knock knock who s there
play

KNOCK KNOCK, WHOS THERE? On the Security of LGs Knock Codes Raina - PowerPoint PPT Presentation

Feb 21, 2024 •11 likes •111 views

KNOCK KNOCK, WHOS THERE? On the Security of LGs Knock Codes Raina Samuel** Iulian Neamtiu Philipp Markert Adam J. Aviv New Jersey Institute New Jersey Institute Ruhr University The George of Technology of Technology Bochum

  1. KNOCK KNOCK, WHO’S THERE? On the Security of LG’s Knock Codes Raina Samuel** Iulian Neamtiu Philipp Markert Adam J. Aviv New Jersey Institute New Jersey Institute Ruhr University The George of Technology of Technology Bochum Washington University USENIX Symposium on Usable Privacy and Security (SOUPS) 1 August 10th 2020

  2. LG KNOCK CODES: A DIFFERENT WAY TO UNLOCK - Users select/recall a series of 6 to 10 “knocks” on a 2x2 grid - Used with the screen off or on - We estimate 700,000–2,500,000 users in the US alone 2

  3. How secure and usable are Knock Codes? 3

  4. APPROACH Two online user studies using Amazon Mechanical Turk 1,138 Knock Codes were analyzed Mobile only with three Desktop browser study treatments: ● control blocklist ● larger grid size ● Preliminary Study Security Analysis Main Study Usability Analysis n=218 n=351 Each participant created two Knock Codes 4

  5. SECURITY ANALYSIS: Has complete knowledge of the frequency order Knock Codes, from most to least frequent PERFECT KNOWLEDGE ATTACKER 𝛄 -Success Rate (%) 3 guesses 10 guesses 30 guesses Control 14.2% 28.0% 51.3% Blocklist 6.9% 16.0% 35.4% Large 12.9% 31.5% 53.4% Partial Guessing Entropy (bits) ɑ =0.1 ɑ =0.2 ɑ =0.5 Control 4.20 4.79 5.69 Blocklist 5.79 6.03 6.72 Large 4.53 4.70 5.54 5

  6. Knows a subset of the Knock Codes and SECURITY ANALYSIS: constructs a model based on that observed distribution SIMULATED ATTACKER 6

  7. USABILITY ANALYSIS: Entry Time Recall Rates Recall Rate (%) Entry Time (seconds) Control 88.8% Knock Code (Control) 7.1 Blocklist 80.6% PIN* 4.2 Large 92.9% Android Pattern* 3.0 However, other methods Using a blocklist does such as PINs and not affect general patterns have a recall entry time rate of 95%*or higher *Markert et al. “This PIN can be easily guessed” IEEE Symposium 7 *Harbach et al. “It’s a hard lock life: a field study of smartphone on Security and Privacy 2020 (un)locking behavior and risk perception” SOUPS 2014

  8. USABILITY ANALYSIS: User Responses “HARD TO REMEMBER” “EASY” “DISCREET” “INSECURE” “HARD TO GUESS” “NOT AN IMPROVEMENT” “DIFFERENT” “HARD TO TYPE” “QUICK” 8

  9. CONCLUSION First user study and security analysis of Knock Codes ● Knock Codes offer less security relative to other mobile authentication ● Participants find Knock Codes mostly unusable and insecure ● Using a blocklist with Knock Codes improves security ● Participants are open to new methods of mobile authentication 9

  10. Thank you! Feel Free to Contact us! Raina Samuel Philipp Markert Adam J. Aviv Iulian Neamtiu res9@njit.edu philipp.markert@rub.de aaviv@gwu.edu ineamtiu@njit.edu 10

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

S.P.A.G. LOLZ! KS2 2: KNOCK - KNOCK! TODAYS CHALLENGE: Learn how to EXPAND nouns into

S.P.A.G. LOLZ! KS2 2: KNOCK - KNOCK! TODAYS CHALLENGE: Learn how to EXPAND nouns into

S.P.A.G. LOLZ! KS2 2: KNOCK - KNOCK! TODAYS CHALLENGE: Learn how to EXPAND nouns into phrases RECOGNISE question words PERFORM knock-knock jokes with a friend WHAT IS FUNNY? What does funny mean? What

529 views • 11 slides
Knock, Knock, FDA is Here; Be Prepared for a Regulatory Inspection Joanne Schlossin, Consumer

Knock, Knock, FDA is Here; Be Prepared for a Regulatory Inspection Joanne Schlossin, Consumer

Knock, Knock, FDA is Here; Be Prepared for a Regulatory Inspection Joanne Schlossin, Consumer Safety Officer Karen Kosar, BIMO Specialist BIMO-East President Ronald Reagan (4/12/86) "The nine most terrifying words in the English

1.29k views • 42 slides
Knock, Knock, Whos There?: Development of Doorstep Messages to Increase Survey Participation

Knock, Knock, Whos There?: Development of Doorstep Messages to Increase Survey Participation

