智能化的安卓手势密码取证关键技术

doi:10.11959/j.issn.2096-109x.2022005

网络与信息安全学报 ›› 2022, Vol. 8 ›› Issue (1): 118-127.doi: 10.11959/j.issn.2096-109x.2022005

智能化的安卓手势密码取证关键技术

裘佳浩¹, 邱卫东¹, 王杨德¹, 查言¹, 谢宇明¹, 李岩²

¹ 上海交通大学网络空间安全学院，上海200240
² 司法鉴定科学研究院上海市司法鉴定专业技术服务平台司法部司法鉴定重点实验室，上海 200063

修回日期:2021-10-29 出版日期:2022-02-15 发布日期:2022-02-01
作者简介:裘佳浩（1999− ），男，浙江杭州人，上海交通大学硕士生，主要研究方向为计算机取证、密码安全
邱卫东（1973− ），男，江西修水人，上海交通大学教授、博士生导师，主要研究方向为计算机取证、密码分析、人工智能安全、大数据隐私保护
王杨德（1987− ），男，辽宁沈阳人，上海交通大学博士生，主要研究方向为计算机取证、密码分析
查言（2000− ），男，安徽安庆人，上海交通大学硕士生，主要研究方向为人工智能、密码安全
谢宇明（1996− ），男，湖北武汉人，上海交通大学硕士生，主要研究方向为人工智能、密码安全
李岩（1985− ），男，湖北老河口人，硕士，司法鉴定科学研究院高级工程师，主要研究方向为电子数据、声像资料鉴定技术及标准化
基金资助:
科研院所公益研究专项(GY2019G-2);科研院所公益研究专项(GY2020G-6)

Intellectualized forensic technique for Android pattern locks

Jiahao QIU¹, Weidong QIU¹, Yangde WANG¹, Yan ZHA¹, Yuming XIE¹, Yan LI²

¹ School of Cyber Science and Engineering, Shanghai Jiao Tong University, Shanghai 200240, China
² Key Laboratory of Forensic Science, Shanghai Forensic Service Platform, Ministry of Justice, Academy of Forensic Science, Shanghai 200063, China

Revised:2021-10-29 Online:2022-02-15 Published:2022-02-01
Supported by:
Fundamental Research Funds for the Central Scientific Research Institutions(GY2019G-2);Fundamental Research Funds for the Central Scientific Research Institutions(GY2020G-6)

摘要/Abstract

摘要：

在电子数据取证中，如何对手机等移动设备进行屏幕解锁一直是亟待攻克的难题。将手势图形密码这种广泛应用于手机屏幕解锁以及软件访问授权的密码防护机制作为研究对象，针对已有的手势图形密码还原技术存在的隐蔽性差、实用性低、非智能化、场景单一等弊端，从肩膀冲浪、监控摄像、现场取证等场景中抽象出两个基本的威胁模型，提出一种多场景下的手势图形密码侧信道攻击技术方法。该方法以监控摄像头或人工拍摄视频数据为基础，采用智能视觉识别技术，实时而动态地对视频中目标设备和解锁生物关键点进行识别、选择与跟踪；随后采用空间映射和剪枝算法，将离散的跟踪轨迹进行整合，使用降噪算法对跟踪轨迹进行去冗余和优化，定位出视频中绘制手势图形密码的关键转折点；最后将精简的轨迹与手势图形密码的规则进行比对和匹配，根据置信度对实际绘制的手势图形密码进行猜测和还原。实验结果表明，在监控摄像场景中，即设备屏幕可见场景下，所提技术对手势图形密码的 10 次尝试成功率为89%，20次尝试成功率为99.3%；在面对面拍摄场景中，即屏幕和手部关键点被遮挡情况下，10次尝试成功率为82%，20次尝试成功率为89.3%；拍摄水平距离的增加在监控摄像场景下对成功率的影响较明显，但随着尝试次数的增加影响逐渐降低；复杂密码在所提技术中无法起到更好的保护作用，在 20 次尝试内，复杂密码的破解成功率始终高于简单密码；拍摄角度偏转在5°以内对破解成功率几乎没有影响。

关键词: 手势图形密码, 智能视觉识别, 电子数据取证, 侧信道攻击

Abstract:

