{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,9]],"date-time":"2026-01-09T17:41:38Z","timestamp":1767980498944,"version":"3.49.0"},"reference-count":45,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2019,11,30]],"date-time":"2019-11-30T00:00:00Z","timestamp":1575072000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100010663","name":"H2020 European Research Council","doi-asserted-by":"publisher","award":["832735"],"award-info":[{"award-number":["832735"]}],"id":[{"id":"10.13039\/100010663","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Priv. Secur."],"published-print":{"date-parts":[[2019,11,30]]},"abstract":"Voice-over-IP (VoIP) software are among the most widely spread and pervasive software, counting millions of monthly users. However, we argue that people ignore the drawbacks of transmitting information along with their voice, such as keystroke sounds\u2014as such sound can reveal what someone is typing on a keyboard.<\/jats:p>\n \n In this article, we present and assess a new keyboard acoustic eavesdropping attack that involves VoIP, called\n Skype & Type<\/jats:italic>\n (\n S&T<\/jats:italic>\n ). Unlike previous attacks,\n S&T<\/jats:italic>\n assumes a weak adversary model that is very practical in many real-world settings. Indeed,\n S&T<\/jats:italic>\n is very feasible, as it does not require (i) the attacker to be physically close to the victim (either in person or with a recording device) and (ii) precise profiling of the victim\u2019s typing style and keyboard; moreover, it can work with a very small amount of leaked keystrokes. We observe that leakage of keystrokes during a VoIP call is likely, as people often \u201cmulti-task\u201d during such calls. As expected, VoIP software acquires and faithfully transmits all sounds, including emanations of pressed keystrokes, which can include passwords and other sensitive information. We show that one very popular VoIP software (Skype) conveys enough audio information to reconstruct the victim\u2019s input\u2014keystrokes typed on the remote keyboard. Our results demonstrate that, given some knowledge on the victim\u2019s typing style and keyboard model, the attacker attains top-5 accuracy of 91.7% in guessing a random key pressed by the victim. This work extends previous results on\n S&T<\/jats:italic>\n , demonstrating that our attack is effective with many different recording devices (such as laptop microphones, headset microphones, and smartphones located in proximity of the target keyboard), diverse typing styles and speed, and is particularly threatening when the victim is typing in a known language.\n <\/jats:p>","DOI":"10.1145\/3365366","type":"journal-article","created":{"date-parts":[[2019,12,9]],"date-time":"2019-12-09T13:35:27Z","timestamp":1575898527000},"page":"1-34","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":16,"title":["Skype & Type"],"prefix":"10.1145","volume":"22","author":[{"given":"Stefano","family":"Cecconello","sequence":"first","affiliation":[{"name":"University of Padua, Italy"}]},{"given":"Alberto","family":"Compagno","sequence":"additional","affiliation":[{"name":"Cisco Systems, Issy-les-Moulineaux, France"}]},{"given":"Mauro","family":"Conti","sequence":"additional","affiliation":[{"name":"University of Padua, Italy"}]},{"given":"Daniele","family":"Lain","sequence":"additional","affiliation":[{"name":"ETH Zurich, Zurich, Switzerland"}]},{"given":"Gene","family":"Tsudik","sequence":"additional","affiliation":[{"name":"University of California, Irvine, USA"}]}],"member":"320","published-online":{"date-parts":[[2019,12,6]]},"reference":[{"key":"e_1_2_1_1_1","unstructured":"[n.d.]. Opus Codec Support. Retrieved from https:\/\/wiki.xiph.org\/OpuSupport. [n.d.]. Opus Codec Support. Retrieved from https:\/\/wiki.xiph.org\/OpuSupport."},{"key":"e_1_2_1_2_1","unstructured":"[n.d.]. Oxford Dictionary. Which Letters in the Alphabet Are Used Most Often. Retrieved from http:\/\/www.oxforddictionaries.com\/words\/which-letters-are-used-most. [n.d.]. Oxford Dictionary. Which Letters in the Alphabet Are Used Most Often. Retrieved from http:\/\/www.oxforddictionaries.com\/words\/which-letters-are-used-most."},{"key":"e_1_2_1_3_1","unstructured":"[n.d.]. 2015: Skype\u2019s Year in Review. Retrieved from http:\/\/blogs.skype.com\/2015\/12\/17\/2015-skypes-year-in-review\/. [n.d.]. 2015: Skype\u2019s Year in Review. Retrieved from http:\/\/blogs.skype.com\/2015\/12\/17\/2015-skypes-year-in-review\/."},{"key":"e_1_2_1_4_1","unstructured":"[n.d.]. Over 1 billion Skype Mobile Downloads. Retrieved from http:\/\/blogs.skype.com\/2016\/04\/28\/over-1-billion-skype-mobile-downloads-thank-you\/. [n.d.]. Over 1 billion Skype Mobile Downloads. Retrieved from http:\/\/blogs.skype.com\/2016\/04\/28\/over-1-billion-skype-mobile-downloads-thank-you\/."},{"key":"e_1_2_1_5_1","unstructured":"[n.d.]. Microsoft BUILD 2016 Keynote. Retrieved from https:\/\/channel9.msdn.com\/Events\/Build\/2016\/KEY01. [n.d.]. Microsoft BUILD 2016 Keynote. Retrieved from https:\/\/channel9.msdn.com\/Events\/Build\/2016\/KEY01."