DAISY Friend or Foe? Your Wearable Devices Reveal Your Personal PIN

Slides:

Advertisements

Similar presentations

Bayesian Belief Propagation

Advertisements

Evidential modeling for pose estimation Fabio Cuzzolin, Ruggero Frezza Computer Science Department UCLA.

Smartphone-based Activity Recognition for Pervasive Healthcare - Utilizing Cloud Infrastructure for Data Modeling Bingchuan Yuan, John Herbert University.

Patch to the Future: Unsupervised Visual Prediction

Doorjamb: Unobtrusive Room-level Tracking of People in Homes using Doorway Sensors Timothy W. Hnat, Erin Griffiths, Ray Dawson, Kamin Whitehouse U of Virginia.

Constructing Popular Routes from Uncertain Trajectories Ling-Yin Wei 1, Yu Zheng 2, Wen-Chih Peng 1 1 National Chiao Tung University, Taiwan 2 Microsoft.

Localization of Piled Boxes by Means of the Hough Transform Dimitrios Katsoulas Institute for Pattern Recognition and Image Processing University of Freiburg.

Image Correspondence and Depth Recovery Gene Wang 4/26/2011.

Watchdog Confident Event Detection in Heterogeneous Sensor Networks Matthew Keally 1, Gang Zhou 1, Guoliang Xing 2 1 College of William and Mary, 2 Michigan.

Keystroke Biometric Studies Security Research at Pace Keystroke Biometric Drs. Charles Tappert and Allen Stix Seidenberg School of CSIS.

Keystroke Biometric Studies Keystroke Biometric Identification and Authentication on Long-Text Input Book chapter in Behavioral Biometrics for Human Identification.

Location Systems for Ubiquitous Computing Jeffrey Hightower and Gaetano Borriello.

Image-Based Rendering using Hardware Accelerated Dynamic Textures Keith Yerex Dana Cobzas Martin Jagersand.

DAISY Data Analysis and Information SecuritY Lab

ICBV Course Final Project Arik Krol Aviad Pinkovezky.

Rutgers: Gayathri Chandrasekaran, Tam Vu, Marco Gruteser, Rich Martin,

Smart Environments for Occupancy Sensing and Services Paper by Pirttikangas, Tobe, and Thepvilojanapong Presented by Alan Kelly December 7, 2011.

Sensys 2009 Speaker:Lawrence.  Introduction  Overview & Challenges  Algorithm  Travel Time Estimation  Evaluation  Conclusion.

Extracting Places and Activities from GPS Traces Using Hierarchical Conditional Random Fields Yong-Joong Kim Dept. of Computer Science Yonsei.

SoundSense by Andrius Andrijauskas. Introduction  Today’s mobile phones come with various embedded sensors such as GPS, WiFi, compass, etc.  Arguably,

Mitja Luštrek Jožef Stefan Institute Department of Intelligent Systems.

Using Mobile Phones To Write In Air

MARS: A Muscle Activity Recognition System Enabling Self-conﬁguring Musculoskeletal Sensor Networks IPSN 2013 NSLab study group 2013/06/17 Presented by:

Snooping Keystrokes with mm-level Audio Ranging on a Single Phone

UNIVERSITY COLLEGE DUBLIN  DUBLIN CITY UNIVERSITY  TYNDALL NATIONAL INSTITUTE TennisSense Multi-Sensor Data Capture of Tennis Players (or how can technology.

Keystroke Recognition using WiFi Signals

Experimental Results ■ Observations:  Overall detection accuracy increases as the length of observation window increases.  An observation window of 100.

A Novel Local Patch Framework for Fixing Supervised Learning Models Yilei Wang 1, Bingzheng Wei 2, Jun Yan 2, Yang Hu 2, Zhi-Hong Deng 1, Zheng Chen 2.

Jin Yan Embedded and Pervasive Computing Center

Chapter 8. Learning of Gestures by Imitation in a Humanoid Robot in Imitation and Social Learning in Robots, Calinon and Billard. Course: Robots Learning.

Turning a Mobile Device into a Mouse in the Air

I can be You: Questioning the use of Keystroke Dynamics as Biometrics Tey Chee Meng, Payas Gupta, Debin Gao Ke Chen.

Using decision trees to build an a framework for multivariate time- series classification 1 Present By Xiayi Kuang.

Identifying “Best Bet” Web Search Results by Mining Past User Behavior Author: Eugene Agichtein, Zijian Zheng (Microsoft Research) Source: KDD2006 Reporter:

Similarity Measurement and Detection of Video Sequences Chu-Hong HOI Supervisor: Prof. Michael R. LYU Marker: Prof. Yiu Sang MOON 25 April, 2003 Dept.

