On Purely Automated Attacks and Click-Based Graphical Passwords.

Page 1

On Purely Automated Attacks and Click-Based Graphical Passwords∗†
Amirali Salehi-Abari, Julie Thorpe, and P.C. van Oorschot
School of Computer Science, Carleton University, Canada
{asabari, jthorpe, paulv}@scs.carleton.ca
Abstract
We present and evaluate various methods for purely au-
tomated attacks against click-based graphical passwords.
Our purely automated methods combine click-order heuris-
tics with focus-of-attention scan-paths generated from a
computational model of visual attention. Our method re-
sults in a significantly better automated attack than pre-
vious work, guessing 8-15% of passwords for two repre-
sentative images using dictionaries of less than 224.6en-
tries, and about 16% of passwords on each of these im-
ages using dictionaries of less than 231.4entries (where the
full password space is 243). Relaxing our click-order pat-
tern substantially increased the efficacy of our attack al-
beit with larger dictionaries of 234.7entries, allowing at-
tacks that guessed 48-54% of passwords (compared to pre-
viousresults of 0.9%and9.1%onthe same two imageswith
235guesses). These latter automated attacks are indepen-
dent of focus-of-attention models, and are based on image-
independent guessing patterns. Our results show that au-
tomated attacks, which are easier to arrange than human-
seeded attacks and are more scalable to systems that use
multiple images, pose a significant threat.
1 Introduction
Graphical passwords are an alternative to traditional text
passwords, whereby a user must remember an image (or
parts of an image) in place of a word. They are moti-
vated in part by the well-known fact that people are bet-
ter at remembering images than words [19].
many different types of graphical passwords; among the
more popular approaches is click-based graphical pass-
words [31, 16, 2, 13, 6], which require users to click on
a sequence of points on one or more background images.
There are
∗This paper appears in the Proceedings of the 24th Annual Computer
Security Applications Conference (ACSAC), Anaheim, USA. December
8- 12, 2008. c ?IEEE.
†Version: Sept.15, 2008. The third author acknowledges NSERC fund-
ing under a Discovery Grant and as Canada Research Chair in Network
and Software Security.
The most effective attack strategy to date on these schemes
appears to be human-seeded attacks [27], although such at-
tacks are more difficult to arrange than attacks based on
purely automated means and do not scale well for systems
that use multiple images. In this paper, we pursue purely
automated approaches for guessing attacks.
We pursue heuristic-based strategies for purely auto-
mated dictionary generation (e.g., based on click-order pat-
terns), and strategies to prioritize these dictionaries using
image processing methods to identify points that users are
more likely to choose. We hypothesize that users will
choose click-points according to a click-order pattern, to
help remember the password as fewer “chunks” [8]. We
further examine use of the DIAG click-order pattern [27],
which captures arcs that are consistent in both horizontal
and vertical directions, and a subset of this pattern that we
call LINE that captures only horizontal and vertical lines.
We relax the rules on these definitions, showing that a
“lazy”approachtotheseclick-orderpatternsis substantially
more effective.
We further hypothesize that users will choose click-
points based on their preference for certain points in the
image,and thattheir preferenceforcertainpointswill bein-
fluenced by how much they are naturally attracted to those
points. Attention is the cognitive process of selectively fo-
cusingononeaspect ofthe environmentwhileignoringoth-
ers, a mechanism that helps us prioritize sensory informa-
tion. There are two different categories of visual attention
models: bottom-up and top-down. Bottom-up visual atten-
tion captures how attention is drawn to the parts of a scene
or image that are salient or conspicuous. It is what natu-
rally draws us to look at the unexpected or different parts
of a scene, prioritizingthem from the other consistent parts.
For example, if an image contains a large numberof objects
that are blue, and only one is yellow, human attention will
instinctively focus on the yellow object. Top-down visual
attention is task-dependent, based on cognitive, volitional
control. With a priori knowledge about what object(s) to
look for, our attention is brought to the parts of the scene
containing those object(s). For example, if a user decides
that people with dark hair are of interest for some reason,

