Browse Definitions :
Definition

keyboard vibration attack

TechTarget Contributor
By

A keyboard vibration attack is a proof-of-concept (POC) exploit that involves placing a mobile device near to a computer keyboard in order to use the mobile device’s accelerometer as a keylogger. 

The accelerometer detects vibrations from the keyboard and an associated application translates them into the characters being typed. Although there have been no reports of keyboard vibration attacks in the wild, Georgia Tech researchers found a method to exploit the accelerometer in an iPhone to record keystrokes.

The researchers reported a captured character accuracy of 80 percent and claim that as accelerometers progress, the accuracy increases. They discovered this capacity by observing that the exploit functioned with higher accuracy on the newer generations of iPhones.

Although the research was conducted on Apple phones, the Georgia Tech researchers note that similar exploits could target other mobile devices and operating systems. The research follows similar investigations and discoveries involving the possibility of exploiting cameras, microphones and even status LED micro-pulses to reveal sensitive information such as passwords or financial details.

 

This was last updated in May 2015

Continue Reading About keyboard vibration attack

SearchCompliance
  • OPSEC (operations security)

    OPSEC (operations security) is a security and risk management process and strategy that classifies information, then determines ...

  • smart contract

    A smart contract is a decentralized application that executes business logic in response to events.

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

SearchSecurity
  • threat modeling

    Threat modeling is a procedure for optimizing application, system or business process security by identifying objectives and ...

  • distributed denial-of-service (DDoS) attack

    A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a ...

  • social engineering

    Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into ...

SearchHealthIT
SearchDisasterRecovery
  • change control

    Change control is a systematic approach to managing all changes made to a product or system.

  • disaster recovery (DR)

    Disaster recovery (DR) is an organization's ability to respond to and recover from an event that affects business operations.

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

SearchStorage
  • bare-metal cloud

    Bare-metal cloud is a public cloud service that offers dedicated hardware resources without any installed operating systems or ...

  • race condition

    A race condition is an undesirable situation that occurs when a device or system attempts to perform two or more operations at ...

  • storage security

    Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted ...

Close