Towards Baselines for Shoulder Surfing on Mobile Authentication

Given the nature of mobile devices and unlock procedures, unlock authentication is a prime target for credential leaking via shoulder surfing, a form of an observation attack. While the research community has investigated solutions to minimize or prevent the threat of shoulder surfing, our understanding of how the attack performs on current systems is less well studied. In this paper, we describe a large online experiment (n=1173) that works towards establishing a baseline of shoulder surfing vulnerability for current unlock authentication systems. Using controlled video recordings of a victim entering in a set of 4- and 6-length PINs and Android unlock patterns on different phones from different angles, we asked participants to act as attackers, trying to determine the authentication input based on the observation. We find that 6-digit PINs are the most elusive attacking surface where a single observation leads to just 10.8% successful attacks, improving to 26.5\% with multiple observations. As a comparison, 6-length Android patterns, with one observation, suffered 64.2% attack rate and 79.9% with multiple observations. Removing feedback lines for patterns improves security from 35.3\% and 52.1\% for single and multiple observations, respectively. This evidence, as well as other results related to hand position, phone size, and observation angle, suggests the best and worst case scenarios related to shoulder surfing vulnerability which can both help inform users to improve their security choices, as well as establish baselines for researchers.Comment: Will appear in Annual Computer Security Applications Conference (ACSAC

Comparison of Clinical Symptoms and Cardiac Lesions in Children with Typical and Atypical Kawasaki Disease

The present study was performed to evaluate the clinical symptoms and cardiovascular complications in patients with typical and atypical Kawasaki disease (KD). This retrospective study was conducted on the medical records of 176 patients with KD for three years. The study population was divided into two groups of typical and atypical based on the KD clinical criteria. The two groups were compared in terms of demographic data, clinical symptoms, cardiac lesions, and laboratory markers. Based on the diagnostic criteria, 105 (60%) and 71 (40%) patients were diagnosed with typical and atypical KD, respectively. The mean age of the typical patients (38.16 months) was higher than that of the atypical group (24.03 months) at the time of diagnosis (p < 0.05). The results revealed no significant difference between the two groups regarding the seasonal distribution of KD onset (p = 0.422). However, the most common season for the diagnosis of the disease was spring, followed by winter. There was no significant difference between the two groups in terms of fever duration (p = 0.39). Furthermore, vomiting was more common in the atypical patients than in the typical group (p = 0.017). In terms of the cardiac lesions, ectasia (p = 0.005) and lack of tapering of the distal coronary vessels (p = 0.015) were more frequently detected in the atypical group than in the typical group. Considering the laboratory findings, thrombocytosis (p = 0.010) and anemia (p = 0.048) were more common in the atypical group, compared to those in the typical group. On the other hand, the typical group had a higher serum alanine aminotransferase level (adjusted for age) (p = 0.012) and Hyponatremia (serum sodium concentration ≤130 mmol/L) (p = 0.034). Based on the findings of the current study, the fever duration from onset to diagnosis was slightly more in atypical KD patients than in the typical group, but not statistically significant, possibly due to more timely diagnosis of atypical KD. There was no difference in coronary aneurysm between the two groups at the time of diagnosis. The atypical group had a higher frequency of coronary ectasia and lack of tapering, indicating cardiac involvement. Consequently, these conditions should be given more attention in the atypical patients. Furthermore, the higher frequency of anemia and thrombocytosis in the atypical patients can be useful for diagnosis of this kind of KD

Asparagus Officinalis: An Herbal Candidate for an Intraoral Healing Mouthwash: In-vitro healing effects of Asparagus officinalis

Objectives Asparagus officinalis (A. officinalis) extract has several bioactive ingredients. This study assessed the healing effects of A. officinalis methanolic extract. Methods In this experimental study, after preparing the methanolic extract of A. officinalis with a concentration of 100 , its bioactive ingredients were determined using high-performance liquid chromatography (HPLC) and then its cytotoxicity was assessed using the methyl thiazolyl tetrazolium (MTT) assay. Five experimental groups with 25 samples were assessed as follows: (I)human gingival fibroblast(HGFs) cultured in high-glucose Dulbecco’s modified Eagle’s medium (DMEM), (II) same as group Ibut with 10 μg/mL methanolic extract of A. officinalis, (III) same as group Ibut with 25μg/mL methanolic extract of A. officinalis, (IV) same as group Ibut with 50 μg/mL methanolic extract of A. officinalis, and (V)same as group Ibut with 100μg/mL methanolic extract of A. officinalis. Cell motility in the control group and group Vwas examined quantitatively using the cell scratch assay at 24 h. We used one-way ANOVA and t-test to analyzethe cytotoxicity of A. officinalis extract and the motility of HGFs, respectively. Results The MTT assay showed no significant difference in cell viability among the experimental groups (P=0.07). A remarkable cellular wound closure equal to 60.85% was noted after 24 h. Conclusion The methanolic extract of A. officinalis with a concentration of 100 μg⁄mL showed significant healing effects on an experimental scratch setup of HGFs

Novel shoulder-surfing resistant haptic-based graphical password

Graphical password schemes are believed to be more secure and more resilient to dictionary attacks than textual passwords, but more vulnerable to shoulder surfing attacks. In this work, we design a new graphical password which is larger in the possible passwords’ space than in similar schemes and it is more resilient to shouldersurfing attacks. Personal entropies are integrated into the system in the user-aware behavior that reduces the False Acceptance and False Rejection Rates. The user-aware personal entropy we employ is the binary pressure when drawing a secret on the screen; unlike conventional authentication schemes that use personal entropies, the binary pressure in our scheme is varied arbitrarily by the users and is not intuitive. This method yields the authentication scheme that acquires all the advantages of graphical passwords and behavioral authentication schemes all together; our scheme is resilient to both dictionary attacks and shoulder surfing attacks. We also suggest the main criteria in which the graphical passwords should be evaluated, and we test our scheme within the given framework

The Value of Ultrasound in Diagnosing Vesicoureteral Reflux in Young Children with Urinary Tract Infection

"nUrinary tract infection is a common pediatric problem and vesicoureteral reflux is its most common complication. Detection of this reflux has classically been achieved by voiding cystouretrography (VCUG). Ultrasonography for evaluation of vesicoureteral reflux is shown to be feasible but is not widely accepted. Our aim was to assess the value of routine sonography in detecting vesicoureteral reflux is young children with urinary tract infection. This study was carried out in 105 patients suffering from urinary tract infection admitted to Shahid Sadughi Hospital in Yazd, Iran. These patients were evaluated by two methods (sonography and VCUG). Overall sensitivity and specificity value of sonography in suggesting vesicoureteral reflux were 63% and 95% respectively. The most accurate results were obtained with high grades reflux (75% and 955). The results reconfirmed that sonography is reliable in the exclusion or verification of high grade reflux and it has a low sensitivity in low grade vesicoureteral reflux