국립중앙도서관 "우편 복사 서비스"로 연결 됩니다.
Android allows 20 consecutive fail attempts on unlocking a device. This makes it difficult for pure guessing attacks to crack user patterns on a stolen device before it permanently locks itself. We investigate the effectiveness of combining Markov mod...
다국어 입력
あ
ぁ
か
が
さ
ざ
た
だ
な
は
ば
ぱ
ま
や
ゃ
ら
わ
ゎ
ん
い
ぃ
き
ぎ
し
じ
ち
ぢ
に
ひ
び
ぴ
み
り
う
ぅ
く
ぐ
す
ず
つ
づ
っ
ぬ
ふ
ぶ
ぷ
む
ゆ
ゅ
る
え
ぇ
け
げ
せ
ぜ
て
で
ね
へ
べ
ぺ
め
れ
お
ぉ
こ
ご
そ
ぞ
と
ど
の
ほ
ぼ
ぽ
も
よ
ょ
ろ
を
ア
ァ
カ
サ
ザ
タ
ダ
ナ
ハ
バ
パ
マ
ヤ
ャ
ラ
ワ
ヮ
ン
イ
ィ
キ
ギ
シ
ジ
チ
ヂ
ニ
ヒ
ビ
ピ
ミ
リ
ウ
ゥ
ク
グ
ス
ズ
ツ
ヅ
ッ
ヌ
フ
ブ
プ
ム
ユ
ュ
ル
エ
ェ
ケ
ゲ
セ
ゼ
テ
デ
ヘ
ベ
ペ
メ
レ
オ
ォ
コ
ゴ
ソ
ゾ
ト
ド
ノ
ホ
ボ
ポ
モ
ヨ
ョ
ロ
ヲ
―
http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
예시)
- 中文 을 입력하시려면 zhongwen을 입력하시고 space를누르시면됩니다.
- 北京 을 입력하시려면 beijing을 입력하시고 space를 누르시면 됩니다.
А
Б
В
Г
Д
Е
Ё
Ж
З
И
Й
К
Л
М
Н
О
П
Р
С
Т
У
Ф
Х
Ц
Ч
Ш
Щ
Ъ
Ы
Ь
Э
Ю
Я
а
б
в
г
д
е
ё
ж
з
и
й
к
л
м
н
о
п
р
с
т
у
ф
х
ц
ч
ш
щ
ъ
ы
ь
э
ю
я
′
″
℃
Å
¢
£
¥
¤
℉
‰
$
%
F
₩
㎕
㎖
㎗
ℓ
㎘
㏄
㎣
㎤
㎥
㎦
㎙
㎚
㎛
㎜
㎝
㎞
㎟
㎠
㎡
㎢
㏊
㎍
㎎
㎏
㏏
㎈
㎉
㏈
㎧
㎨
㎰
㎱
㎲
㎳
㎴
㎵
㎶
㎷
㎸
㎹
㎀
㎁
㎂
㎃
㎄
㎺
㎻
㎽
㎾
㎿
㎐
㎑
㎒
㎓
㎔
Ω
㏀
㏁
㎊
㎋
㎌
㏖
㏅
㎭
㎮
㎯
㏛
㎩
㎪
㎫
㎬
㏝
㏐
㏓
㏃
㏉
㏜
㏆
RISS 인기검색어
https://www.riss.kr/link?id=T14574733
- 저자
-
발행사항
서울 : 성균관대학교 일반대학원, 2017
-
학위논문사항
학위논문(석사) -- 성균관대학교 일반대학원 , 소프트웨어플랫폼학과 , 2017. 8
-
발행연도
2017
-
작성언어
영어
- 주제어
-
발행국(도시)
서울
-
형태사항
58 ; 26 cm
-
일반주기명
지도교수: 김형식
- DOI식별코드
-
소장기관
- 성균관대학교 중앙학술정보관
- 성균관대학교 중앙학술정보관
-
0
상세조회 -
0
다운로드
부가정보
다국어 초록 (Multilingual Abstract)
Android allows 20 consecutive fail attempts on unlocking a device. This makes it difficult for pure guessing attacks to crack user patterns on a stolen device before it permanently locks itself. We investigate the effectiveness of combining Markov model-based guessing attacks with smudge attacks on unlocking Android devices within 20 attempts. Detected smudges are used to pre-compute all the possible segments and patterns, significantly reducing the pattern space that needs to be brute-forced. Our Markov-model was trained using 70% of a real-world pattern dataset that consists of 312 patterns. We recruited 12 participants to draw the remaining 30% on Samsung Galaxy S4, and used smudges they left behind to analyze the performance of the combined attack. Our results show that this combined method can significantly improve the performance of pure guessing attacks, cracking 74.17% of patterns compared to just 13.33% when the Markov model-based guessing attack was performed alone---those results were collected from a naive usage scenario where the participants were merely asked to unlock a given device. Even under a more complex scenario that asked the participants to use the Facebook app for a few minutes---obscuring smudges were added as a result---our combined attack, at 31.94%, still outperformed the pure guessing attack at 13.33%. Obscuring smudges can significantly affect the performance of smudge-based attacks. Based on this finding, we recommend that a mitigation technique should be designed to help users add obscurity, e.g., by asking users to draw a second random pattern upon unlocking a device.
목차 (Table of Contents)
- 1. Introduction 1
- 2. Background 4
- 2.1 Android screen lock patterns 4
- 2.2 Attack model and assumptions 5
- 3. Smudge-supported pattern guessing attack 6
- 1. Introduction 1
- 2. Background 4
- 2.1 Android screen lock patterns 4
- 2.2 Attack model and assumptions 5
- 3. Smudge-supported pattern guessing attack 6
- 3.1 Extracting the pattern input area 8
- 3.2 Identifying smudge objects 9
- 3.3 Generating a set of segments forming the target pattern 12
- 3.3 Enumerating pattern candidates 13
- 4. Data collection 15
- 4.1 Collecting real-world patterns through Private Notes 15
- 4.2 Characteristics of real-world patterns 17
- 5. First results: Smug attack optimization 20
- 5.1 Methodology 20
- 5.2 Camera and lighting 21
- 5.3 Threshold values for determining relevant segments 21
- 5.4 Markov model optimization based on smug attack performance 23
- 6. Second results: Smug attack performance 25
- 6.1 Methodology 25
- 6.2 Smug attack performance 26
- 6.3 Effects of smudge obscurity 27
- 6.4 False positive and false negative analysis 29
- 7. Mitigation strategies 32
- 7.1 Adding obscurity 32
- 7.2 Allowing repeated points 35
- 7.3 Changing the pattern grid location 36
- 8. Discussion 37
- 8.1 Effectiveness of smug attacks 37
- 8.2 Limitations of smug attacks 38
- 8.3 Mitigation through adding obscurity 39
- 9. Related work 40
- 10. Conclusion 42
- 11. References 43
- Korean Abstract 47
이 자료와 함께 이용한 RISS 자료
나만을 위한 추천자료
