Skip to main content
SpringerLink
Log in

Android Smudge Attack Prevention Techniques

  • Conference paper
  • First Online:
Intelligent Systems Technologies and Applications

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 385))

Abstract

Graphical patterns are widely used for authentication in touch screen phones. When a user enters a pattern on a touch screen, epidermal oils of his skin leave oily residues on screen called smudge. Attackers can forensically retrieve this smudge which can help them to deduce the unlock pattern. In this paper we analyze some existing techniques and propose new techniques to prevent this attack. We propose Split pattern, Wheel lock, Random PIN lock and Temporal lock to reduce or prevent smudge attack. Usability and shoulder surfing resistance were also considered while designing these techniques. This paper explains how the proposed techniques are effective against smudge attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Hockley, W.E.: The picture superiority effect in associative recognition. Memory & Cognition 36(7), 1351–1359 (2008)

    Article  Google Scholar 

  2. Jermyn, I., Mayer, A.J., Monrose, F., Reiter, M.K., Rubin, A.D., et al.: The design and analysis of graphical passwords. In: Usenix Security (1999)

    Google Scholar 

  3. Vidas, T., Votipka, D., Christin, N.: All your droid are belong to us: a survey of current android attacks. In: WOOT, pp. 81–90 (2011)

    Google Scholar 

  4. Google.com: Google Report: Android Security 2014 Year in Review. Tech. rep., Google.com, April 2015. https://static.googleusercontent.com/media/source.android.com/en/us/devices/tech/security/reports/Google_Android_Security_2014_Report_Final.pdf

  5. Brostoff, S., Sasse, M.A.: Are passfaces more usable than passwords? a field trial investigation. In: People and Computers XIVUsability or Else!, pp. 405–424. Springer (2000)

    Google Scholar 

  6. De Angeli, A., Coutts, M., Coventry, L., Johnson, G.I., Cameron, D., Fischer, M.H.: Vip: a visual approach to user authentication. In: Proceedings of the Working Conference on Advanced Visual Interfaces, pp. 316–323. ACM (2002)

    Google Scholar 

  7. Wiedenbeck, S., Waters, J., Sobrado, L., Birget, J.C.: Design and evaluation of a shoulder-surfing resistant graphical password scheme. In: Proceedings of the Working Conference on Advanced Visual Interfaces, pp. 177–184. ACM (2006)

    Google Scholar 

  8. Aviv, A.J., Gibson, K., Mossop, E., Blaze, M., Smith, J.M.: Smudge attacks on smartphone touch screens. WOOT 10, 1–7 (2010)

    Google Scholar 

  9. Von Zezschwitz, E., Koslow, A., De Luca, A., Hussmann, H.: Making graphic-based authentication secure against smudge attacks. In: Proceedings of the 2013 International Conference on Intelligent User Interfaces, pp. 277–286. ACM (2013)

    Google Scholar 

  10. De Luca, A., Hang, A., Brudy, F., Lindner, C., Hussmann, H.: Touch me once and i know it’s you!: implicit authentication based on touch screen patterns. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 987–996. ACM (2012)

    Google Scholar 

  11. Prabhakar, S., Pankanti, S., Jain, A.K.: Biometric recognition: Security and privacy concerns. IEEE Security & Privacy 2, 33–42 (2003)

    Article  Google Scholar 

  12. Uludag, U., Pankanti, S., Prabhakar, S., Jain, A.K.: Biometric cryptosystems: issues and challenges. Proceedings of the IEEE 92(6), 948–960 (2004)

    Article  Google Scholar 

  13. Damopoulos, D., Kambourakis, G., Gritzalis, S.: From keyloggers to touchloggers: Take the rough with the smooth. Computers & Security 32, 102–114 (2013)

    Article  Google Scholar 

  14. Kambourakis, G., Damopoulos, D., Papamartzivanos, D., Pavlidakis, E.: Introducing touchstroke: keystroke-based authentication system for smartphones. Security and Communication Networks (2014)

    Google Scholar 

  15. Derawi, M.O., Nickel, C., Bours, P., Busch, C.: Unobtrusive user-authentication on mobile phones using biometric gait recognition. In: 2010 Sixth International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP), pp. 306–311. IEEE (2010)

    Google Scholar 

  16. Davis, D., Monrose, F., Reiter, M.K.: On user choice in graphical password schemes. In: USENIX Security Symposium, vol. 13, pp. 11–11 (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Amrita Vishwa Vidyapeetham, Amritanagar, Coimbatore, 641112, India

    M. D. Amruth & K. Praveen

Authors
  1. M. D. Amruth
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. K. Praveen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to M. D. Amruth .

Editor information

Editors and Affiliations

  1. Dipartimento di Ingegneria dell’ Informazione (DINFO) , Universita degli Studi di Firenze, Firenze, Italy

    Stefano Berretti

  2. School of CS/IT, Indian Institute of Information Tech. and Management – Kerala (IIITM-K), Trivandrum, India

    Sabu M. Thampi

  3. Electrical and Computer Engineering, The University of Iowa College of Engineering, Iowa, Iowa, USA

    Soura Dasgupta

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Amruth, M.D., Praveen, K. (2016). Android Smudge Attack Prevention Techniques. In: Berretti, S., Thampi, S., Dasgupta, S. (eds) Intelligent Systems Technologies and Applications. Advances in Intelligent Systems and Computing, vol 385. Springer, Cham. https://doi.org/10.1007/978-3-319-23258-4_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-23258-4_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-23257-7

  • Online ISBN: 978-3-319-23258-4

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation