AudioStrike: Acoustic Identification of Keystrokes to Enhance End-to-End Session Integrity Público
Zaiman, Zachary (Spring 2023)
Abstract
The lateral movement strategy is one of the most pervasive attack techniques in a modern hacker's arsenal. Generally, a point of entry is established through a phishing or social engineering attack to gain access to a target's broader network from where more confidential and valuable information is obtained. Time and time again this method of exploitation has beaten the most complex systems with state-of-the-art intrusion detection software and security infrastructure due primarily to human error. To effectively defend against lateral movement attacks, we propose Audiostrike, a continuous and frictionless keystroke authentication architecture that utilizes the natural acoustic emanations of a user's keyboard. We specifically show a proof of concept of this system on a single typist that achieves a 0.87 ROCAUC score of classifying keystrokes on three regions of the keyboard and can identify a potential attack within 5 keystrokes with high probability.
Table of Contents
1 Introduction 1
2 Background 7
2.1 Side Channel Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.2 Security by Surveillance . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.3 Threat Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.3.1 Local Compromise . . . . . . . . . . . . . . . . . . . . . . . . 9
2.3.2 Root Compromise . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.3.3 Physical Compromise . . . . . . . . . . . . . . . . . . . . . . . 10
3 Materials and Methods 12
3.1 AudioStrike System . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
3.2 Data Collection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
3.2.1 User Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
3.2.2 Data Collector . . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.2.3 Back-end . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
3.3 IRB Study Design For Crowd Sourcing . . . . . . . . . . . . . . . . . 24
3.4 Model Training . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
3.4.1 Metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
4 Results 30
4.1 Data Exploration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
4.2 Model Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
5 Related Works 36
5.1 Security Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . 36
5.2 Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
5.3 Convolutional Neural Networks . . . . . . . . . . . . . . . . . . . . . 38
5.4 Audio Signal Processing . . . . . . . . . . . . . . . . . . . . . . . . . 40
5.5 Crowd Sourcing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
6 Discussion 44
6.1 System Validation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
6.2 Ethical Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . 46
6.3 Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
6.4 Future Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
6.5 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Appendix A Full Keystroke Distribution 51
Bibliography 55
About this Honors Thesis
| School | |
|---|---|
| Department | |
| Degree | |
| Submission | |
| Language |
|
| Research Field | |
| Palabra Clave | |
| Committee Chair / Thesis Advisor | |
| Committee Members |
Primary PDF
| Thumbnail | Title | Date Uploaded | Actions |
|---|---|---|---|
|
|
AudioStrike: Acoustic Identification of Keystrokes to Enhance End-to-End Session Integrity () | 2023-04-06 17:11:50 -0400 |
|
Supplemental Files
| Thumbnail | Title | Date Uploaded | Actions |
|---|