smudge attack

Hello, you have come here looking for the meaning of the word smudge attack. In DICTIOUS you will not only get to know all the dictionary meanings for the word smudge attack, but we will also tell you about its etymology, its characteristics and you will know how to say smudge attack in singular and plural. Everything you need to know about the word smudge attack you have here. The definition of the word smudge attack will help you to be more precise and correct when speaking or writing your texts. Knowing the definition ofsmudge attack, as well as those of other words, enriches your vocabulary and provides you with more and better linguistic resources.

English

WOTD – 21 May 2017

Etymology

An iPad used by children with its touchscreen covered with fingerprint smudges

smudge + attack; coined in 2010 by researchers from the University of Pennsylvania’s Department of Computer and Information Science in Philadelphia, Pennsylvania, USA: see the quotation.

Pronunciation

Noun

smudge attack (plural smudge attacks)

  1. (computer security) A method used to crack the password of a touchscreen device by analysing the oily smears left on the device's screen by the user's fingers.
    • 2010 August 9, Adam J. Aviv, Katherine Gibson, Evan Mossop, Matt Blaze, Jonathan M. Smith, “Smudge Attacks on Smartphone Touch Screens”, in WOOT '10: 4th USENIX Workshop on Offensive Technologies, August 9, 2010, Washington, D.C.; USENIX, archived from the original on 21 July 2016:
      Touch screens are touched, so oily residues, or smudges, remain on the screen as a side effect. Latent smudges may be usable to infer recently and frequently touched areas of the screen – a form of information leakage. This paper explores the feasibility of smudge attacks, where an attacker, by inspection of smudges, attempts to extract sensitive information about recent user input.
    • 2012, Yunlim Ku with Okkyung Choi, Kangseok Kim, Taeshik Shon, Manpyo Hong, Hongjin Yeh, and Jai-Hoon Kim, “Extended OTP Mechanism Based on Graphical Password Method”, in James J Park, Victor C. M. Leung, Cho-Li Wang, Taeshik Shon, editors, Future Information Technology, Application, and Service: FutureTech 2012 Volume 1, Dordrecht: Springer, →DOI, →ISBN, →ISSN, page 204:
      The OTP [one-time password] mechanism that financial institutions adopted utilizes a one-time password displayed on OTP device, so it is vulnerable to shoulder surfing attacks (SSA) and smudge attacks.
    • 2013, “Information Security”, in Q. Ashton Acton, editor, Issues in Information Science—Information Technology, Systems, and Security, Atlanta, Ga.: ScholarlyEditions, published 2013, →ISBN, page 200:
      However, the fixed keypad lock can be easily unlocked by brute force attacks and the pattern lock is vulnerable to smudge attacks.
    • 2013 February 22, Alex Wawro, Marco Chiappetta, “Windows 8 picture passwords: Their great untapped potential”, in PC World, San Francisco, Calif.: PCW Communications, →OCLC, archived from the original on 9 August 2016:
      [A]rguably, picture passwords are a little more secure on desktops than on touchscreen devices, because you don't have to worry about anyone guessing your gesture password by examining your monitor for greasy fingerprints. That last scenario may sound like something out of a trashy espionage thriller, but the threat of a "smudge attack" is real enough to warrant serious study. Researchers at the University of Pennsylvania coined the term in 2010 when they were able to successfully deduce gesture passwords used to unlock Android phones from smudge marks left on the screen.

Further reading

Wikious
Boobota
Sagapedia