Communications of the ACM
Hackers sing Startling New Ways to Steal Your Passwords
Researchers at Syracuse University have found hackers can speculate PINs by interpreting video of people tapping smartphone screens, even when the display itself is not plainly visible.
Credit: City A.M.
Syracuse University researchers have found hackers can speculate PINs by interpreting video of people tapping their smartphone screens even when the display is not visible.
The researchers analyzed the video using software that relies on spatio-temporal dynamics to measure the distance from the fingers to the phone's screen, and then guess which characters are pressed. "Based on hand movement and the known geometry of the phone, we can see which keys are pressed," says Syracuse professor Vir Phoha.
Although no instances of this type of hacking have been reported, it is very likely to be adopted by criminals who seek to steal sensitive private information, according to the researchers. They note the technology is simple to implement for anybody who knows basic programing.
The software uses a combination of image-analysis and motion-tracking algorithms to fill in the gaps in the video. The software was able to determine the correct password 40 to 62 percent of the time on the first guess, with the accuracy improving to almost 82 percent after five guesses, and 94 percent after 10 guesses. In addition, the use of more than one video for each phone raised the odds of success even further.
From TechWorm
View Full Article
Abstracts Copyright © 2015 Information Inc., Bethesda, Maryland, USA
No entries found