Browse > Article
http://dx.doi.org/10.13089/JKIISC.2018.28.5.1113

Smudge-Based Smart Device Fingerprint Authentication Attack Study  

Kim, Seungyeon (Information Security Lab., Graduation School of Information, Yonsei University)
Ku, Yeeun (Information Security Lab., Graduation School of Information, Yonsei University)
Kwon, Taekyoung (Information Security Lab., Graduation School of Information, Yonsei University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.28, no.5, 2018 , pp. 1113-1118 More about this Journal
Abstract
Fingerprint authentication is the most popular biometric in smart devices. However it has vulnerability to fake fingerprints. This paper shows that it is possible to pass fingerprint authentication of smartphone by creating counterfeit fingerprint without approval of legitimate users. As a technical countermeasure to prevent such a smudge-based attack, there has been proposed an under-screen Touch ID with a slide bar, which is a method of removing the fingerprint trail by dragging the UI to the side after fingerprint authentication on the touch screen. In this paper, we analyze how the proposed attack method and mitigation are perceived by actual user through 61 user survey.
Keywords
Smartphone; Fingerprint; Smudge; Authentication;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Counterpoint, "More Than One Billion Smartphones with Fingerprint Sensors Will Be Shipped In 2018" https://www.counterpointresearch.com/more-than-one-billion-smartphones-with-fingerprint-sensors-will-beshipped-in-2018/, Mar. 2018.
2 S. Azenkot and S. Zhai, "Touch Behavior with Different Postures on Soft Smartphone Keyboards," In Proc. of MobileHCI, pp. 251-260, Sep. 2012.
3 H. Lee, S. Kim, and T. Kwon, "Here Is Your Fingerprint!: Actual Risk versus User Perception of Latent Fingerprints and Smudges Remaining on Smartphones," In Proc. of ACSAC, pp.512-527, Dec. 2017.
4 A.J. Aviv, K.L. Gibson, E. Mossop, M. Blaze and J.M. Smith, "Smudge Attacks on Smartphone Touch Screens," In Proc. of Woot, Aug, 2010.
5 K. Cao and K.J. Anil, "Hacking mobile phones using 2D printed fingerprints," Department of Computer Science and Engineering, Michigan State University, 2016.
6 SourceAFIS, "SourceAFIS" https://sourceafis.machinezoo.com/net, Aug. 2017.
7 S. Jung and T. Kwon, "Automated Smudge Attacks Based on Machine Learning and Security Analysis of Pattern Lock Systems," Journal of the Korea Institute of Information Security & Cryptology, Vol.26, No. 4, pp. 903-910.   DOI