Thermal Camera

Thermal Camera Plus Machine Learning Reads Passwords Off Keyboard Keys

Visibly worn keys have long been a weakness of physical keypads. For instance, a number pad with digits that are obviously worn from frequent use gives an attacker a clear place to start. The same idea can be used to read keyboards using a thermal camera and machine learning, but it turns out that some key types and typing styles are more difficult to read than others.

The slight amount of body heat that is transferred when a fingertip touches a key can be detected by a thermal sensor. This fundamental method has been employed at least since 2005, but since then two things have changed: thermal cameras have become much more prevalent, and researchers have learned that by combining thermal readings with machine learning, it is possible to pick up tiny details that are too difficult or subtle to pick up by human eye and judgment alone.

Shorter passwords are much simpler to crack; the system can crack passwords with 6 and 8 symbols with an accuracy of 92% and 80%, respectively. Thermal readings were taken up to a full minute after the password was entered in the study, but earlier readings have higher accuracy.

The system has it tougher due to a few factors. Fast typists don’t touch the keys as long, so they don’t generate as much heat when they do, which makes things a little harder. Surprisingly, the keycaps’ material has a significant impact. ABS keycaps retain heat far more effectively than When building custom keyboards like this one, PBT is a material that we frequently see.) Additionally, it transpires that thermal readings are effectively hampered by the minuscule heat generated by the LEDs used in backlit keyboards.

Funny thing is, a scramblepad wouldn’t be able to stop this kind of extremely modern attack. Scramblepads are retro devices that randomly mix up the numbers that correspond to the buttons each time the pad is used. The use of thermal imaging and machine learning to determine which buttons were pressed first and in what order would still be useless. a reminder that while technology does matter when it comes to security, fundamentals sometimes matter more.

Read More: HT-19 Thermal Camera Review

Source: hackaday

Notify of
Inline Feedbacks
View all comments

Related Posts

Begin typing your search term above and press enter to search. Press ESC to cancel.

Back To Top
Would love your thoughts, please comment.x