Entry Serwadda:2016:TRR from tissec.bib

Last update: Sun Oct 15 02:58:48 MDT 2017                Valid HTML 3.2!

Index sections

Top | Symbols | Numbers | Math | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

BibTeX entry

@Article{Serwadda:2016:TRR,
  author =       "Abdul Serwadda and Vir V. Phoha and Zibo Wang and
                 Rajesh Kumar and Diksha Shukla",
  title =        "Toward Robotic Robbery on the Touch Screen",
  journal =      j-TISSEC,
  volume =       "18",
  number =       "4",
  pages =        "14:1--14:??",
  month =        may,
  year =         "2016",
  CODEN =        "ATISBQ",
  DOI =          "https://doi.org/10.1145/2898353",
  ISSN =         "1094-9224 (print), 1557-7406 (electronic)",
  ISSN-L =       "1094-9224",
  bibdate =      "Sat May 21 08:19:26 MDT 2016",
  bibsource =    "http://portal.acm.org/;
                 http://www.math.utah.edu/pub/tex/bib/tissec.bib",
  abstract =     "Despite the tremendous amount of research fronting the
                 use of touch gestures as a mechanism of continuous
                 authentication on smart phones, very little research
                 has been conducted to evaluate how these systems could
                 behave if attacked by sophisticated adversaries. In
                 this article, we present two Lego-driven robotic
                 attacks on touch-based authentication: a population
                 statistics-driven attack and a user-tailored attack.
                 The population statistics-driven attack is based on
                 patterns gleaned from a large population of users,
                 whereas the user-tailored attack is launched based on
                 samples stolen from the victim. Both attacks are
                 launched by a Lego robot that is trained on how to
                 swipe on the touch screen. Using seven verification
                 algorithms and a large dataset of users, we show that
                 the attacks cause the system's mean false acceptance
                 rate (FAR) to increase by up to fivefold relative to
                 the mean FAR seen under the standard zero-effort
                 impostor attack. The article demonstrates the threat
                 that robots pose to touch-based authentication and
                 provides compelling evidence as to why the zero-effort
                 attack should cease to be used as the benchmark for
                 touch-based authentication systems.",
  acknowledgement = ack-nhfb,
  articleno =    "14",
  fjournal =     "ACM Transactions on Information and System Security",
  journal-URL =  "http://portal.acm.org/browse_dl.cfm?idx=J789",
}

Related entries