TY - JOUR
T1 - WiPOS
T2 - A POS Terminal Password Inference System Based on Wireless Signals
AU - Zhang, Zijian
AU - Avazov, Nurilla
AU - Liu, Jiamou
AU - Khoussainov, Bakh
AU - Li, Xin
AU - Gai, Keke
AU - Zhu, Liehuang
N1 - Publisher Copyright:
© 2014 IEEE.
PY - 2020/8
Y1 - 2020/8
N2 - WiFi access points are sources of considerable security risks as the wireless signals have the potential to leak important private information such as passwords. This article examines the security issues posed by point-of-sale (POS) terminals which are widely used in WiFi-covered environments, such as restaurants, banks, and libraries. In particular, we envisage an attack model on passwords entered on POS terminals. We put forward the WiPOS, a password inference system based on wireless signals. Specifically, the WiPOS is a device-free system that uses two commercial off-the-shelf (COTS) devices to collect WiFi signals. Implementing a new keystroke segmentation algorithm and adopting support vector machine (SVM) classifiers with global alignment kernel (GAK), the WiPOS achieves improvement on both keystroke recognition and password prediction. The experimental results show that the WiPOS can achieve more than 73% accuracy for 6-digit password with the top 100 candidates. This article calls the community to take a closer look at the risks posed by the current ubiquitous WiFi devices.
AB - WiFi access points are sources of considerable security risks as the wireless signals have the potential to leak important private information such as passwords. This article examines the security issues posed by point-of-sale (POS) terminals which are widely used in WiFi-covered environments, such as restaurants, banks, and libraries. In particular, we envisage an attack model on passwords entered on POS terminals. We put forward the WiPOS, a password inference system based on wireless signals. Specifically, the WiPOS is a device-free system that uses two commercial off-the-shelf (COTS) devices to collect WiFi signals. Implementing a new keystroke segmentation algorithm and adopting support vector machine (SVM) classifiers with global alignment kernel (GAK), the WiPOS achieves improvement on both keystroke recognition and password prediction. The experimental results show that the WiPOS can achieve more than 73% accuracy for 6-digit password with the top 100 candidates. This article calls the community to take a closer look at the risks posed by the current ubiquitous WiFi devices.
KW - Channel state information
KW - password
KW - point of sale
KW - support vector machine
UR - http://www.scopus.com/inward/record.url?scp=85089947708&partnerID=8YFLogxK
U2 - 10.1109/JIOT.2020.2986700
DO - 10.1109/JIOT.2020.2986700
M3 - Article
AN - SCOPUS:85089947708
SN - 2327-4662
VL - 7
SP - 7506
EP - 7516
JO - IEEE Internet of Things Journal
JF - IEEE Internet of Things Journal
IS - 8
M1 - 9060824
ER -