Embed Size (px)
Citation preview
An Improved Methodology Towards Providing Immunity Against Weak
Shoulder Surfing Attack
Nilesh ChakrabortyAnd
Samrat Mondal
Shoulder Surfing Attack
This type of attacks generally happen in public domain.
Adversary may observe or use recording device (conceal camera) to record the login session.
After get to know the user password adversary may use that password to get authenticated by the system illegally.
Evidences of the Attack
The first four months report of 2012-2013 suggests a total 2553 cases of cash fraud in 2012 while 7525 in 2013 in UK banking.
Courtesy: Sky News [1]
In 2010, $217000 was stolen from Long Island bank of USA by performing the same attack [2].
Categorization of Attack Model
• Depending upon the equipment used by adversary: – a) Strong Shoulder Surfing Attack (Performed with
recording device) [3] [4] – b) Weak Shoulder Surfing Attack (Relies on limited
cognitive skill of attacker) [5] [6]
Working Model of Shoulder Surfing Resilient Schemes
• Shoulder surfing resilient schemes are basically depends upon challenge-response.
• User never reveals her actual password (P) which is a pre-shared secrete between user and system.
• System generates random challenge (C) in each session.
• Seeing the challenge user gives her response (R) based on P .
Properties of Weak Shoulder Surfing Resilient Schemes
• The login methodology is relatively easier than strong shoulder surfing resilient scheme.
• Can prevent malware based attack.• Can not provide security against strong
shoulder surfing attack even for a single session.
Previously Proposed Weak Shoulder Surfing Resilient Schemes
• In 2004, Roth et. al first proposed an weak shoulder resilient mechanism (BW method).
• In 2013, Kwon et. al identified basic drawback of BW method.
• The proposed scheme of Kwon et. al (FC method) overcomes drawback of BW method.
BW Method
Prototype of BW method
Each round user keypad equally get partitioned into two colors.
User identifies her PIN digit
by pressing the color buttons (marked by red dots)
corresponding the color
appeared on her PIN digit.
BW Method
Response for PIN digit 3 : For a single PIN digit user gives response in four rounds.
At the end of each fourth round system can identify user PIN digit uniquely based on correct user response.
Drawback of BW Method
• In 2013 Kwon et al. show that by performing 3 steps operations security of BW method can be threatened. – Covert attention [7]– Perceptual grouping [8]– Motor operation [9]
Covert Attention
n + 1It has been observed that normal people can see objects within 2◦ visual angle from the point of eye fixation (foveal vision).
Where as people enjoy fast video games have improved vision capabilities [8] and can see objects within 5◦ visual angle from the point of eye fixation (parafoveal vision).
1◦ is about three normal text from the point of eye fixation.
Perceptual Grouping&
Motor Operation
• Perceptual grouping [8] implies grouping of objects and it depends upon their proximity, similarity, continuation.
• In BW method objects are grouped based on color numeric buttons.
• Motor operation [9] requires a co-ordination between central nervous system and the musculoskeletal (muscular and skeletal) system.
Effect of Covert Attention on BW Method
The point of eye fixation is shown at the center of the picture. Green circle indicates foveal vision range. Red circle indicates parafoveal vision range.
Attack Scenario
Thus, security of BW method can be threatened without using any recording device.
Experimental Result (Reference : Kwon et. al [4] )
Outcome after 50 login sessions : Attack performed by ten adversaries
Attack Analysis
• By using human performance modeling tool (CPM-GOMS) in [6] author shows login time for each round is 960 ms (skilled user).
• To perform attack, attacker also needs 960 ms.• User login time become same with time
required to perform the attack.
Hardness Factor
• Ratio between time taken by the attacker to perform the attack (TA) and the login time of skilled user (TL) .
Harness Factor = TA/TL
Hardness factor greater than 1 ensures security against this kind of attack.
Motivation Behind FC Method
• Perceptual grouping takes 300 ms to group objects based on colors [10].
• To group black and white objects it takes 600 ms to perceptual grouping in BW method.
• Increase the time duration of perceptual grouping which in turn increase the time taken to perform the attack.
FC Method
Four colors are used to color the numeric keys.
Each numeric key holds two different colors.
Each color appears in five different partitions.
No numeric key holds two same colors.
User identifies her PIN digit by pressing one of the two colors appears on her PIN digit by pressing the color buttons (marked by red dots).
FC Method
User response for PIN digit 6 in FC method
Attack Analysis
• By using human performance modeling tool (CPM-GOMS) in [6] author shows login time for each round is 1080 ms.
