POSTER: WiPING: Wi-Fi Signal-Based PIN Guessing Attack
Author(s): Seunghun Cha, Jaewoo Park, Geumhwan Cho, Jun Ho Huh, Hyoungshick Kim

Date: October 24 2016
Publication: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS '16)
Page(s): 1835 - 1837
Publisher: ACM
Source 1: https://doi.org/10.1145/2976749.2989067 - Subscription or payment required
Source 2: https://dl.acm.org/authorize?N14400

Abstract or Summary:
This paper presents a new type of online password guessing attack called "WiPING" (Wi-Fi signal-based PIN Guessing attack) to guess a victim's PIN (Personal Identification Number) within a small number of unlock attempts. WiPING uses wireless signal patterns identified from observing sequential finger movements involved in typing a PIN to unlock a mobile device. A list of possible PIN candidates is generated from the wireless signal patterns, and is used to improve performance of PIN guessing attacks. We implemented a proof-of-concept attack to demonstrate the feasibility of WiPING. Our results showed that WiPING could be practically effective: while pure guessing attacks failed to guess all 20 PINs, WiPING successfully guessed two PINs.



Do you have additional information to contribute regarding this research paper? If so, please email siteupdates@passwordresearch.com with the details.

<-- Back to Authentication Research Paper Index





[Home] [About Us] [News] [Research]

Copyright © 2016 PasswordResearch.com