Knock, Knock, Whos There?: Development of Doorstep Messages to Increase Survey Participation in Seven Languages Patricia Goerman, Yazmn A. Garca Trejo and Anna Sandoval Girn Center for Survey Measurement, U.S. Census Bureau Presented

325 views • 17 slides
KNOCK OUT Blue B Flashover in action KNOCK OUT Key features: Takeaways and Path Forward

KNOCK OUT Blue B Flashover in action KNOCK OUT Key features: Takeaways and Path Forward

KNOCK OUT Blue B Flashover in action KNOCK OUT Key features: Takeaways and Path Forward Mechanical actuation is simple , powerful , and feasible for this device How to achieve maximum mechanical advantage? Existing Tools Halligan

412 views • 7 slides
Knock Knock Understanding Who is Using Your Web Applications Aaron Bedra Application Security

Knock Knock Understanding Who is Using Your Web Applications Aaron Bedra Application Security

Knock Knock Understanding Who is Using Your Web Applications Aaron Bedra Application Security Lead Braintree Payments Tuesday, April 23, 13 Right now, your web applications are being attacked Tuesday, April 23, 13 And it will happen

1.96k views • 141 slides
The Knock Em Alive The Knock Em Alive Positively Powerful Positively Powerful

The Knock Em Alive The Knock Em Alive Positively Powerful Positively Powerful

The Knock Em Alive The Knock Em Alive Positively Powerful Positively Powerful Strategies For Your Job Strategies For Your Job Success! Success! With Dr. Joel Martin President. Triad West Inc. Get you where you want to

1.19k views • 31 slides
How to Get Donor Visits & Knock Them Out of the Park @fundraiserchad Who is this guy? And

How to Get Donor Visits & Knock Them Out of the Park @fundraiserchad Who is this guy? And

How to Get Donor Visits & Knock Them Out of the Park @fundraiserchad Who is this guy? And why does he think he knows what hes talking about? career fundraiser providing fundraising strategy, training & coaching to small nonprofit

854 views • 61 slides
When You Are Ready, Opportunity Will Knock! CVM PD Day May 24, 2017 Dr. Barbara Roberts

When You Are Ready, Opportunity Will Knock! CVM PD Day May 24, 2017 Dr. Barbara Roberts

When You Are Ready, Opportunity Will Knock! CVM PD Day May 24, 2017 Dr. Barbara Roberts Executive Director, WorkLife Find Your Passion What do you love? What ignites your imagination? What kind of puzzles or problems capture your

399 views • 11 slides
District of Columbia Office of the State Superintendent of Education It Takes a City to Knock it

District of Columbia Office of the State Superintendent of Education It Takes a City to Knock it

District of Columbia Office of the State Superintendent of Education It Takes a City to Knock it Out of the PARCC! It Takes a City It Takes a City to Knock it Out of the PARCC! Understanding the Shifts: Translating the NGSS into Practice

527 views • 50 slides
Come and Knock On Our Door: Evaluating the Impact of Varying Rules for Case Follow-Up Using

Come and Knock On Our Door: Evaluating the Impact of Varying Rules for Case Follow-Up Using

Come and Knock On Our Door: Evaluating the Impact of Varying Rules for Case Follow-Up Using Linked Survey Paradata and Administrative Records Casey Eggleston and Jonathan Eggleston (Census) November 5, 2019 This report is released to inform

817 views • 35 slides
It Takes a City It Takes a City to Knock it Out of the PARCC! Making the Transition from Pencil

It Takes a City It Takes a City to Knock it Out of the PARCC! Making the Transition from Pencil

It Takes a City It Takes a City to Knock it Out of the PARCC! Making the Transition from Pencil and Paper to Computer-based Assessments Welcome! LEA Leadership Institute, January 23, 2015 Gallaudet University Ballroom B Washington, DC

238 views • 21 slides
Crawford W. Long Middle School ( in a virtual world) th Grade Ready to Knock ck Out 6 th de th

Crawford W. Long Middle School ( in a virtual world) th Grade Ready to Knock ck Out 6 th de th

Crawford W. Long Middle School ( in a virtual world) th Grade Ready to Knock ck Out 6 th de th Grade Champs 6 th 2 Principal Lisa Hill 3 4 Mrs. Dickerson Team m A Math 5 Mr. Critc tcher her- Scien ence e & Social Stu tudies

584 views • 27 slides
NOC Knock... ...who's there? NOC Frontend Development & Improvement Rachael Holt

NOC Knock... ...who's there? NOC Frontend Development & Improvement Rachael Holt

NOC Knock... ...who's there? NOC Frontend Development & Improvement Rachael Holt (HEAnet) & Gareth Eason (HEAnet) TF-NOC Preparation Meeting, Copenhagen, 3 r d May 2010 Who am I? (slide 2 of 318) Gareth Eason - Network

837 views • 56 slides
How to Knock 20 Seconds Off f Your Average Handling Tim ime Paul Weald What is AHT? And why

How to Knock 20 Seconds Off f Your Average Handling Tim ime Paul Weald What is AHT? And why

