Title :
Attacking Random Keypads through Click Timing Analysis
Author :
Fleming, Charles ; Ning Cui ; Dawei Liu ; Haining Liang
Author_Institution :
Dept. of Comput. Sci. & Software Eng., Xi´an Jiaotong-Liverpool Univ., Suzhou, China
Abstract :
This paper introduces a new method for attacking Personal Identification Numbers (PINs) through analysis of time delay between clicks. While click timing attacks are not new, they previously relied on known spacings between keys. In our method, we do not focus on flaws or weaknesses in the system itself, but on the flaws inherent in the human aspect of the system. Our attack exploits unconscious patterns in PIN input that are a side-effect of the human memorization process to narrow the PIN down to a specific class, such as date, greatly reducing the possible set of pass codes. To identify these patterns, we use a series of Support Vector Machines (SVM) as a multi-class classifier. Through analysis of our collected data set we demonstrate that this attack is very effective.
Keywords :
pattern classification; security of data; support vector machines; PIN; SVM; attacking random keypads; click timing analysis; click timing attacks; human memorization process; multiclass classifier; pass codes; personal identification numbers; support vector machines; time delay analysis; Cameras; Computers; Pins; Software; Support vector machines; Timing; Training; PIN; Personal Identification Numbers; security; timing attack;
Conference_Titel :
Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), 2014 International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-4799-6235-8
DOI :
10.1109/CyberC.2014.28
