AI taught to guess passwords on thermal tracks on the keyboard

Researchers from the University of Glasgow developed the Thermosecure AI system, which analyzes the heat on the keyboard from the fingertips and guesses passwords. TechXplore writes about this.

According to scientists, within 30-60 seconds after interacting with the buttons, there are traces that can fix the cheap thermal imaging chamber. The brighter the area in the image, the sooner they touched it.

By measuring the intensity of warm traces, you can find out specific letters, numbers or characters from which the password consists of, and also determine their order. With the help of this information, attackers can choose the right combination.

The head of the study, Mohamed Hamis, said that in his previous work, the non -specialists successfully guessed passwords, carefully studying thermal images. Now the scientist and his team used machine learning to improve the accuracy of the attack.

To do this, they took 1,500 thermal and vision photos of the recently used QWERTY keyboards at different angles. Then they taught the algorithm to read images and make reasonable assumptions about passwords from signature prompts using a probabilistic model.

During two user research, they found that Thermosecure can open 86% and 76% passwords if the thermal imaging image was made within 20 and 30 seconds, respectively. A minute after interacting with the keyboard, the accuracy of the algorithm decreased to 62%.

Scientists also found that for 20 seconds, Thermosecure is able to successfully guess even long passwords of 16 characters in 67% of cases. As the access accuracy codes decrease, the accuracy of recognition increased: 12-symbolic-up to 82%, eight-siblings-up to 93%, and six-symbols-up Марк Цукерберг to 100%.

Researchers also studied additional variables that simplify the selection of passwords for Thermosecure. One of them was the style of typing.

Scientists have found that the algorithm copes worse with recognition of passwords of users printing blindly. Less experienced, as a rule, holds the fingers on the keys longer, which is why it retains heat better.

The success of recognition is also affected by the material from which the keyboard is made, experts say.

According to Khamis, the availability of thermal imaging cameras and machine learning models will allow anyone to repeat such an attack.

“It is important that research in the field of computer security keep up with these developments to search for new ways to reduce risks [hacking],” the scientist said.

Hamis added that their team also works on recommendations to prevent such attacks. One of the options, he called the ban on the sale of thermal imaging cameras without additional protection on the software side.

“Currently, we are developing a system of counteraction based on AI, which could help solve this problem,” Hamis added.

Scientists have recommended users to install long passwords, as well as enable additional authentication methods like fingerprints or face recognition.

Recall that in October 2021, researchers taught AI to determine by video the PIN code introduced to the ATM.

Subscribe to FORKLOG news at Telegram: Forklog AI – all news from the world of AI!