ClickPattern: A Pattern Lock System Resilient to Smudge and Side-channel Attacks

Pattern lock is a very popular mechanism to secure authenticated access to mobile terminals; this is mainly due to its ease of use and the fact that muscle memory endows it with an extreme memorability. Nonetheless, pattern lock is also very vulnerable to smudge and side channels attacks, thus its actual level of security has been often considered insufficient. In this paper we describe a mechanism that enhances pattern lock security with resilience to smudge and side channel attacks, maintains a comparable level of memorability and provides ease of use that is still comparable with Pattern Lock while outperforming other schemes proposed in the literature. To prove our claim, we have performed a usability test with 51 volunteers and we have compared our results with the other schemes

Do you Trust your Device? Open Challenges in IoT Security Analysis

Several critical contexts, such as healthcare, smart cities, drones, transportation, and agriculture, nowadays rely on IoT, or more in general embedded, devices that require comprehensive security analysis to ensure their integrity before deployment. Security concerns are often related to vulnerabilities that result from inad- equate coding or undocumented features that may create significant privacy issues for users and companies. Current analysis methods, albeit dependent on complex tools, may lead to superficial assessments due to compatibility issues, while authoritative entities struggle with specifying feasible firmware analysis requests for manufacturers within operational contexts. This paper urges the scientific community to collaborate with stakeholders—manufacturers, vendors, security analysts, and experts—to forge a cooperative model that clari- fies manufacturer contributions and aligns analysis demands with operational constraints. Aiming at a modular approach, this paper highlights the crucial need to refine security analysis, ensuring more precise requirements, balanced expectations, and stronger partnerships between vendors and analysts. To achieve this, we propose a threat model based on the feasible interactions of actors involved in the security evaluation of a device, with a particular emphasis on the responsibilities and necessities of all entities involved

Detecting Exploit Primitives Automatically for Heap Vulnerabilities on Binary Programs

Automated Exploit Generation (AEG) is a well-known difficult task, especially for heap vulnerabilities. Previous works first detected heap vulnerabilities and then searched for exploitable states by using symbolic execution and fuzzing techniques on binary programs. However, it is not always easy to discovery bugs using fuzzing or symbolic technologies and solvable for internal overflow of heap objects. In this paper, we present a solution DEPA to detect exploit primitives based on primitive-crucial-behavior model for heap vulnerabilities. The core of DEPA contains two novel techniques, 1) primitive-crucial-behavior identification through pointer dependence analysis, and 2) exploit primitive determination method which includes triggering both vulnerabilities and exploit primitives. We evaluate DEPA on eleven real-world CTF(capture the flag) programs with heap vulnerabilities and DEPA can discovery arbitrary write and arbitrary jump exploit primitives for ten programs except for program multi-heap. Results showed that primitive-crucial-behavior identification and determining exploit primitives are accurate and effective by using our approach. In addition, DEPA is superior to the state-of-the-art tools in determining exploit primitives for the heap object internal overflowComment: 11 pages 9 figure