TY - GEN
T1 - Poster
T2 - 24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017
AU - Kim, Seungyeon
AU - Lee, Hoyeon
AU - Kwon, Taekyoung
PY - 2017/10/30
Y1 - 2017/10/30
N2 - Modern smartphones popularly adopt a small touch sensor for fingerprint identification of a user, but it captures only a partial limited portion of a fingerprint. Recently we have studied a gap between actual risk and user perception of latent fingerprints remaining on a smartphone, and developed a fake fingerprint a.ack that exploits the latent fingerprints as actual risk. We successfully reconstructed a fake fingerprint image in good quality for small touch sensors. In this paper, we subsequently conduct post hoc experimental studies on the facts that we have missed or have since learned. First of all, we examine that the presented a.ack is not conceptual but realistic. We employ the reconstructed image and make its fake fingerprint, using a conductive printing or a silicon-like glue, to pass directly the touch sensor of real smartphones. Our target smartphones are Samsung Galaxy S6, S7 and iPhone 5s, 6, 7. Indeed we have succeeded in passing Galaxy S6, S7, and now work on the remaining smartphones. We also conduct an experimental study for one of our mitigation methods to see how it can reduce actual risk. Finally, we perform a user survey study to understand user perception on the fake fingerprint a.acks and the mitigation methods.
AB - Modern smartphones popularly adopt a small touch sensor for fingerprint identification of a user, but it captures only a partial limited portion of a fingerprint. Recently we have studied a gap between actual risk and user perception of latent fingerprints remaining on a smartphone, and developed a fake fingerprint a.ack that exploits the latent fingerprints as actual risk. We successfully reconstructed a fake fingerprint image in good quality for small touch sensors. In this paper, we subsequently conduct post hoc experimental studies on the facts that we have missed or have since learned. First of all, we examine that the presented a.ack is not conceptual but realistic. We employ the reconstructed image and make its fake fingerprint, using a conductive printing or a silicon-like glue, to pass directly the touch sensor of real smartphones. Our target smartphones are Samsung Galaxy S6, S7 and iPhone 5s, 6, 7. Indeed we have succeeded in passing Galaxy S6, S7, and now work on the remaining smartphones. We also conduct an experimental study for one of our mitigation methods to see how it can reduce actual risk. Finally, we perform a user survey study to understand user perception on the fake fingerprint a.acks and the mitigation methods.
UR - http://www.scopus.com/inward/record.url?scp=85038914980&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85038914980&partnerID=8YFLogxK
U2 - 10.1145/3133956.3138832
DO - 10.1145/3133956.3138832
M3 - Conference contribution
AN - SCOPUS:85038914980
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 2515
EP - 2517
BT - CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security
PB - Association for Computing Machinery
Y2 - 30 October 2017 through 3 November 2017
ER -