},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2789168.2790109"},{"key":"e_1_2_1_7_1","volume-title":"Proceedings of the ACM Conference on Data and Application Security and Privacy (CODASPY\u201918)","author":"Abhishek Anand S.","year":"2018","unstructured":"S. Abhishek Anand and Nitesh Saxena . 2018 . Keyboard emanations in remote voice calls: Password leakage and noise (less) masking defenses . In Proceedings of the ACM Conference on Data and Application Security and Privacy (CODASPY\u201918) . S. Abhishek Anand and Nitesh Saxena. 2018. Keyboard emanations in remote voice calls: Password leakage and noise (less) masking defenses. In Proceedings of the ACM Conference on Data and Application Security and Privacy (CODASPY\u201918)."},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2004.1301311"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-99073-6_13"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.28"},{"key":"e_1_2_1_11_1","volume-title":"Dictionary of Pure and Applied Physics","author":"Basu Dipak","unstructured":"Dipak Basu . 2000. Dictionary of Pure and Applied Physics . CRC Press . Dipak Basu. 2000. Dictionary of Pure and Applied Physics. CRC Press."},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180436"},{"key":"e_1_2_1_13_1","volume-title":"Proceedings of the Conference and Workshop on Neural Information Processing Systems (NIPS\u201912)","author":"Boyd Stephen","year":"2012","unstructured":"Stephen Boyd , Corinna Cortes , Mehryar Mohri , and Ana Radovanovic . 2012 . Accuracy at the top . In Proceedings of the Conference and Workshop on Neural Information Processing Systems (NIPS\u201912) . 953--961. Stephen Boyd, Corinna Cortes, Mehryar Mohri, and Ana Radovanovic. 2012. Accuracy at the top. In Proceedings of the Conference and Workshop on Neural Information Processing Systems (NIPS\u201912). 953--961."},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/358886.358895"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00010"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1093\/biomet\/26.4.404"},{"key":"e_1_2_1_17_1","volume-title":"Proceedings of the ACM Asia Conference on Computer and Communications Security (ASIACCS\u201917)","author":"Compagno Alberto","year":"2017","unstructured":"Alberto Compagno , Mauro Conti , Daniele Lain , and Gene Tsudik . 2017 . Don\u2019t skype 8 type!: Acoustic eavesdropping in voice-over-IP . In Proceedings of the ACM Asia Conference on Computer and Communications Security (ASIACCS\u201917) . Alberto Compagno, Mauro Conti, Daniele Lain, and Gene Tsudik. 2017. Don\u2019t skype 8 type!: Acoustic eavesdropping in voice-over-IP. In Proceedings of the ACM Asia Conference on Computer and Communications Security (ASIACCS\u201917)."},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660325"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243755"},{"key":"e_1_2_1_20_1","volume-title":"Tempest: A signal problem. NSA Cryptologic Spectrum","author":"Friedman Jeffrey","year":"1972","unstructured":"Jeffrey Friedman . 1972 . Tempest: A signal problem. NSA Cryptologic Spectrum (1972). https:\/\/www.nsa.gov\/Portals\/70\/documents\/news-features\/declassified-documents\/cryptologic-spectrum\/tempest.pdf. Jeffrey Friedman. 1972. Tempest: A signal problem. NSA Cryptologic Spectrum (1972). https:\/\/www.nsa.gov\/Portals\/70\/documents\/news-features\/declassified-documents\/cryptologic-spectrum\/tempest.pdf."},{"key":"e_1_2_1_21_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy (S8P\u201919)","author":"Genkin Daniel","year":"2018","unstructured":"Daniel Genkin , Mihir Pattani , Roei Schuster , and Eran Tromer . 2018 . Synesthesia: Detecting screen content via remote acoustic side channels . In Proceedings of the IEEE Symposium on Security and Privacy (S8P\u201919) . Daniel Genkin, Mihir Pattani, Roei Schuster, and Eran Tromer. 2018. Synesthesia: Detecting screen content via remote acoustic side channels. In Proceedings of the IEEE Symposium on Security and Privacy (S8P\u201919)."},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1012487302797"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2414456.2414509"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-014-0264-7"},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2017.8228624"},{"key":"e_1_2_1_26_1","volume-title":"Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security (ASIACCS\u201919)","author":"Kaczmarek Tyler","year":"2018","unstructured":"Tyler Kaczmarek , Ercan Ozturk , and Gene Tsudik . 2018 . Thermanator: Thermal residue-based post factum attacks on keyboard password entry . In Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security (ASIACCS\u201919) . Tyler Kaczmarek, Ercan Ozturk, and Gene Tsudik. 2018. Thermanator: Thermal residue-based post factum attacks on keyboard password entry. In Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security (ASIACCS\u201919)."},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2005.26"},{"key":"e_1_2_1_28_1","volume-title":"Proceedings of the IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP\u201903)","volume":"1","author":"Lamere Paul","year":"2003","unstructured":"Paul Lamere , Philip Kwok , Evandro Gouvea , Bhiksha Raj , Rita Singh , William Walker , Manfred Warmuth , and Peter Wolf . 