Go to DBLP homepageBEyes: Unseen Eyes Snooping Pattern Lock via BFI
Abstract: With the proliferation of smartphone application services, the pattern lock remains widely used for authentication. Notably, the risks associated with password entry in public spaces have attracted significant attention from researchers. Various attacks have been explored to steal passwords, but each comes with limitations, such as requiring good lighting conditions, close proximity, pre-deployed devices, or system intrusion. To address these challenges, we propose an attack method called BEyes, which utilizes beamforming feedback information (BFI) to eavesdrop on pattern passwords drawn on smartphone screens. Since BFI is transmitted in clear text and describes the downlink channel state information (CSI), any Wi-Fi 5-enabled device can capture it out of the victim’s view, reducing the likelihood of the attack being detected. To avoid missing critical pattern drawing information, we propose a traffic generation mechanism based on traffic competition, which ensures stable BFI. To mitigate the effects of frequency-selective fading and noise, we apply subcarrier alignment and principal component analysis (PCA) to improve efficiency. Additionally, we introduce a motion-based joint inference model, enabling BEyes to generalize its inference from a few known pattern passwords to unknown ones. Extensive experiments demonstrate that BEyes achieves an accuracy of 89.2% in inferring a 3-line pattern password within the Top-10 attempts.
External IDs:dblp:conf/icdcs/ChenW0G025
Loading