Page 2

the user’s attention would shift between objects with fea-
tures that might indicate a dark-haired person.
Our contributions include the best purely automated at-
tacks to date against click-based graphical passwords, an
evaluation of how the model of Itti et al. [15] relates to
user-selected click-based graphical passwords, and a new
spatial clustering algorithm. Two different hypotheses were
tested regarding how users might choose their click-points
relative to Itti’s model. Our methods were tested using the
same field study database used by Thorpe et al. [27], allow-
ing us to compare performance. We found that a “lazy”
approach to click-order patterns produced a substantially
better automated attack than previous methods with com-
parable dictionary sizes and images [27, 10], guessing 48-
54% of passwords (compared to 0.9-9.1% previously) on
two different images used in a long-term field study with a
dictionary of about 235entries. Furthermore, we were able
tooptimizethisdictionaryusingItti’s model,producingdic-
tionaries whose efficacy is comparable to human-seededat-
tacks [27]: one dictionary of 230.3entries guessed 15.8% of
passwords on one image, and on a second image a dictio-
nary of 231.4entries guessed 16.5% of passwords.
The remainderof this paperproceedsas follows. Section
2 discusses backgroundand relatedwork, includingcompu-
tational models of visual attention. We describe our purely
automated attack generation methods in Section 3, results
in Section 4, future work in Section 5, and conclusions in
Section 6.
2Background and Related Work
We discuss computational models of visual attention in
Section 2.1, and terminologyin Section 2.2. Many different
types of graphical passwords have been proposed to date
(see surveys [26, 20]). Here we give a brief overview fo-
cused onclick-basedgraphicalpassword schemes and other
work on modeling user choice in graphical passwords.
Click-based graphical password schemes require a user
to click on a set of points on one or more presented back-
ground images. In Blonder’s proposal [2] users must click
on a set of predefined tap regions. In V-go, by PassLogix
[24], users must click on predefined objects in the picture
in a specific sequence. In the Jansen et al. [16] variation
for PDAs, users click an ordered sequence of visible grid
squares imposed on a background image; the squares are
intended to help the user repeat their click-points in subse-
quent logins.
PassPoints [32, 31, 30] allows users to click a sequence
offivepointsanywhereonanimagewhileallowingadegree
of error tolerance using robust discretization [1]. Various
studies have shown that PassPoints has acceptable usability
[30, 32, 31, 5]. visKey, a commercial system for the Pocket
PC, appears similar but allows the user to choose the num-
ber of click-points and set the error tolerance. In the Per-
suasive Cued Click-Points (PCCP) [4, 6] variation, a user
clicks on a single point on each of five images, guided par-
tially by a randomlyplaced viewport; each image displayed
(after the first) is dependent on the previous click-point.
Two previous studies have examined the security of
PassPoints-style graphical passwords. Dirik et al. [10] ex-
amine the efficacy of an automated tool for guessing Pass-
Points passwords. Their method, which does not draw on
a standard computational model of visual attention, uses
centroids of segments as guesses (but no corners). It was
tested against a database of single-session user choices for
two images. For the image with a reasonable level of detail,
their method guessed 8% of passwords with a dictionary of
232entries compared to full space of 240entries. As pre-
viously discussed, Thorpe et al. [27] examine both an auto-
mated method (based on stage 1 of Itti et al.’s [15] model
of visual attention; see Section 2.1), and a human-seeded
method (which uses click-point data from a set of users’
password choices).
User choice has been successfully modeled for other
graphical password schemes.
user choice forFaces and Story recognition-basedgraphical
passwords by training a dictionary using a large password
database. Van Oorschot et al. [28] model user choice in
“Draw-A-Secret” pure-recall graphical passwords [17] mo-
tivated by cognitive studies.
Davis et al. [9] modeled
2.1Models of Visual Attention
We conjecture that a significant percentage of users will
choose points that draw their attention as components of
their click-based passwords, and thus that computational
models of visual attention may help pick out more probable
click-points. Computational models of bottom-upvisual at-
tention are normally defined by features of a digital image,
such as intensity, color, and orientation [15, 14].
Computational models of top-down visual attention can
be defined by training [22]. The difficulty of these models
is that the top-down task must be pre-defined (e.g., find all
people in the image), and then a corpus of images that are
tagged with the areas containing the subject to find (e.g.,
people) must be used for training. Navalpakkam et al. [21]
discuss an alternate method to create a top-down model,
based on Guided Search [33], which weighs visual feature
maps according to the top-down task. For example, with
a task of locating a red object, a red-sensitive feature map
would gain more weight, giving it a higher value in the re-
sulting saliency map. In both cases, assumptions regarding
what sort of objects people are looking for are required to
create such a model.
In this work, we focus on bottom-upvisual attention, us-
ing Itti et al.’s [15] computational model of visual attention.

