A smudge attack is an information extraction attack that discerns the password input of a touchscreen device such as a cell phone or tablet computer from fingerprint smudges. A team of researchers at the University of Pennsylvania were the first to investigate this type of attack in 2010.[1][2] An attack occurs when an unauthorized user is in possession or is nearby the device of interest. The attacker relies on detecting the oily smudges produced and left behind by the user's fingers to find the pattern or code needed to access the device and its contents.[2] Simple cameras, lights, fingerprint powder, and image processing software can be used to capture the fingerprint deposits created when the user unlocks their device. Under proper lighting and camera settings, the finger smudges can be easily detected, and the heaviest smudges can be used to infer the most frequent input swipes or taps from the user.[1]
Smudge attacks are particularly successful when performed on devices that offer personal identification numbers (PINs), text-based passwords, and pattern-based passwords as locking options.[3] There are various proposed countermeasures to mitigate attacks, such as biometrics, TinyLock, and SmudgeSafe, all which are different authentication schemes.[4][5][6] Many of these methods provide ways to either cover up the smudges using a stroking method or implement randomized changes so previous logins are different from the current input.
^ abCite error: The named reference :1 was invoked but never defined (see the help page).
^ abSpreitzer, Raphael; Moonsamy, Veelasha; Korak, Thomas; Mangard, Stefan (2018). "Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices". IEEE Communications Surveys & Tutorials. 20 (1): 465–488. doi:10.1109/comst.2017.2779824. hdl:2066/187230. ISSN 1553-877X. S2CID 206578562.
^von Zezschwitz, Emanuel; Koslow, Anton; De Luca, Alexander; Hussmann, Heinrich (2013). "Making graphic-based authentication secure against smudge attacks". Proceedings of the 2013 international conference on Intelligent user interfaces. New York, New York, USA: ACM Press. p. 277. doi:10.1145/2449396.2449432. ISBN 978-1-4503-1965-2. S2CID 13389690.
^Meng, Weizhi; Wong, Duncan S.; Furnell, Steven; Zhou, Jianying (2015). "Surveying the Development of Biometric User Authentication on Mobile Phones". IEEE Communications Surveys & Tutorials. 17 (3): 1268–1293. doi:10.1109/comst.2014.2386915. ISSN 1553-877X. S2CID 8918672.
^Schneegass, Stefan; Steimle, Frank; Bulling, Andreas; Alt, Florian; Schmidt, Albrecht (2014-09-13). "SmudgeSafe". Proceedings of the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing. UbiComp '14. Seattle, Washington: Association for Computing Machinery. pp. 775–786. doi:10.1145/2632048.2636090. ISBN 978-1-4503-2968-2. S2CID 15505553.
A smudgeattack is an information extraction attack that discerns the password input of a touchscreen device such as a cell phone or tablet computer from...
Look up smudge in Wiktionary, the free dictionary. Smudge may refer to: Smudge (Blue Peter cat), one of the Blue Peter pets Smudge (meme cat), from the...
it easy to clean without smearing and smudging. This helps decrease the feasibility of a successful smudgeattack. In addition to being lipophobic or oleophobic...
possibility of cracking a device's password through a smudgeattack (literally imaging the finger smudges on the screen to discern the user's password). The...
residents of Pure Island can be disappointed. However, the villain, captain Smudge, attack by aiming at the treasure Tear of the mermaid on the island. Kona, Serendipity...
for in-situ observation attacks (e.g., shoulder surfing attacks) that can be affected by hand occlusions. While smudgeattacks can reveal the order of...
features a 5.5-inch display. The display has oleophobic coating to prevent smudgeattacks. The device includes 16 GB of internal storage, expandable via microSD...
typically based on blood tests finding high numbers of mature lymphocytes and smudge cells. Early-stage CLL in asymptomatic cases responds better to careful...
air. It also had smudge pots placed at strategic locations and remotely controlled to simulate stack smoke and damage from attacks. From the air it looked...
top of the girls' bodies; a smudged fingerprint was found on the lens, but it has never been identified as it was too smudged for a positive identification...
made a propeller wash. In 45 minutes the Dutch coast appeared as a thin smudge upon the horizon. There were no large features to guide their approach....
Wind" November 16, 2020 (2020-11-16) Items appraised include an antique smudge pot fire starter; a customized Ludwig drum set that was originally made...
S2CID 45347124. Milius, S. (August 1, 1998). Glow-in-the-dark shark has killer smudge. Science News. Retrieved on December 15, 2014. Martin, R.A. Deep Sea: Cookiecutter...
creature attacked by the population. "Smudge in the Tap Country" shows the character in a place full of water - an element of which Smudge is afraid...
her length Maru (Japan), internet celebrity famous for his love of boxes. Smudge (Canada), also known as "Table Cat", who became part of the woman yelling...
modern Greek word mountzoura (μουντζούρα) or moutzoura (μουτζούρα) for a smudge, scribble or dark stain has the same origin. The gesture of mountza does...
when used in pregnancy. Mugwort amongst other herbs was often bound into smudge sticks. The Chumash people from southern California have a similar ritual...
noticed that on the underside of the box's inner tray, there was a greasy smudge which appeared to be a fingerprint. As a member of the Belper Committee...
attack. Immigrants being processed at Ellis Island had to be evacuated to Lower Manhattan. Soon after the explosion, two watchmen who had lit smudge pots...