Instance Discovery and Schema Matching With Applications to Biological Deep Web Data Integration Tantan Liu, Fan Wang, Gagan Agrawal {liut, wangfa,

Leveraging Wearables for Steering and Driver Tracking

1 VeTrack: Real Time Vehicle Tracking in Uninstrumented Indoor Environments Mingmin Zhao 1, Tao Ye 1, Ruipeng Gao 1, Fan Ye 2, Yizhou Wang 1, Guojie Luo.

Privacy Vulnerability of Published Anonymous Mobility Traces Chris Y. T. Ma, David K. Y. Yau, Nung Kwan Yip (Purdue University) Nageswara S. V. Rao (Oak.

When CSI Meets Public WiFi: Inferring Your Mobile Phone Password via WiFi Signals Warren Yeu When CSI Meets Public Wifi.

When CSI Meets Public WiFi: Inferring Your Mobile Phone Password via WiFi Signals Adekemi Adedokun May 2, 2017.

Intelligent Learning Systems Design for Self-Defense Education

Standard Methods of Input.

José Manuel Iñesta José Martínez Sotoca Mateo Buendía

Supervised Time Series Pattern Discovery through Local Importance

Tracking Objects with Dynamics

Chen Jimena Melisa Parodi Menashe Shalom

Recognizing Smoking Gestures with Inertial Measurements Unit (IMU)

Vijay Srinivasan Thomas Phan

NBKeyboard: An Arm-based Word-gesture keyboard

Xiangyu Xu*, Jiadi Yu*, Yingying Chen†, Yanmin Zhu*, Minglu Li*

Chao Xu, Parth H. Pathak, et al. HotMobile’15

Timing Analysis of Keystrokes and Timing Attacks on SSH

Hyonyoung Han, Min-Joon Kim, and Jung Kim

Revision (Part II) Ke Chen

WearSys 2018 Keystroke Inference Using Ambient Light Sensor on Wrist-Wearables: A Feasibility Study Mohd Sabra, Anindya Maiti Murtuza Jadliwala Wichita.

Revision (Part II) Ke Chen

Anindya Maiti, Murtuza Jadliwala, Jibo He Igor Bilogrevic

MEgo2Vec: Embedding Matched Ego Networks for User Alignment Across Social Networks Jing Zhang+, Bo Chen+, Xianming Wang+, Fengmei Jin+, Hong Chen+, Cuiping.

Algorithm design (computational geometry)

Keystroke Recognition using Wi-Fi Signals

QGesture: Quantifying Gesture Distance and Direction with WiFi Signals

Topological Signatures For Fast Mobility Analysis

Visual Recognition of American Sign Language Using Hidden Markov Models 문현구 문현구.

Raveen Wijewickrama Anindya Maiti Murtuza Jadliwala

Classifier-Feature Accuracy

MyoHMI Architecture Background

AUthor：Liang WanG, Tao Gu, Xianping Tao, Jian Lu reporter：何知涵

Mole: Motion Leaks through Smartwatch Sensors

Presentation transcript:

DAISY Friend or Foe? Your Wearable Devices Reveal Your Personal PIN Data Analysis and Information SecuritY Lab Friend or Foe? Your Wearable Devices Reveal Your Personal PIN Lead Researcher: Yingying Chen Chen Wang†, Xiaonan Guo†, Yan Wang*, Yingying Chen†, Bo Liu† †Dept. of ECE, Stevens Institute of Technology * Dept. of CS, Binghamton University 1

Keypad controlled server Motivation Wearable device Enable a broad range of useful applications Sensitive information could be leaked Electronic door lock ATM machine Keypad controlled server

Related Work Traditional attacks: Audio-based and vibration-based attacks Concurrent smartwatch-based attacks Hard to deal with non-contextual inputs such as PINs Rely on training. Difficult to recover fine-grained hand movement trajectories Shoulder surfing Keypad overlay ATM Skimmer Hidden camera Require direct visual contact to key entry actions and additional installation efforts Relies on a linguistic model and labelled training data Sensitive to environment noise Our goal: Training-free and contextual-free key entry inference system without additional devices and not subject to environmental noises.

Basic Idea Basic idea Exploit embedded sensors in wearable devices Capture dynamics of key entry activities Derive fine-grained hand movement trajectories of key entries. Moving distance between two keys Key click 1 Key click 2 Acceleration Sample Index Hand movement between two key clicks Pressing point Releasing point Pressing point Key1 Key2 Z Y X

Attacking Scenarios Sniffing attacks Internal attacks Device pairing using Bluetooth Malwares Bluetooth sniffing

Training Data Challenges Challenges Robust fine-grained hand movement tracking Training free key entry recognition Recovering PIN sequence without contextual information Sensing with single free-axis wearable device Training Data Keypad coordinate Wearable Yk Zk Xk Yd Zd Xd

