Timing analysis of keystrokes and timing attacks on SSH
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Keyboard acoustic emanations revisited
ACM Transactions on Information and System Security (TISSEC)
Artificial Intelligence: A Modern Approach
Artificial Intelligence: A Modern Approach
Timing attacks on PIN input in VoIP networks
DIMVA'11 Proceedings of the 8th international conference on Detection of intrusions and malware, and vulnerability assessment
TouchLogger: inferring keystrokes on touch screen from smartphone motion
HotSec'11 Proceedings of the 6th USENIX conference on Hot topics in security
Breaking undercover: exploiting design flaws and nonuniform human behavior
Proceedings of the Seventh Symposium on Usable Privacy and Security
Tapprints: your finger taps have fingerprints
Proceedings of the 10th international conference on Mobile systems, applications, and services
On the practicality of motion based keystroke inference attack
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Fingerprint attack against touch-enabled devices
Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices
PassChords: secure multi-touch authentication for blind people
Proceedings of the 14th international ACM SIGACCESS conference on Computers and accessibility
Hi-index | 0.00 |
Keypads are commonly used to enter personal identification numbers (PIN) which are intended to authenticate a user based on what they know. A number of those keypads such as ATM inputs and door keypads provide an audio feedback to the user for each button pressed. Such audio feedback are observable from a modest distance. We are looking at quantifying the information leaking from delays between acoustic feedback pulses. Preliminary experiments suggest that by using a Hidden Markov Model, it might be possible to substantially narrow the search space. A subsequent brute force search on the reduced search space could be possible with- out triggering alerts, lockouts or other mechanisms design to thwart plain brute force attempts.