How to Knock 20 Seconds Off f Your Average Handling Tim ime Paul Weald What is AHT? And why is it important? Average Handle Time is composed of three elements 1. Talk time 2. Hold time 3. Wrap time It is important from a workforce

338 views • 8 slides
Kellogg Insight Podcast Transcript Knock Your Next Business Presentation Out of the Park Jake

Kellogg Insight Podcast Transcript Knock Your Next Business Presentation Out of the Park Jake

Kellogg Insight Podcast Transcript Knock Your Next Business Presentation Out of the Park Jake SMITH : Tim Calkins is a clinical professor of marketing at Kellogg. And his new book, on how to give a good business presentation, has a slightly

264 views • 4 slides
and Discernment Behold, I stand at the door and knock. If anyone hears my voice and opens the

and Discernment Behold, I stand at the door and knock. If anyone hears my voice and opens the

Prayer Life and Discernment Behold, I stand at the door and knock. If anyone hears my voice and opens the door, (then) I will enter his house and dine with him, and he with me. (Rev 3:20) RCIA Journey of Faith - 7 May 2009 Prayer Life

624 views • 20 slides
FERPA Introductory Training for Faculty and Staff What you should know about FERPA? Protecting

FERPA Introductory Training for Faculty and Staff What you should know about FERPA? Protecting

FERPA Introductory Training for Faculty and Staff What you should know about FERPA? Protecting the student, what you should know: Release student records only with consent of student What to do (or who to contact) when someone asks for

722 views • 38 slides
www.drupaleurope.org Digital Transformation + Enterprise TRACK SUPPORTED BY Successfully Proving

www.drupaleurope.org Digital Transformation + Enterprise TRACK SUPPORTED BY Successfully Proving

www.drupaleurope.org Digital Transformation + Enterprise TRACK SUPPORTED BY Successfully Proving Enterprise Drupal 8 George Steven George Steven Chief Architect (Drupal) @ Bayer curiouslygeorge Successfully Proving Enterprise Drupal 8 The

408 views • 14 slides
1/23/2018 Data Talks 2 You! Sponsored by January 25, 2018 Presenters Linda Harber, Kate

1/23/2018 Data Talks 2 You! Sponsored by January 25, 2018 Presenters Linda Harber, Kate

1/23/2018 Data Talks 2 You! Sponsored by January 25, 2018 Presenters Linda Harber, Kate Astor, Vice President for Human Resources, HR Metrics and Project Analyst Payroll and Faculty/Staff Life George Mason University George Mason

425 views • 9 slides
Appendix B - George B. Bader photographs - Box 44 Series Sub SubSub Box # Title Accession #

Appendix B - George B. Bader photographs - Box 44 Series Sub SubSub Box # Title Accession #

Appendix B - George B. Bader photographs - Box 44 Series Sub SubSub Box # Title Accession # Dates VI. Photos B. George Bader 1. Amusement General F2012.67.26 1939-1940 VI. Photos B. George Bader 1. Amusement Heineken's on the Zuider

161 views • 3 slides
FAST Agile Radical Disruption and New Method to Scaling Agile Ron Quartel A SCALABLE WAY OF

FAST Agile Radical Disruption and New Method to Scaling Agile Ron Quartel A SCALABLE WAY OF

FAST Agile Radical Disruption and New Method to Scaling Agile Ron Quartel A SCALABLE WAY OF SELF-ORGANIZING PEOPLE AROUND WORK VIA OPEN SPACE Ron Quartel @ronquartel Software Developer 20 years Agile developer since 2002 (Extreme

767 views • 58 slides
Indoor Office Wideband Penetration Loss Measurements at 73 GHz IEEE International Conference on

Indoor Office Wideband Penetration Loss Measurements at 73 GHz IEEE International Conference on

Indoor Office Wideband Penetration Loss Measurements at 73 GHz IEEE International Conference on Communications Workshops (ICCW) Paris, France, May 21, 2017 Jacqueline Ryan, George R. MacCartney Jr., and Theodore S. Rappaport

595 views • 27 slides
The Publish-Subscribe Internet Architecture George C. Polyzos ( Visiting Prof., CSE, UCSD )

The Publish-Subscribe Internet Architecture George C. Polyzos ( Visiting Prof., CSE, UCSD )

The Publish-Subscribe Internet Architecture George C. Polyzos ( Visiting Prof., CSE, UCSD ) George Xylomenos, Vasilios Siris, Giannis Marias, Costas Courcoubetis Mobile Multimedia Laboratory PostDocs & Alumni K. Katsaros Department of

118 views • 8 slides
humungous mommy reluctant scowl timid 1 Five Facts about Vocabulary Vocabulary is a

humungous mommy reluctant scowl timid 1 Five Facts about Vocabulary Vocabulary is a

d i g n i f i e d Teaching 50,000 Words, and Erasing a 30 Million Word Gap p l annoy a c i Michael F. Graves d University of Minnesota a undignified antidisestablishmentarianism mgraves@umn.edu tiny the kitty UC Summer

904 views • 36 slides

More recommend