• To perform attack, attacker needs 1580 ms.• This makes the attack infeasible in case of FC
method.
Experimental Result (Reference : Kwon et. al [4] )
Outcome after 50 login sessions : Attack performed by ten adversaries
Basic Goals Behind Proposed Scheme
• Both BW and FC methods comprise of 16 rounds during login. This increases user fatigue level. Reduce number of rounds during login.
• Increase the security factors in terms of random key stroke attack and hardness factor.
Proposed Methodology (MC Method)
• Total five colors are used to design the login interface of MC method.
• Each numeric button is partitioned into 3 different parts namely Up, Middle and Down.
• Each color appears in (30/5 = 6) different places.• No numeric buttons hold two same colors.• Each color appears on a particular partition exactly
twice. • Colors are randomly distributed by maintaining the
above properties.
Prototype Model (MC Method)
Color red: Up → 4 , 6 Middle → 8, 9 Down → 2, 0
Login Procedure
• In first round user goes to the numeric button corresponds to her PIN digit.
• Selects a color that appears on numeric button.• While choosing the color user remembers the
partition from where she chooses the color.• For the remaining rounds in that session, user
must select the color from the same partition from the numeric buttons corresponds her PIN digit.
Login Procedure (Contd…)For each PIN digit user needs to give her response in two rounds.
User response for first two PIN digits 2 and 3 where selected session partition is middle.
Attack Analysis
• Login time for each round is 1280 ms.• To perform attack, attacker needs 1880 ms.• This makes the attack infeasible in case of MC
method.
Security Analysis Methodology Hardness Factor
BW 1
FC 1.462
MC 1.468
Comparison of Hardness Factor
Pr(BW) = (1/2)16 Pr(FC) = (1/2)16
Pr(MC) = (3/5) X (1/5)7
Success probability while attacker selects arbitrary color keys
Experimental Result
Above figure shows that shoulder surfers in 68.3% cases can get all PIN digits entered by user using BW method. All digits in the PIN are secure only in 3.3% of cases of BW method and that of 64.4% for FC and 73% for MC method.
Usability Analysis : Login Time
The login duration varies 16-22 sec for BW method, 17-25 for FC method and 10-15 for MC method : 30 users login for 300 sessions
Usability Analysis (contd…)
• Error during login is significantly reduced in MC method after all users habituated with all three methods.
• Training time in MC method is much higher than other two methodologies.
• In their feedback form most of the users prefers MC method over other two methodologies because of reduced number of rounds.
Conclusions
• MC methods provides improved security compared to BW and FC method.
• Reduced number of rounds may proven to be more acceptable.
• Training time complexity is needed to be reduced.
• Partial security against strong shoulder surfing attack may be another future scope.
References1. Skynews. ATM ‘shoulder surfing’ card fraud on rise. http://news.sky.com/story/1100203/atm-
shoulder-surfing-card-fraud-on-rise, June 2013.2. Gardiner, S. $217,000 ’skimmed’ from atms. In The Wall Street Journal (June 2010).3. Bai, X., Gu, W., Chellappan, S., Wang, X., Xuan, D., and Ma, B. Pas: Predicate-base authentication
services against powerful passive adversaries. In IEEE Annual Computer Security Application Conference (December 2008), pp. 433–442.
4. Zhao, H., and Li, X. S3PAS: A scalable shoulder-surfing resistant textual-graphical password authentication scheme. In 21st International Conference on Advanced Information Networking and Applications Workshops (2007), pp. 467–472.
5. V.Roth, K.Ritcher, and R.Freidinger. A pin-entry method resilient against shoulder surfing. In ACM Conf. Comput. Commun. Security (2004), pp. 236–245.
6. Kwon, T., Shin, S., and Na, S. Covert attentional shoulder surfing: Human adversaries are more powerful than expected. In IEEE Transactions on Systems, Man, and Cybernatics: Systems (2013).
7. Posner, M. I. ORIENTING OF ATTENTION*. Quart. J. Experimental Psychology 32, 1 (1980), 3–25.8. Lowe, D. G. Perceptual Organization and Visual Recognition. Tech. rep., DTIC Document, 1984.9. Allen, G., Buxton, R. B., Wong, E. C., and Courchesne, E. Attentional activation of the cerebellum
independent of motor involvement. Science 275, 5308 (1997), 1940–1943.10. Treisman, A. M., and Kanwisher, N. G. Perceiving visually presented objects: Recognition,
awareness, and modularity. Current Opinion Neurobiol 8, 2 (1998), 218–226.
Thank You