Page 3

We use this particular model as it is quite well-known, and
there is empirical evidence that it captures people’s bottom-
up visual attention [23]. The general idea behindthis model
is that areas of an image will be salient (or visually “stand
out”) when they differ from their surroundings.
We now explain Itti’s model in further detail. Given
an input image, it outputs a focus-of-attention scan-path to
model the locations and the order in which a human might
automatically and unconsciously attend them. It is com-
posed of two stages: (stage 1) construction of a saliency
map based on visual features, and (stage 2) the use of a
winner-take-all neural network with inhibition of return to
define a specific focus-of-attentionscan-path, whose goal is
to replicate the order in which a user would scan the im-
age. Thorpe et al. [27] developed an automated attack for
click-basedgraphicalpasswordsthatfocusedonlyona vari-
ation of stage 1, ordering an attack dictionary based on the
raw values of the resulting saliency map. The present paper
uses the entire model including stage 2.
In stage 1, the saliency map is created by decompos-
ing the original image into a set of 50 multi-level “feature
maps”, which extract spatial discontinuities based on color
opponency (either red-green or blue-yellow), intensity, or
orientation. Each level defines a different size of the center
and its surround, in order to account for conspicuous loca-
tions of various sizes. All feature maps are then combined
into a single saliency map.
In stage 2, a winner-take-all neural network detects the
point of highest salience (as indicated by the intensity value
of the saliency map), and draws the focus of attention to-
wards this location. Once an area has been attended to, in-
hibition of return will prevent an area from being the fo-
cus again for a period of time. Together, the winner-take-
all neural network with inhibition of return produces out-
put in the form of spatio-temporal attentional scan-paths,
which follow the order of decreasing saliency as defined by
stage 1. Two different normalizationtypes can be used with
the model: LocalMax and Iterative (cf. Figure 1). In Iter-
ative normalization, the neural network will find the next
most salient area that has not been inhibited. In LocalMax
normalization, the neural network will have a bias towards
those areas that are closer to the previously attended loca-
tion. Each normalization type produces a different scan-
path; we study and compare the results of each as relates to
our work.
2.2Terminology
We hypothesize that users are more likely to choose dis-
tinguishablepoints as click-points. We define a distinguish-
ablepointasapointonadigitalimagethatcanbeeasilydis-
tinguished and relocated by a user. General ways this could
be accomplished include: (1) by using referencable points
on the image (e.g., a corner), and (2) by using calculable
points that are based on other referencable parts of the im-
age (e.g., object centers). In related work, Thorpeet al. [27]
used corner detection to find referencable points, and Dirik
et al. [10] used centroids to find calculable points. Here, we
use both approaches to define a distinguishable points map
δ. We describe the details of each method below.
We use the following additional terminology. Suppose
that a user chooses a click-point c as part of her password.
The tolerable error or tolerance t is the error allowed (in
both vertical and horizontal directions) for a click-point en-
tered on a subsequent login to be accepted as c. This de-
fines a tolerance region (T-region) centered on c, which for
an implementation using t = 9 pixels, is a 19 × 19 pixel
square. A 19×19 T-region was used in the implementation
for collecting the database [27] used herein for evaluating
our results.
A window cluster is a square region of size n × n for
some positive integer n. A cluster is a set of one or more
points that lie within a window cluster. The center of a win-
dowclusteris representativeofall thepointswithinthewin-
dowcluster. Analphabetis aset ofdistinctwindowcenters.
Corner Detection. A corner can be defined as the inter-
section of two edges, where an edge is defined by the points
in a digital image where there are sharp changes in intensity
[11]. A corner can also be defined as a point in whose lo-
cal neighborhoodthere are two dominantand differentedge
directions [11].
We use the harris algorithm [12] as implemented by
Kovesi [18] for detecting corners. Harris corner detection
first identifies the edges and then those edges are blurred to
reduce the effect of any noise. Then an energy map is gen-
erated, based on the edges that contain local maxima and
minima. A local maximum indicates the presence of a cor-
ner. We run harris corner detection with the parameters:
σ = 1, θ = 1000 and r = 3, where σ is the standard devi-
ation of a smoothing Gaussian filter, θ is a threshold for the
maximum number of corners, and r is an inhibition radius,
measured in pixels around a detected corner.
Figure 2 shows the pool image where each detected cor-
ner is illustrated by a ‘+’. We also create a binary corners
map, which is a specialized type of binary map (i.e., a one-
to-one mapping from its pixels of value 0 or 1 to the pix-
els of the original image). In a binary corners map, when
a pixel is a corner in the original image, its corresponding
value is 1; otherwise it is 0.
Centroid Detection. To find the centers of objects, we
first partition the digital image into segments using image
segmentation,the goal of which is to change the representa-
tionofanimageintosomethingmoremeaningfulandeasier
to analyze [25]. We use the mean-shift segmentation algo-
rithm [7], which takes a feature (range) bandwidth, spatial
bandwidth, and a minimum region area (in pixels) as input.

