ATTACK OF ARRAY SENSOR ON KEYBOARD ACOUSTIC EMANATIONS
Public awareness in recognizing the threat of side-channel attack of acoustic emanation and how to protect valuable assets is still very low. Target attacks are keyboard or keypad as authentication access to valuable assets such as ATM machines, digital door locks, or even digital cropping. The atta...
Saved in:
| Main Author: | |
|---|---|
| Format: | Theses |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/22954 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| Summary: | Public awareness in recognizing the threat of side-channel attack of acoustic emanation and how to protect valuable assets is still very low. Target attacks are keyboard or keypad as authentication access to valuable assets such as ATM machines, digital door locks, or even digital cropping. The attack model is non-invasive or without direct interaction to unlock the locks but instead of an acoustic signal emerging from the key presses on the keyboard. Various methods of attack on acoustic emanation were developed to find vulnerabilities as risk identification on a keyboard. The stack sensor attack method was developed by the authors to to obtain better key interpretation accuracy. The sensor uses two microphones that are placed sequentially and aligned in front of the target with a certain slope to get a significant time difference. Acoustic data acquisition using hardware such as microphone, mixer, soundcard and DAW software then data are analyzed to get the arrival time value. The value is used for estimation of TDOA and know the direction of arrival of sound source. The target is 30 pieces of keyboard keys. The difference of this attack is to determine the coordinates of key localization with geometry computation, and does not require training data for key classification. The experimental results show the key can be identified on average 90 percent of 10 keystroke samples. These results indicate the potential for information leakage vulnerability is significant enough to be aware of the serious threat of keyboard vulnerability. |
|---|