{"id":"https://openalex.org/W3186249566","doi":"https://doi.org/10.1155/2021/6245306","title":"Security Analysis and Bypass User Authentication Bound to Device of Windows Hello in the Wild","display_name":"Security Analysis and Bypass User Authentication Bound to Device of Windows Hello in the Wild","publication_year":2021,"publication_date":"2021-07-23","ids":{"openalex":"https://openalex.org/W3186249566","doi":"https://doi.org/10.1155/2021/6245306","mag":"3186249566"},"language":"en","primary_location":{"id":"doi:10.1155/2021/6245306","is_oa":true,"landing_page_url":"https://doi.org/10.1155/2021/6245306","pdf_url":"https://downloads.hindawi.com/journals/scn/2021/6245306.pdf","source":{"id":"https://openalex.org/S120683614","display_name":"Security and Communication Networks","issn_l":"1939-0114","issn":["1939-0114","1939-0122"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319869","host_organization_name":"Hindawi Publishing Corporation","host_organization_lineage":["https://openalex.org/P4310319869"],"host_organization_lineage_names":["Hindawi Publishing Corporation"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Security and Communication Networks","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://downloads.hindawi.com/journals/scn/2021/6245306.pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5073613314","display_name":"Ejin Kim","orcid":"https://orcid.org/0000-0001-5552-5718"},"institutions":[{"id":"https://openalex.org/I848706","display_name":"Sungkyunkwan University","ror":"https://ror.org/04q78tk20","country_code":"KR","type":"education","lineage":["https://openalex.org/I848706"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Ejin Kim","raw_affiliation_strings":["Department of Electrical and Computer Engineering, Sungkyunkwan University, Suwon 16419, Republic of Korea"],"raw_orcid":"https://orcid.org/0000-0001-5552-5718","affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Sungkyunkwan University, Suwon 16419, Republic of Korea","institution_ids":["https://openalex.org/I848706"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5050697645","display_name":"Hyoung-Kee Choi","orcid":null},"institutions":[{"id":"https://openalex.org/I848706","display_name":"Sungkyunkwan University","ror":"https://ror.org/04q78tk20","country_code":"KR","type":"education","lineage":["https://openalex.org/I848706"]}],"countries":["KR"],"is_corresponding":true,"raw_author_name":"Hyoung-Kee Choi","raw_affiliation_strings":["College of Software, Sungkyunkwan University, Suwon 16419, Republic of Korea"],"raw_orcid":"https://orcid.org/0000-0002-5342-5913","affiliations":[{"raw_affiliation_string":"College of Software, Sungkyunkwan University, Suwon 16419, Republic of Korea","institution_ids":["https://openalex.org/I848706"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5050697645"],"corresponding_institution_ids":["https://openalex.org/I848706"],"apc_list":{"value":2100,"currency":"USD","value_usd":2100},"apc_paid":{"value":2100,"currency":"USD","value_usd":2100},"fwci":0.8532,"has_fulltext":true,"cited_by_count":4,"citation_normalized_percentile":{"value":0.79268099,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":"2021","issue":null,"first_page":"1","last_page":"13"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9927999973297119,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8479984998703003},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6569729447364807},{"id":"https://openalex.org/keywords/login","display_name":"Login","score":0.603418231010437},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.5874457955360413},{"id":"https://openalex.org/keywords/windows-vista","display_name":"Windows Vista","score":0.5101869106292725},{"id":"https://openalex.org/keywords/window","display_name":"Window (computing)","score":0.4861152172088623},{"id":"https://openalex.org/keywords/microsoft-windows","display_name":"Microsoft Windows","score":0.4655516743659973},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.35498666763305664},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.12155678868293762}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8479984998703003},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6569729447364807},{"id":"https://openalex.org/C113324615","wikidata":"https://www.wikidata.org/wiki/Q472302","display_name":"Login","level":2,"score":0.603418231010437},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.5874457955360413},{"id":"https://openalex.org/C527868296","wikidata":"https://www.wikidata.org/wiki/Q11230","display_name":"Windows Vista","level":4,"score":0.5101869106292725},{"id":"https://openalex.org/C2778751112","wikidata":"https://www.wikidata.org/wiki/Q835016","display_name":"Window (computing)","level":2,"score":0.4861152172088623},{"id":"https://openalex.org/C508378895","wikidata":"https://www.wikidata.org/wiki/Q1406","display_name":"Microsoft Windows","level":3,"score":0.4655516743659973},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.35498666763305664},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.12155678868293762}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1155/2021/6245306","is_oa":true,"landing_page_url":"https://doi.org/10.1155/2021/6245306","pdf_url":"https://downloads.hindawi.com/journals/scn/2021/6245306.pdf","source":{"id":"https://openalex.org/S120683614","display_name":"Security and Communication