Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Fingerprint Attack. Show all posts

Researchers Unveil Sound-Based Attack: Swipe Sounds Used to Recreate Fingerprints

 

A group of researchers from China and the US has introduced an intriguing new method for compromising biometric security systems. Their study, titled "PrintListener: Uncovering the Vulnerability of Fingerprint Authentication via the Finger Friction Sound," presents a novel side-channel attack aimed at the sophisticated Automatic Fingerprint Identification System (AFIS). 

This attack exploits the sound produced by a user's finger swiping across a touchscreen to extract fingerprint pattern details. Through testing, the researchers claim success rates of attacking "up to 27.9% of partial fingerprints and 9.3% of complete fingerprints within five attempts at the highest security FAR [False Acceptance Rate] setting of 0.01%." This research marks the first instance of utilizing swiping sounds to deduce fingerprint information.

Fingerprint biometric security measures are prevalent and widely trusted, with projections suggesting the fingerprint authentication market could reach nearly $100 billion by 2032. However, with growing awareness of potential fingerprint theft, individuals and organizations are becoming more cautious about exposing their fingerprints, even in photographs.

In the absence of direct access to fingerprints or detailed finger images, attackers have found a new avenue for obtaining fingerprint data to bolster dictionary attacks like MasterPrint and DeepMasterPrint. The PrintListener study reveals that "finger-swiping friction sounds can be captured by attackers online with a high possibility," using common communication apps such as Discord, Skype, WeChat, and FaceTime. By exploiting these sounds, the researchers developed PrintListener, a sophisticated attack method.

PrintListener overcomes significant challenges, including capturing faint friction sounds, separating fingerprint influences from other user characteristics, and advancing from primary to secondary fingerprint features. The researchers achieved this through the development of algorithms for sound localization, feature extraction, and statistical analysis.

Through extensive real-world experiments, PrintListener demonstrates remarkable success rates in compromising fingerprint security, surpassing unassisted dictionary attacks. This research underscores the importance of addressing emerging threats to biometric authentication systems and developing robust countermeasures to safeguard sensitive data.

This Brute-force Fingerprint Attack has the Potential to Compromise Your Android Phone

 

Based on a research paper from cybersecurity researchers at Tencent Labs and Zhejiang University, there is a means to "brute-force" fingerprints on Android smartphones, and with physical access to the smartphone and enough time, a hacker would be able to unlock the device. 

According to the report, two zero-day vulnerabilities known as Cancel-After-Match-Fail (CAMF) and Match-After-Lock (MAL) exist in Android devices (as well as those powered by Apple's iOS and Huawei's HarmonyOS). The researchers were able to accomplish two things by exploiting these flaws: make Android enable an infinite number of fingerprint scanning attempts; and leverage databases obtained in academic datasets, biometric data dumps, and other comparable sources.

The attackers needed a few things to pull off the attacks: physical access to an Android-powered smartphone, enough time, and $15 in hardware.

The attack was dubbed "BrutePrint" by the researchers, who claim that it would take between 2.9 and 13.9 hours to break into an endpoint with only one fingerprint set up. They claimed that devices with numerous fingerprint recordings are substantially easier to break into, with the average time for "brute printing" ranging from 0.66 hours to 2.78 hours.

The experiment was carried out on ten "popular smartphone models" as well as two iOS devices. It's currently unknown which models were affected, however, they claimed to have achieved infinite tries on Android and HarmonyOS devices. 

However, they only managed to gain an extra 10 attempts on iPhone SE and iPhone 7 models, which was insufficient to successfully carry out the attack. As a result, while iOS may be exposed to these weaknesses, the present approach of breaking into the device by brute force will not work. 

While this form of attack may not be appealing to the average hacker, the researchers believe it may be utilized by state-sponsored actors and law enforcement organizations.