POSTER: WiPING: Wi-Fi Signal-Based PIN Guessing Attack
Date: October 24 2016
Publication: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS '16)
Page(s): 1835 - 1837
Source 1: https://doi.org/10.1145/2976749.2989067 - Subscription or payment required
Source 2: https://dl.acm.org/authorize?N14400
Abstract or Summary:
This paper presents a new type of online password guessing attack called "WiPING" (Wi-Fi signal-based PIN Guessing attack) to guess a victim's PIN (Personal Identification Number) within a small number of unlock attempts. WiPING uses wireless signal patterns identified from observing sequential finger movements involved in typing a PIN to unlock a mobile device. A list of possible PIN candidates is generated from the wireless signal patterns, and is used to improve performance of PIN guessing attacks. We implemented a proof-of-concept attack to demonstrate the feasibility of WiPING. Our results showed that WiPING could be practically effective: while pure guessing attacks failed to guess all 20 PINs, WiPING successfully guessed two PINs.
Do you have additional information to contribute regarding this research paper? If so, please email firstname.lastname@example.org with the details.