|
POSTER: WiPING: Wi-Fi Signal-Based PIN Guessing Attack
Date: October 24 2016 Publication: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS '16) Page(s): 1835 - 1837 Publisher: ACM Source 1: https://doi.org/10.1145/2976749.2989067 - Subscription or payment required Source 2: https://dl.acm.org/authorize?N14400 Abstract or Summary:
This paper presents a new type of online password guessing attack called "WiPING" (Wi-Fi signal-based PIN Guessing attack) to guess a victim's PIN (Personal Identification Number) within a small number of unlock attempts. WiPING uses wireless signal patterns identified from observing sequential finger movements involved in typing a PIN to unlock a mobile device. A list of possible PIN candidates is generated from the wireless signal patterns, and is used to improve performance of PIN guessing attacks. We implemented a proof-of-concept attack to demonstrate the feasibility of WiPING. Our results showed that WiPING could be practically effective: while pure guessing attacks failed to guess all 20 PINs, WiPING successfully guessed two PINs. Do you have additional information to contribute regarding this research paper? If so, please email siteupdates@passwordresearch.com with the details.
<-- Back to Authentication Research Paper Index |