Framework Overview Key Click Detection and Trace Segmentation Motion Sensor Readings Quaternion-based Coordinate Alignment Noise Reduction Key Click Detection and Trace Segmentation Data Calibration Distance Estimation Direction Derivation Starting and End Point Searching Quadrant Determination Slope-based Angle Calculation Distance Calculation Fine-grained Subpath Recovery Geometric-based Subpath Recovery Key Pad Dimension Backward Subpath Integration Point-wise Euclidean Distance Accumulation Tree based Key Sequence Derivation Backward PIN Sequence Inference Recovered key sequence

Quaternion-based Coordinate Alignment Device coordinate World coordinate Keypad coordinate Yd World coordinate Yd Zd Xd Keypad coordinate Yk Zk Xk Zd Wearable coordinate Xd Sensor reading in world coordinate Sensor reading in device coordinate conversion from the world coordinate to keypad coordinate Quaternion

Fine-grained Subpath Recovery Key-click trace segmentation Input “5419-Enter” Subpath recovery 1 2 3 4 1 2 3 4 Subpaths

Subpath Distance Estimation Starting and ending points searching based on pressing and releasing points Distance calculation Double integration with Trapezoidal rule Starting point: first zero-crossing point before the unique acceleration pattern Ending point: first zero-crossing point after the unique acceleration pattern

Subpath Direction Derivation Range 0o ~ 90o Y X Y X Quadrant Determination Q1 0o ~ 90o Q4 270o ~ 360o Q3 180o ~ 270o Q2 90o ~ 180o

Backward PIN Sequence Inference Backward Subpath Integration 1 2 3 4 5 6 7 8 Enter 9 subpath1 subpath2 Estimated as“259” Ground truth “419” subpath3

Point-wise Euclidean Distance Accumulation Example of candidate sequence 846 The third subpath: d3= 1.2cm D3=d3=1.2cm Key “Enter” Estimated subpath Subpath of candidate PIN sequence Estimated starting position of a subpath Real key position 1 2 3 4 5 6 7 8 9 d3=1.2cm Subpath 3

Point-wise Euclidean Distance Accumulation Example of candidate sequence 846 The third subpath: d3= 1.2cm D3=d3=1.2cm The second subpath: d2=2.1cm D2=D3+d2=3.3cm Key “Enter” Estimated subpath Subpath of candidate PIN sequence Estimated starting position of a subpath Real key position 1 2 3 4 5 6 7 8 9 Subpath2 d2=2.1cm d3=1.2cm

Point-wise Euclidean Distance Accumulation Example of candidate sequence 846 The third subpath: d3= 1.2cm D3=d3=1.2cm The second subpath: d2=2.1cm D2=D3+d2=3.3cm The first subpath d1=0.8cm D1=D2+d1=4.1cm Key “Enter” Estimated subpath Subpath of candidate PIN sequence Estimated starting position of a subpath Real key position 1 2 3 4 5 6 7 8 9 d3=1.2cm d2=2.1cm d1=0.8cm Subpath1

Tree-based Key Sequence Inference Root node “ENTER” key Minimum accumulated Euclidean distance 1 9 6 2 …… D(K1) D(K2) D(K6) D(K9) D(K0) 4 …… 1 D(K1,K6) D(K4,K6) D(K0,K6) D(K1,K9) D(K0,K9) …… 8 4 1 Leaf node D(K1,K4,K6) D(K8,K4,K6) D(K0,K4,K6) D(K1,K1,K9) D(K4,K1,K9) D(K0,K1,K9) Revealed PIN sequence: “419”

Experimental Methodology Three Keypads Real ATM machine Detachable ATM pad Keyboard number pad Three wearable Devices LG150 (200Hz) Moto360 (25Hz) Invensense MPU-9150 (100Hz) Data collection Number of volunteers: 20 Key-entry: 4-digit PIN sequences (5 key clicks) Evaluation Metrics: Top-k success rate, number of trials until success MPU-9150 LG 150 Moto 360

Performance of Different Wearable Devices Performance of Backward PIN-Sequence Inference with three kinds of wearables on the detachable ATM Keypad Adversary can break over 97% PIN entries from the LG W150 and IMU within 5tries. 90% for Moto 360. Higher sampling rate leads to higher successful rate

The mean error is only in mm-level Distance Estimation Fix 100 Hz sampling rate, testing 2.5cm (Short), 5cm (Medium) and 6.4cm (Long) moving distance The mean error is only in mm-level 80th percentile errors are less than 1.5cm

Conclusion Wrist-worn wearable devices can be exploited to recover user’s fine- grained hand movements during key-entry activities Present a PIN-sequence inference framework to recover the user’s secret key entries without requiring any training or contextual information The system devises a Backward PIN-sequence Inference Algorithm to reveal user’s secret PINs Extensive experiments show that our system can achieve high accuracy in revealing the user’s PIN sequences with one or within three tries