Page 4

(a) LocalMax normalization(b) Iterative normalization
Figure 1. pool image with the first 7 items in the scan-path.
Figure 2. Corner detection (left) and center detection (right) output for pool.
We set these parameters to 7, 9, and 50 respectively, which
wefoundempiricallytoprovideanacceptablesegmentation
with the smallest resulting number of segments.
After segmentation, we calculate the center of each seg-
ment (centroid) by calculating the arithmetic mean of each
coordinate of the segment’s points. In other words, the
center (XS,YS) of segment S is calculated by XS =
1
n(S)n(S)
are pixel coordinates, and n(S) denotes the total number
of pixels in segment S. The x coordinates of all points in
S are involved in calculating XS, not only those along the
maximum width.
Figure 2(b) illustrates the resulting segments of the pool
image with different shading. The center of each segment
is denoted by a ‘+’. We also create a centers map, which is
a binary map of the same size of the corresponding image
where each pixel has the value 0 or 1. If a pixel is a center
of a segment in the correspondingimage, its value is 1; oth-
?
i∈Sxi and YS =
1
?
i∈Syi, where xi and yi
erwise its value is 0. The distinguishable points map δ is a
binary map that is the logical (inclusive) “or” of the binary
centers map and binary corners map.
3Experimental Methodology
We pursue attacks that use click-order patterns and im-
age processing methods for creating more efficient, ordered
attack sub-dictionaries. We describethe specific click-order
patterns we examine and their specification in Section 3.2.
The image processing methods which we used for further
optimization are described in Section 3.1, along with the
window clustering algorithm we use to optimize the dictio-
nary.

