Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Skype & Type: keyboard eavesdropping in voice-over-IP
Cecconello S., Compagno A., Conti M., Lain D., Tsudik G. ACM Transactions on Privacy and Security22 (4):1-34,2019.Type:Article
Date Reviewed: Aug 24 2021

In our current environment, many people work remotely from their office and routinely use voice over Internet protocol (VoIP) tools for communicating with colleagues. During these voice calls, it is also quite common for participants to continue to use their computer to “multitask.” Cecconello et al. present and assess a keyboard acoustic eavesdropping technique, Skype & Type (S&T), which conveys computer keyboard keystrokes to attackers.

The authors present some historical background on keyboard acoustic eavesdropping and examine the threat model. They define their assumptions and describe the S&T attack process, as well as their experimental and VoIP software setup. Detailed results, well supported with diagrams and tables, are presented, evaluated, and discussed.

The experiments demonstrate that the technique can work surprisingly well. The authors show that, given some knowledge of the victim’s typing style, language, and keyboard model, VoIP software can convey enough audio information to achieve keystroke interception accuracy of greater than 90 percent. Potential countermeasures are discussed in some detail, and the authors provide concluding remarks and thorough references.

An interesting examination of a largely ignored attack vector, it warns against the temptation to multitask and use the computer keyboard while undertaking VoIP sessions.

Reviewer:  David B. Henderson Review #: CR147339
Bookmark and Share
  Reviewer Selected
Featured Reviewer
Would you recommend this review?
Other reviews under "Abuse And Crime Involving Computers": Date
Cyber crime and cyber terrorism investigator’s handbook
Akhgar B., Staniforth A., Bosco F., Syngress Publishing, Waltham, MA, 2014.  306, Type: Book (978-0-128007-43-3), Reviews: (2 of 2)
Feb 6 2015
Defeating DDoS attacks by fixing the incentive chain
Huang Y., Geng X., Whinston A. ACM Transactions on Internet Technology 7(1): 5-es, 2007. Type: Article
Jun 20 2007
Hack for hire
Mirian A. Queue 17(4): 41-60, 2019. Type: Article
Jan 29 2020

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 2004™
Terms of Use
| Privacy Policy