@inproceedings{369bccf602ee4c2994e58291b58fc883,
title = "POSTER: WiPING: Wi-Fi signal-based PIN guessing attack",
abstract = "This paper presents a new type of online password guessing attack called {"}WiPING{"} (Wi-Fi signal-based PIN Guessing attack) to guess a victim's PIN (Personal Identification Number) within a small number of unlock attempts. WiPING uses wireless signal patterns identified from observing sequential finger movements involved in typing a PIN to unlock a mobile device. A list of possible PIN candidates is generated from the wireless signal patterns, and is used to improve performance of PIN guessing attacks. We implemented a proof-of-concept attack to demonstrate the feasibility of WiPING. Our results showed that WiPING could be practically effective: while pure guessing attacks failed to guess all 20 PINs, WiPING successfully guessed two PINs.",
keywords = "Authentication, Screen lock, Side-channel attacks",
author = "Seunghun Cha and Jaewoo Park and Geumhwan Cho and Huh, \{Jun Ho\} and Hyoungshick Kim",
note = "Publisher Copyright: {\textcopyright} 2016 Copyright held by the owner/author(s).; 23rd ACM Conference on Computer and Communications Security, CCS 2016 ; Conference date: 24-10-2016 Through 28-10-2016",
year = "2016",
month = oct,
day = "24",
doi = "10.1145/2976749.2989067",
language = "English",
series = "Proceedings of the ACM Conference on Computer and Communications Security",
publisher = "Association for Computing Machinery",
pages = "1835--1837",
booktitle = "CCS 2016 - Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security",
}