Optimizing Decision Tree Attack on CAS Scheme

In this paper we show a successful side-channel timing attack on a well-known high-complexity cognitive authentication (CAS) scheme. We exploit the weakness of CAS scheme that comes from the asymmetry of the virtual interface and graphical layout which results in nonuniform human behavior during the...

Full description

Saved in:
Bibliographic Details
Published in:Advances in electrical and computer engineering 2016-05, Vol.16 (2), p.69-74
Main Authors: PERKOVIC, T., BUGARIC, M., CAGALJ, M.
Format: Article
Language:English
Subjects:
ac voltage regulator
Access control to computer data
Asymmetry
Authentication
buck-boost converter
Computer information security
Decision trees
Human behavior
Optimization
pwm
thd
Time measurements
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In this paper we show a successful side-channel timing attack on a well-known high-complexity cognitive authentication (CAS) scheme. We exploit the weakness of CAS scheme that comes from the asymmetry of the virtual interface and graphical layout which results in nonuniform human behavior during the login procedure, leading to detectable variations in user's response times. We optimized a well-known probabilistic decision tree attack on CAS scheme by introducing this timing information into the attack. We show that the developed classifier could be used to significantly reduce the number of login sessions required to break the CAS scheme.
ISSN:1582-7445
1844-7600
DOI:10.4316/AECE.2016.02010