講座名稱：No Training Hurdles: Fast Training-Agnostic Attacks to Infer Your Typing
講座地點：騰訊會議直播（會議ID：174 533 274）
劉堯，南佛羅里達大學計算機科學與工程系的副教授，研究重點是設計和實施防御方法，以保護新興的移動和網絡技術不受對手的破壞，曾在網絡和安全會議的組織和技術計劃委員會中任職，包括NDSS，CCS，INFOCOM，S＆P和CNS。 她還是學術期刊的編輯委員會成員，包括《Jornal of Computer Security》和《 IEEETransactions on Information Forensics and Security》。 于2019年獲得ACM SIGSAC頒發的ACM CCS Test-of-Time獎，于2016年獲得NSF CAREER獎。
Traditional methods to eavesdrop keystrokes leverage some malware installed in a target computer to record the keystrokes for an adversary. Existing research work has identified a new class of attacks that can eavesdrop the keystrokes in a non-invasive way without infecting the target computer to install a malware. The common idea is that pressing a key of a keyboard can cause a unique and subtle environmental change, which can be captured and analyzed by the eavesdropper to learn the keystrokes. For these attacks, however, a training phase must be accomplished to establish the relationship between an observed environmental change and the action of pressing a specific key. This significantly limits the impact and practicality of these attacks. Recently, we discover that it is possible to design keystroke eavesdropping attacks without requiring the training phase. To eavesdrop keystrokes, an attacker can establish a mapping between typing each letter and its respective environmental change by exploiting the correlation among observed changes and known structures of dictionary words. This talk will introduce this new attack and the experiment results.