Page 5

3.1Image Processing Method
We used the Saliency Toolbox[29] implemented in Mat-
lab. The weights of all feature maps used by the toolbox
are set to one, to indicate that orientation, intensity and
colors have the same level of importance. All the other
settings of this toolbox are set to default except normal-
ization type, which can be either Iterative or LocalMax.
Since each of these two normalization types cause differ-
ent spatio-temporal attentional scan-paths, we tested both
in our experiments. For each, we examine two different
styles of generatinga dictionaryfor use in a guessing attack
described below.
For each dictionary guessing style, we generate a map of
candidate click-points using our distinguishable points map
δ as a bitmask to the resulting attracted regionsof the image
(i.e., using a logical “and”). We then refine this binary map
of candidate points as follows.
Window Clustering Algorithm. We assume that an at-
tacker’s goal is to guess the largest number of passwords
with the fewest guesses. After creating a set of points for a
guessing dictionary (which might be used in passwords in
anyorderingoffiveclicks), manyofthemmaybewithinthe
same tolerance region, and thus could be redundant (effec-
tively guessing the same point). We devised a “clustering”
method to normalize a set of points to a single value. The
intuition is that given the system error tolerance, one point
would be accepted as a correct entry for all others within
its tolerance region. A previous clustering algorithm [27]
centers each cluster on one of the original input points.
We introduce an alternative, Window Clustering, based
on setting a window of fixed size (not necessarily the same
size as the tolerance region) over the largest number of
points it can cover. We then replace those candidate points
inside the window with the geometric center of the win-
dow. Thus, the center of the cluster is not necessarily one of
the original input points. Figure 3 shows an example set of
Figure 3. Window Clustering
candidatepoints with blacksquares, where each square rep-
resents a pixel. These 7 candidate points are covered with
two 3 × 3 windows and will be represented by the centers
of the two windows illustrated with grey squares.
Window Clustering is a greedy algorithm with a fixed
window size. Starting with all candidate points, it finds the
nextpositionforthewindowthatcoversthemaximumnum-
ber of remaining points (ties are broken arbitrarily). It then
stores the center of the window to represent the points in
the window, and erases the corresponding points. It con-
tinues this process until no candidate points remain. In our
experiments,the candidatepoints we use are the points with
value 1 in Sbof Section 3.1.1 and Biof Section 3.1.2. The
window size is set to 19 × 19 in our experiments.
3.1.1Guessing Style: Ordered by Scan-Path
Thehypothesishereis that usersmaychoosetheirpassword
points from separate attracted regions, following the order
of the focus-of-attention scan-path. The ordered dictionary
described in this subsection is designed to test this hypoth-
esis.
Using the visual attention tool, we generate S, a set of
binary maps, where each binary map is generated in a sin-
gle step of the scan-path. S = {A1,A2,...,An} where Ai
denotes the generated binary map in step i and n is the to-
tal number of steps. Pixels of a binary map Aihave value
1 if they belong to the attracted region of step i, otherwise
0. Sb = {A1∧ δ,A2∧ δ,...,An∧ δ}, and then the win-
dow clustering algorithm is run separately on each element
in Sbto create Sc. Sccontains n sets of candidate points,
each set containing the cluster centers produced from run-
ning the clustering algorithm on the corresponding element
of Sb. To create each entry of the dictionary, we choose all
sets of five elements of Scand then order these elements by
increasing index. Finally, we choose one point from each
of these five elements, while retaining the element order-
ing, to put in the dictionary. Thus each dictionary entry is a
five-point graphical password, where each point belongs to
an element of Sc, and the five points (each belonging to a
distinct scan-path element) are orderedby the order of the 5
elements in the scan-path.
3.1.2Guessing Style: Unordered Incremental
Here the hypothesis is that users may choose their click-
points based on points that fall along the focus-of-attention
scan-path, but not necessarily in the order of the scan-path.
The unordered incremental (UI) dictionary is designed to
test this hypothesis. We call the UI dictionary with Local-
Max normalization V A1, and with Iterative normalization
V A2.
Using the visual attention tool, we generate a set of
binary maps S?, where the ithbinary map is generated
from all of the steps until step i in a scan-path: S?=
{B1,B2,...,Bn} where Bi = A1∨ A2∨ ... ∨ Ai. In
other words, Bi = Bi−1∨ Aiand B1 = A1. Next, we
calculate {C1,C2,...,Cn} where Ci = Bi∧ δ, the in-
tersection (logical “and”) of each element Biwith δ, and