In the field of digital forensics, how to unlock mobile devices such as phones has always been an urgent problem to overcome.As a special kind of password, pattern lock is widely used in mobile phone screen unlock and software access authorization.Existing pattern lock cracking techniques have several non-negligible disadvantages, such as poor concealment, low practicability, non-intelligence and single application scenario.Two basic threat models were abstracted from shoulder surfing, surveillance camera, and real-time forensics, and a multi-scenario side channel attack on pattern locks was proposed.Based on the data of surveillance camera or manual video, intelligent vision recognition algorithms were adopted to identify, select and track the target device and biological key points in the video dynamically.Then, discrete tracking points were integrated by spatial mapping and pruning algorithm.The denoising algorithm was used to eliminate redundancy and optimize the trajectory.Through procedures above, the original trajectory was simplified into regular polylines defined by several key turning points.Finally, the simplified pattern was compared and matched with the rules of legal pattern locks to inference and retort its actual pattern.Possible candidates will be sorted in the output according to their confidences.Results show that in the surveillance camera scenario, where the device screen is always visible, the cracking success rate of our technique is 89% for 10 attempts and 99.3% for 20 attempts.In the face-to-face scenario, where the subject consciously blocks the screen and his drawing finger, the success rate was 82% after 10 attempts and 89.3% after 20 attempts.In the surveillance camera scenario, the increase of shooting horizontal distance can significantly decrease the cracking success rate.But this effect diminishes with the increase of the number of attempts.Results show that the cracking success rate of the complex password is always higher than that of the simple password during 20 attempts, which means a complex pattern lock cannot play a better protection role if the proposed technique is applied.Shooting angle deflection within 5° has little effect on the success rate of cracking.

Key words: pattern lock, intelligent vision recognition, digital forensics, side channel attack

中图分类号:

TP309

裘佳浩, 邱卫东, 王杨德, 查言, 谢宇明, 李岩. 智能化的安卓手势密码取证关键技术[J]. 网络与信息安全学报, 2022, 8(1): 118-127.

Jiahao QIU, Weidong QIU, Yangde WANG, Yan ZHA, Yuming XIE, Yan LI. Intellectualized forensic technique for Android pattern locks[J]. Chinese Journal of Network and Information Security, 2022, 8(1): 118-127.