2003 . The CMU SPHINX-4 speech recognition system . In Proceedings of the IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP\u201903) , Vol. 1 . 2--5. Paul Lamere, Philip Kwok, Evandro Gouvea, Bhiksha Raj, Rita Singh, William Walker, Manfred Warmuth, and Peter Wolf. 2003. The CMU SPHINX-4 speech recognition system. In Proceedings of the IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP\u201903), Vol. 1. 2--5."},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/2789168.2790122"},{"key":"e_1_2_1_30_1","volume-title":"Proceedings of the Conference of the International Society for Music Information Retrieval (ISMIR\u201908)","author":"Beth","unstructured":"Beth Logan et al. 2000. Mel frequency cepstral coefficients for music modeling . In Proceedings of the Conference of the International Society for Music Information Retrieval (ISMIR\u201908) . Beth Logan et al. 2000. Mel frequency cepstral coefficients for music modeling. In Proceedings of the Conference of the International Society for Music Information Retrieval (ISMIR\u201908)."},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2006.873602"},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046771"},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSP.2015.7296341"},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00026"},{"key":"e_1_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/TAU.1969.1162058"},{"key":"e_1_2_1_36_1","volume-title":"Proceedings of the ACM Conference on Computer and Communications Security (CCS\u201914)","author":"Shukla Diksha","year":"2014","unstructured":"Diksha Shukla , Rajesh Kumar , Abdul Serwadda , and Vir Phoha . 2014 . Beware, your hands reveal your secrets! . In Proceedings of the ACM Conference on Computer and Communications Security (CCS\u201914) . 904--917. Diksha Shukla, Rajesh Kumar, Abdul Serwadda, and Vir Phoha. 2014. Beware, your hands reveal your secrets!. In Proceedings of the ACM Conference on Computer and Communications Security (CCS\u201914). 904--917."},{"key":"e_1_2_1_37_1","volume-title":"Proceedings of the USENIX Security Symposium","volume":"2001","author":"Song Dawn Xiaodong","year":"2001","unstructured":"Dawn Xiaodong Song , David Wagner , and Xuqing Tian . 2001 . Timing analysis of keystrokes and timing attacks on SSH . In Proceedings of the USENIX Security Symposium , Vol. 2001 . Dawn Xiaodong Song, David Wagner, and Xuqing Tian. 2001. Timing analysis of keystrokes and timing attacks on SSH. In Proceedings of the USENIX Security Symposium, Vol. 2001."},{"key":"e_1_2_1_38_1","first-page":"1","article-title":"Definition of the Opus audio codec","volume":"6716","author":"Valin Jean-Marc","year":"2012","unstructured":"Jean-Marc Valin , Koen Vos , and T. Terriberry . 2012 . Definition of the Opus audio codec . IETF J. RFC 6716 : 1 - 326 (2012). Jean-Marc Valin, Koen Vos, and T. Terriberry. 2012. Definition of the Opus audio codec. IETF J. RFC 6716: 1-326 (2012).","journal-title":"IETF J. RFC"},{"key":"e_1_2_1_39_1","volume-title":"Proceedings of the USENIX Security Symposium. 1--16","author":"Vuagnoux Martin","year":"2009","unstructured":"Martin Vuagnoux and Sylvain Pasini . 2009 . Compromising electromagnetic emanations of wired and wireless keyboards . In Proceedings of the USENIX Security Symposium. 1--16 . Martin Vuagnoux and Sylvain Pasini. 2009. Compromising electromagnetic emanations of wired and wireless keyboards. In Proceedings of the USENIX Security Symposium. 1--16."},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/2594368.2594384"},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1103\/PhysRev.23.266"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/2789168.2790119"},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.5220\/0005998404580464"},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660296"},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/1609956.1609959"}],"container-title":["ACM Transactions on Privacy and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3365366","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3365366","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T17:49:49Z","timestamp":1750268989000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3365366"}},"subtitle":["Keyboard Eavesdropping in Voice-over-IP"],"short-title":[],"issued":{"date-parts":[[2019,11,30]]},"references-count":45,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2019,11,30]]}},"alternative-id":["10.1145\/3365366"],"URL":"https:\/\/doi.org\/10.1145\/3365366","relation":{},"ISSN":["2471-2566","2471-2574"],"issn-type":[{"value":"2471-2566","type":"print"},{"value":"2471-2574","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,11,30]]},"assertion":[{"value":"2018-11-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2019-09-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2019-12-06","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}