Home > Research > Datasets > Pattern Lock Data Set for NDSS'17 paper entitle...

Electronic data

  • NDSS17.zip

    164 KB, multipart/x-zip


    Available under license: CC BY

View graph of relations

Pattern Lock Data Set for NDSS'17 paper entitled "Cracking Android Pattern Lock in Five Attempts" Version 2



# Data Source

The 215 patterns (120 unique) were collected by Guixin Ye, Zhanyong Tang, Dingyi Fang, Xiaojiang Chen, Kwang In Kim, Ben Taylor, and Zheng Wang around 2016/2017 in the context of the following publications:

## Cracking Android Pattern Lock in Five Attempt
% https://www.ndss-symposium.org/ndss2017/ndss-2017-programme/cracking-android-pattern-lock-five-attempts/
author = {Ye, Guixin and Tang, Zhanyong and Fang, Dingyi and Chen, Xiaojiang and Kim, Kwang In and Taylor, Ben and Wang, Zheng},
title = {{Cracking Android Pattern Lock in Five Attempts}},
booktitle = {Symposium on Network and Distributed System Security},
year = {2017},
series = {NDSS~'17},
pages = {},
address = {San Diego, California, USA},
month = feb,
publisher = {ISOC}
} % NDSS does not have page numbers

## A Video-based Attack for Android Pattern Lock
% http://www.lancaster.ac.uk/staff/wangz3/publication/tops18/
author = {Ye, Guixin and Tang, Zhanyong and Fang, Dingyi and Chen, Xiaojiang and Wolff, Willy and Aviv, Adam J. and Wang, Zheng},
title = {{A Video-based Attack for Android Pattern Lock}},
journal = {ACM Transactions on Privacy and Security},
year = {2018},
volume = {21},
number = {4},
pages = {19:1--19:31},
month = jul,
publisher = {ACM}

# Notes
- This version updates the original dataset post at: DOI: 10.17635/lancaster/researchdata/113.
- It provides the multiplicities statistics collected through out user study.

# Data Collection
The patterns used in our evaluation were collected from users who use at least one Android device (a smartphone or a tablet) on a daily basis.
To collect the patterns, we have distributed over 1,000 survey forms and collected back 215 valid forms, resulting in 120 unique patterns.
Our participants include 95 females and 120 males who were undergraduate or postgraduate students at the host university.
The majority of our participants are in an age group of under 30.

To collect the patterns, we have conducted a "pen-and-paper" survey by asking participants to fill in an anonymized questionnaire.
The questionnaire and survey were approved by the research ethics board (REB) of the host institution.
Our participants were well informed on the purpose of the study and how the data will be managed and used.
The survey forms were distributed as voluntary homework so that the participants can take the survey form away to fill in.
Users were invited to return the survey form anonymously within three weeks to a dedicated, locked mailbox, if they wish to participate in the study.
To avoid a user submits multiple copies of the same form, each survey form is given a unique, randomly generated 32-digital number.

- **(Case 0: "Used")**:
Overall, 37.6% of our participants confirmed that they use pattern lock as the screen lock to protect their Android devices on a daily basis; and 33% of those who do not use a pattern as their screen lock said that they are often required to use a pattern for authentication by an application like Alipay.
- **(Case 1: "Currently being used")**:
Furthermore, 60% of our participants also indicated that the pattern they provided is currently being used or have been in the past by themselves.
- **(Case 2: "Will be used")**:
Other participants (often those did not use a locking pattern on a daily basis) indicated that they have provided a pattern which they would like to use if
a locking pattern is required.

Based on this information, we are confident that the patterns we collected represent some of the real world patterns.
Finally, all participants believe that a complex pattern provides stronger protection than a simple counterpart.

# Parsing and Transcription
Data was carefully transcribed into a textual representation following a four-eyes principle by [Maximilian Golla](maximilian.golla@rub.de) and [Daniel V. Bailey](danbailey@sth.rub.de) on Fri, 30 Nov 2018.
After transcribing the data once, "reading out loud and writing down"-rolls were switched, and the data was transcribed a second time to detect and avoid any human errors.
During this process two invalid patterns have been found and could be fixed due to the continuous support by [Guixin Ye](gxye@stumail.nwu.edu.cn).

While there exist some minor vendor specific variations, the patterns are typically "drawn" using 9 nodes arranged in a 3x3 grid.
A valid pattern consists of 4 to 9 nodes, only straight lines are allowed, no node can be selected more than once, and all nodes along a path are connected (unless a node was selected before).
A pattern P is defined as a sequence of nodes, e.g., for the Z-shaped pattern.
When referring to specific nodes in the grid, we use the numeric labeling, starting with 0 in the upper left and ending with 8 in the lower right, as depicted below:
0 1 2
3 4 5
6 7 8

# Versioning and Change Log
## [1.0.0] - 2018-11-30
### Added
- Initial release
Date made available3/12/2018
PublisherLancaster University

Contact person