Networks","issn_l":"1939-0114","issn":["1939-0114","1939-0122"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319869","host_organization_name":"Hindawi Publishing Corporation","host_organization_lineage":["https://openalex.org/P4310319869"],"host_organization_lineage_names":["Hindawi Publishing Corporation"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Security and Communication Networks","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:e8791cc6402d4b22a2c03b19834cf87a","is_oa":false,"landing_page_url":"https://doaj.org/article/e8791cc6402d4b22a2c03b19834cf87a","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Security and Communication Networks, Vol 2021 (2021)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1155/2021/6245306","is_oa":true,"landing_page_url":"https://doi.org/10.1155/2021/6245306","pdf_url":"https://downloads.hindawi.com/journals/scn/2021/6245306.pdf","source":{"id":"https://openalex.org/S120683614","display_name":"Security and Communication Networks","issn_l":"1939-0114","issn":["1939-0114","1939-0122"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319869","host_organization_name":"Hindawi Publishing Corporation","host_organization_lineage":["https://openalex.org/P4310319869"],"host_organization_lineage_names":["Hindawi Publishing Corporation"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Security and Communication Networks","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.7900000214576721,"id":"https://metadata.un.org/sdg/10","display_name":"Reduced inequalities"}],"awards":[{"id":"https://openalex.org/G1155356335","display_name":null,"funder_award_id":"2019-0-01343","funder_id":"https://openalex.org/F4320322030","funder_display_name":"Ministry of Science, ICT and Future Planning"},{"id":"https://openalex.org/G2325797177","display_name":null,"funder_award_id":"2019-0-01343","funder_id":"https://openalex.org/F4320335489","funder_display_name":"Institute for Information and Communications Technology Promotion"},{"id":"https://openalex.org/G263811790","display_name":null,"funder_award_id":"2019-0-01343","funder_id":"https://openalex.org/F4320328359","funder_display_name":"Ministry of Science and ICT, South Korea"}],"funders":[{"id":"https://openalex.org/F4320322030","display_name":"Ministry of Science, ICT and Future Planning","ror":"https://ror.org/032e49973"},{"id":"https://openalex.org/F4320328359","display_name":"Ministry of Science and ICT, South Korea","ror":"https://ror.org/01wpjm123"},{"id":"https://openalex.org/F4320335489","display_name":"Institute for Information and Communications Technology Promotion","ror":"https://ror.org/01g0hqq23"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3186249566.pdf","grobid_xml":"https://content.openalex.org/works/W3186249566.grobid-xml"},"referenced_works_count":20,"referenced_works":["https://openalex.org/W125723180","https://openalex.org/W1746848557","https://openalex.org/W2607361454","https://openalex.org/W2750910987","https://openalex.org/W2787947285","https://openalex.org/W2911311548","https://openalex.org/W2915893383","https://openalex.org/W2966043835","https://openalex.org/W2996744292","https://openalex.org/W3035054179","https://openalex.org/W3037285711","https://openalex.org/W3082594886","https://openalex.org/W3089732911","https://openalex.org/W3108965633","https://openalex.org/W3125712971","https://openalex.org/W3137615531","https://openalex.org/W4229779697","https://openalex.org/W4233928240","https://openalex.org/W4251849043","https://openalex.org/W4287950421"],"related_works":["https://openalex.org/W2462491885","https://openalex.org/W2495294848","https://openalex.org/W4256444941","https://openalex.org/W2339609355","https://openalex.org/W26165096","https://openalex.org/W2482084385","https://openalex.org/W2281065640","https://openalex.org/W2490113473","https://openalex.org/W2494279214","https://openalex.org/W232475811"],"abstract_inverted_index":{"Windows":[0,13,42,59,74,87],"Hello":[1,43,75],"is":[2,28,50,76],"a":[3,17,45,67,82,100,104],"Fast":[4],"IDentity":[5],"Online-":[6],"(FIDO-)":[7],"based":[8],"new":[9],"login":[10],"system":[11],"for":[12,30,73,133],"10,":[14],"which":[15],"provides":[16],"single":[18],"sign-on":[19],"(SSO)":[20],"service":[21],"to":[22,37,85,102,121,126],"diverse":[23],"online":[24,111],"applications.":[25],"Hardware":[26],"protection":[27,49],"essential":[29],"Window":[31],"Hello\u2019s":[32,60,88],"security.":[33,61,89],"This":[34],"paper":[35],"aims":[36],"examine":[38],"the":[39,54,70,91,115],"security":[40],"of":[41,58,117],"on":[44,66],"device":[46,101],"where":[47],"hardware":[48],"unavailable.":[51],"We":[52,80,113],"present":[53],"first":[55],"detailed":[56],"analysis":[57],"The":[62],"results":[63],"show":[64],"that,":[65],"hardware-unsupported":[68],"device,":[69],"authentication":[71,97],"data":[72,98],"not":[77],"properly":[78],"protected.":[79],"propose":[81],"migration":[83],"attack":[84,120],"compromise":[86],"In":[90],"proposed":[92],"attack,":[93],"an":[94,119],"attacker":[95],"extracts":[96],"from":[99],"impersonate":[103],"victim":[105],"in":[106],"his":[107],"or":[108],"her":[109],"Microsoft":[110],"account.":[112],"consider":[114],"possibility":[116],"such":[118],"be":[122],"serious":[123],"and":[124,129],"harmful":[125],"our":[127],"society":[128],"demand":[130],"immediate":[131],"attention":[132],"remediation.":[134]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2}],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-10-10T00:00:00"}