Optimizing Decision Tree Attack on CAS Scheme

PERKOVIC, T.; BUGARIC, M.; CAGALJ, M.

doi:10.4316/AECE.2016.02010

Advances in Electrical and Computer Engineering (May 2016)

Optimizing Decision Tree Attack on CAS Scheme

PERKOVIC, T.,
BUGARIC, M.,
CAGALJ, M.

Affiliations

PERKOVIC, T.
BUGARIC, M.
CAGALJ, M.

DOI: https://doi.org/10.4316/AECE.2016.02010
Journal volume & issue: Vol. 16, no. 2
pp. 69 – 74

Abstract

Read online

In this paper we show a successful side-channel timing attack on a well-known high-complexity cognitive authentication (CAS) scheme. We exploit the weakness of CAS scheme that comes from the asymmetry of the virtual interface and graphical layout which results in nonuniform human behavior during the login procedure, leading to detectable variations in user's response times. We optimized a well-known probabilistic decision tree attack on CAS scheme by introducing this timing information into the attack. We show that the developed classifier could be used to significantly reduce the number of login sessions required to break the CAS scheme.

Published in Advances in Electrical and Computer Engineering

ISSN: 1582-7445 (Print); 1844-7600 (Online)
Publisher: Stefan cel Mare University of Suceava
Country of publisher: Romania
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Electronics: Computer engineering. Computer hardware
Website: http://www.aece.ro

About the journal

Abstract

Keywords