Home > Cyber News > Malboard Attack Uses AI to Mimic Users and Evade Detection

Malboard Attack Uses AI to Mimic Users and Evade Detection

Malboard is a new sophisticated attack developed by security researchers at Israeli Ben-Gurion University of the Negev (BGU). The attack involves a compromised USB keyboard to generate and send malicious keystrokes that mimic user behavior.

What makes this attack sophisticated is the utilization of AI (artificial intelligence) that autonomously generates commands in the user’s style, injecting keystrokes as malicious software into the keyboard and evading detection.

The discovery is presented in a new paper titledMalboard: A Novel User Keystroke Impersonation Attack and Trusted Detection Framework Based on Side-Channel Analysis”.

In general, keystrokes generated maliciously don’t match human typing and thus, they can easily be detected. With the help of artificial intelligence, however, the Malboard attack autonomously generates commands in the user’s style, injects the keystrokes as malicious software into the keyboard and evades detection. It’s important to note that the keyboards used in the research were products by Microsoft, Lenovo and Dell.

Related: [wplinkpreview url=”https://sensorstechforum.com/cipher-stunting-evasion-technique/”] Cipher Stunting – Attackers’ Latest Evasion Technique

How was the Malboard attack tested?

30 people took three different keystroke tests against three detection mechanisms (KeyTrac, TypingDNA and DuckHunt). The researchers’ attack evaded detection in 83% to 100% of the cases, explains Dr. Nir Nissim, head of the David and Janet Polak Family Malware Lab at Cyber@BGU, and a member of the BGU Department of Industrial Engineering and Management.

Malboard was effective in two scenarios: by a remote attacker using wireless communication to communicate, and by an inside attacker or employee who physically operates and uses Malboard,” the researcher added.

Note. Both the attack and detection mechanisms were developed as part of the master’s thesis of Nitzan Farhi, a BGU student and member of the USBEAT project at BGU’s Malware Lab, The Science Daily reported.

Related: [wplinkpreview url=”https://sensorstechforum.com/thermanator-thermal-residue-passwords/”] Thermanator Attack Uses Thermal Residue from Keyboards to Steal Your Passwords

Another interesting attack involving the keyboard is the so-called Thermanator attack. The attack could allow a malicious actor with a mid-range thermal camera to capture keys pressed on a standard keyboard. The discovery was by three University of California professors. In short, users’ fingers’ thermal residue on keyboard keys can be recorded by a hacker who can later use it to reveal the user’s passwords or any other text he/she has typed.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree