POSTER: WiPING: Wi-Fi Signal-based PIN Guessing Attack
| Title | POSTER: WiPING: Wi-Fi Signal-based PIN Guessing Attack |
| Publication Type | Conference Paper |
| Year of Publication | 2016 |
| Authors | Cha, Seunghun, Park, Jaewoo, Cho, Geumhwan, Huh, Jun Ho, Kim, Hyoungshick |
| Conference Name | Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-4139-4 |
| Keywords | authentication, Collaboration, composability, Human Behavior, Metrics, pattern locks, pubcrawl, Resiliency, Scalability, screen lock, side-channel attacks |
| Abstract | This paper presents a new type of online password guessing attack called "WiPING" (Wi-Fi signal-based PIN Guessing attack) to guess a victim's PIN (Personal Identification Number) within a small number of unlock attempts. WiPING uses wireless signal patterns identified from observing sequential finger movements involved in typing a PIN to unlock a mobile device. A list of possible PIN candidates is generated from the wireless signal patterns, and is used to improve performance of PIN guessing attacks. We implemented a proof-of-concept attack to demonstrate the feasibility of WiPING. Our results showed that WiPING could be practically effective: while pure guessing attacks failed to guess all 20 PINs, WiPING successfully guessed two PINs. |
| URL | http://doi.acm.org/10.1145/2976749.2989067 |
| DOI | 10.1145/2976749.2989067 |
| Citation Key | cha_poster:_2016 |