Knock, Knock. Who's There? On the Security of LG's Knock Codes
Authors:
Raina Samuel,
Philipp Markert,
Adam J. Aviv,
Iulian Neamtiu
Abstract:
Knock Codes are a knowledge-based unlock authentication scheme used on LG smartphones where a user enters a code by tapping or "knocking" a sequence on a 2x2 grid. While a lesser used authentication method, as compared to PINs or Android patterns, there is likely a large number of Knock Code users; we estimate, 700,000--2,500,000 in the US alone. In this paper, we studied Knock Codes security aski…
▽ More
Knock Codes are a knowledge-based unlock authentication scheme used on LG smartphones where a user enters a code by tapping or "knocking" a sequence on a 2x2 grid. While a lesser used authentication method, as compared to PINs or Android patterns, there is likely a large number of Knock Code users; we estimate, 700,000--2,500,000 in the US alone. In this paper, we studied Knock Codes security asking participants to select codes on mobile devices in three settings: a control treatment, a blocklist treatment, and a treatment with a larger, 2x3 grid. We find that Knock Codes are significantly weaker than other deployed authentication, e.g., PINs or Android patterns. In a simulated attacker setting, 2x3 grids offered no additional security, but blocklisting was more beneficial, making Knock Codes' security similar to Android patterns. Participants expressed positive perceptions of Knock Codes, but usability was challenged. SUS values were "marginal" or "ok" across treatments. Based on these findings, we recommend deploying blacklists for selecting a Knock Code because it improves security but has limited impact on usability perceptions.
△ Less
Submitted 26 June, 2020; v1 submitted 5 June, 2020;
originally announced June 2020.
Adapting Graph Application Performance via Alternate Data Structure Representation
Authors:
Amlan Kusum,
Iulian Neamtiu,
Rajiv Gupta
Abstract:
Graph processing is used extensively in areas from social networking mining to web indexing. We demonstrate that the performance and dependability of such applications critically hinges on the graph data structure used, because a fixed, compile-time choice of data structure can lead to poor performance or applications unable to complete. To address this problem, we introduce an approach that helps…
▽ More
Graph processing is used extensively in areas from social networking mining to web indexing. We demonstrate that the performance and dependability of such applications critically hinges on the graph data structure used, because a fixed, compile-time choice of data structure can lead to poor performance or applications unable to complete. To address this problem, we introduce an approach that helps programmers transform regular, off-the-shelf graph applications into adaptive, more dependable applications where adaptations are performed via runtime selection from alternate data structure representations. Using our approach, applications dynamically adapt to the input graph's characteristics and changes in available memory so they continue to run when faced with adverse conditions such as low memory. Experiments with graph algorithms on real-world (e.g., Wikipedia metadata, Gnutella topology) and synthetic graph datasets show that our adaptive applications run to completion with lower execution time and/or memory utilization in comparison to their non-adaptive versions.
△ Less
Submitted 28 December, 2014;
originally announced December 2014.