shifts in Wi-Fi signals, they used the router's MIMO (Multiple-Input and Multiple-Output) capabilities, which refer to a set of functions that allow each of the antennas to send multiple Wi-Fi signals on the same radio channel. Researchers used these multiple Wi-Fi signals like a scanner and swept the room to create a map of the environment. Because of this, WiKey only works in rooms with minimal movement and little to no human presence.

"WiKey uses tiny shifts in Wi-Fi signals to detect key presses"

When a person stands in front of the laptop and starts typing, WiKey is able to pick up disruptions in the Wi-Fi signals caused by the tiny shift of the user's hands, fingers and keys. "While typing a certain key, the hands and fingers of a user move in a unique formation and direction and thus generate a unique pattern in the time-series of Channel State Information (CSI) values, which we call CSI-waveform for that key," the researchers explain. The team says that, by training a special computer algorithm, their program would be able to detect which key presses are for what keys, and eventually manage to recover text entered on the laptop.

"Accuracy varies from 77% to 97.5%"

In an environment with little movement and a slow-typing user, the system's accuracy was 97.5 percent. In a real-world scenario, with Wi-Fi field disruptions and a faster-typing user, the system's accuracy was between 77.43 percent (30 training samples) and 93.47 percent (80 training samples). In spite of the lower precision, many threat actors would be more than happy to know three-quarters of your password.

Another downside of this attack is that, in a real-world scenario, an attacker would need time to train WiKey before being able to steal a target's passwords. Additionally, placing 2-3 persons with a laptop near each other renders the attack useless, with WiKey unable to distinguish between targets. The research paper titled Keystroke Recognition Using Wi-Fi Signals by Kamran Ali, Alex X. Liu, Wei Wang, and Muhammad Shahzad is available for download.

Tags:
Wi-Fi surveillance information leaks
Source:
Softpedia
1927
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015