Swapnil Udar scite author profile

Swapnil Udar

4Publications

33Citation Statements Received

61Citation Statements Given

How they've been cited

How they cite others

Affiliations

Aalto University

Publications

Order By: Most citations

Pitfalls in Designing Zero-Effort Deauthentication: Opportunistic Human Observation Attacks

Huhta

Shrestha

Udar

et al. 2016

View full text Add to dashboard Cite

Deauthentication is an important component of any authentication system. The widespread use of computing devices in daily life has underscored the need for zero-effort deauthentication schemes. However, the quest for eliminating user effort may lead to hidden security flaws in the authentication schemes.As a case in point, we investigate a prominent zero-effort deauthentication scheme, called ZEBRA, which provides an interesting and a useful solution to a difficult problem as demonstrated in the original paper. We identify a subtle incorrect assumption in its adversary model that leads to a fundamental design flaw. We exploit this to break the scheme with a class of attacks that are much easier for a human to perform in a realistic adversary model, compared to the naïve attacks studied in the ZEBRA paper. For example, one of our main attacks, where the human attacker has to opportunistically mimic only the victim's keyboard typing activity at a nearby terminal, is significantly more successful compared to the naïve attack that requires mimicking keyboard and mouse activities as well as keyboardmouse movements. Further, by understanding the design flaws in ZEBRA as cases of tainted input, we show that we can draw on well-understood design principles to improve ZEBRA's security.

show abstract

Pitfalls in Designing Zero-Effort Deauthentication: Opportunistic Human Observation Attacks

Huhta

Shrestha

Udar

et al. 2015

Preprint

View full text Add to dashboard Cite

Extracting Building Footprints from Satellite Images using Convolutional Neural Networks

Chawda¹,

Aghav

Udar³

2018

View full text Add to dashboard Cite

SpotShare and nearbyPeople

Nagy

Bui

Udar

et al. 2015

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Swapnil Udar

Pitfalls in Designing Zero-Effort Deauthentication: Opportunistic Human Observation Attacks

Pitfalls in Designing Zero-Effort Deauthentication: Opportunistic Human Observation Attacks

Extracting Building Footprints from Satellite Images using Convolutional Neural Networks

SpotShare and nearbyPeople

Contact Info

Product

Resources

About