图/表 11

表1

图1

图2

图3

图4

表2

图5

图6

图7

图8

图9

参考文献 33

[1]	WEISS R , DE LUCA A . PassShapes:utilizing stroke based authentication to increase password memorability[C]// Proceedings of the 5th Nordic Conference on Human-computer Interaction:Building Bridges. 2008: 383-392.
[2]	YE G X , TANG Z Y , FANG D Y ,et al. Cracking android pattern lock in five attempts[C]// Proceedings 2017 Network and Distributed System Security Symposium. 2017.
[3]	AVIV A J , GIBSON K L , MOSSOP E ,et al. Smudge attacks on smartphone touch screens[J]. Woot, 2010,10: 1-7.
[4]	ZHANG J , ZHENG X L , TANG Z Y ,et al. Privacy leakage in mobile sensing:your unlock passwords can be leaked through wireless hotspot functionality[J]. Mobile Information Systems, 2016,(2016):8793025.
[5]	ABDELRAHMAN Y , KHAMIS M , SCHNEEGASS S ,et al. Stay cool! understanding thermal attacks on mobile-based user authentication[C]// Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems. 2017: 3751-3763.
[6]	ZHOU M , WANG Q , YANG J X ,et al. PatternListener:cracking android pattern lock using acoustic signals[C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. 2018: 1775-1787.
[7]	EIBAND M , KHAMIS M , VON ZEZSCHWITZ E ,et al. Understanding shoulder surfing in the wild:stories from users and observers[C]// Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems. 2017: 4254-4265.
[8]	WIEDENBECK S , WATERS J , SOBRADO L ,et al. Design and evaluation of a shoulder-surfing resistant graphical password scheme[C]// Proceedings of the Working Conference on Advanced Visual Interfaces. 2006: 177-184.
[9]	KUMAR M , GARFINKEL T , BONEH D ,et al. Reducing shoulder-surfing by using gaze-based password entry[C]// Proceedings of the 3rd Symposium on Usable Privacy and Security -SOUPS '07. 2007: 13-19.
[10]	ROTH V , RICHTER K , FREIDINGER R . A PIN-entry method resilient against shoulder surfing[C]// Proceedings of the 11th ACM Conference on Computer and Communications Security. 2004: 236-245.
[11]	WINKLER T , RINNER B . User-centric privacy awareness in video surveillance[J]. Multimedia Systems, 2012,18(2): 99-121.
[12]	GELBORD B , ROELOFSEN G . New surveillance techniques raise privacy concerns[J]. Communications of the ACM, 2002,45(11): 23-24.
[13]	WINKLER T , RINNER B . Security and privacy protection in visual sensor networks:a survey[J]. ACM Computing Surveys, 2014,47(1): 2.
[14]	SCHIFF J , MEINGAST M , MULLIGAN D K ,et al. Respectful cameras:detecting visual markers in real-time to address privacy concerns[M]// Protecting Privacy in Video Surveillance, 2009: 65-89.
[15]	KORSHUNOV P , EBRAHIMI T . Using warping for privacy protection in video surveillance[C]// Proceedings of 2013 18th International Conference on Digital Signal Processing (DSP). 2013: 1-6.
[16]	GUERAR M , MIGLIARDI M , PALMIERI F ,et al. Securing PIN-based authentication in smartwatches with just two gestures[J]. Concurrency and Computation:Practice and Experience, 2020,32(18): e5549.
[17]	LU C X , DU B W , WEN H K ,et al. Snoopy[J]. Proceedings of the ACM on Interactive,Mobile,Wearable and Ubiquitous Technologies, 2018,1(4): 1-29.
[18]	WANG C , GUO X N , CHEN Y Y ,et al. Personal PIN leakage from wearable devices[J]. IEEE Transactions on Mobile Computing, 2018,17(3): 646-660.
[19]	SHUKLA D , PHOHA V V . Stealing passwords by observing hands movement[J]. IEEE Transactions on Information Forensics and Security, 2019,14(12): 3086-3101.
[20]	SHUKLA D , KUMAR R , SERWADDA A ,et al. Beware,your hands reveal your secrets![C]// Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. 2014: 904-917.
[21]	CHEN T , FARCASIN M , CHAN-TIN E , . Smartphone passcode prediction[J]. IET Information Security, 2018,12(5): 431-437.
[22]	BALAGANI K S , CONTI M , GASTI P ,et al. SILK-TV:secret information leakage from keystroke timing videos[M]// Computer Security. Cham: Springer International Publishing, 2018: 263-280.
[23]	BALAGANI K , CARDAIOLI M , CONTI M ,et al. PILOT:password and PIN information leakage from obfuscated typing videos[J]. Journal of Computer Security, 2019,27(4): 405-425.
[24]	XU Y , HEINLY J , WHITE A M ,et al. Seeing double:reconstructing obscured typed input from repeated compromising reflections[C]// Proceedings of the 2013 ACM SIGSAC Conference on Computer ＆ Communications Security. 2013: 1063-1074.
[25]	YUE Q G , LING Z , FU X W ,et al. Blind recognition of touched keys on mobile devices[C]// Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. 2014: 1403-1414.
[26]	Barrett D . One surveillance camera for every 11 people in Britain,says CCTV survey[J]. The Telegraph, 2013,10.
[27]	REDMON J , FARHADI A . YOLOv3:an incremental improvement[J]. arXiv preprint arXiv:1804.02767, 2018.
[28]	SIMON T , JOO H , MATTHEWS I ,et al. Hand keypoint detection in single images using multiview bootstrapping[C]// Proceedings of 2017 IEEE Conference on Computer Vision and Pattern Recognition. 2017: 4645-4653.
[29]	LUKE?IC A , VOJíR T , ZAJC L C ,et al. Discriminative correlation filter with channel and spatial reliability[C]// Proceedings of 2017 IEEE Conference on Computer Vision and Pattern Recognition. 2017: 4847-4856.
[30]	DOUGLAS D H , PEUCKER T K . Algorithms for the reduction of the number of points required to represent a digitized line or its caricature[J]. Cartographica:the International Journal for Geographic Information and Geovisualization, 1973,10(2): 112-122.
[31]	KENDALL M G . Rank correlation methods[J]. Biometrika, 1957,44(1/2): 298.
[32]	SPEARMAN C . General intelligence,objectively determined and measured[J]. The American Journal of Psychology, 1904,15(2): 201-292.
[33]	SUN C , WANG Y , ZHENG J . Dissecting pattern unlock:the effect of pattern strength meter on pattern selection[J]. Journal of Information Security and Applications, 2014,19(4/5): 308-320.

攻击方法	隐蔽性	实用性	鲁棒性	遮挡场景	自动化
涂抹攻击^[3]	×	×	×	√	×
无线信号攻击^[4]	√	×	×	√	×
热成像攻击^[5]	×	√	√	×	×
声学攻击^[6]	√	×	×	√	√
视频攻击(Ye)^[2]	√	√	√	×	×
本文方法	√	√	√	√	√

影响因素	Kendall	Spearman
角度	0.905 2	0.978 6
长度	0.668 6	0.810 9
角度＆长度	-0.059 7	-0.086 8

智能化的安卓手势密码取证关键技术

Intellectualized forensic technique for Android pattern locks

在线阅读

pdf下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 11

参考文献 33

相关文章 6

Metrics

推荐阅读 0

[1]	李玎, 祝跃飞, 芦斌, 林伟. 网络加密流量侧信道攻击研究综述[J]. 网络与信息安全学报, 2021, 7(4): 114-130.
[2]	潘启润,黄开枝,游伟. 基于隔离等级的网络切片部署方法[J]. 网络与信息安全学报, 2020, 6(2): 96-105.
[3]	孔凡玉,乔咏,刘蓬涛,刘晓东,周大水. RSA-CRT密码防御算法的故障注入攻击[J]. 网络与信息安全学报, 2019, 5(1): 30-36.
[4]	赵硕,季新生,程国振,毛宇星. 面向多租户的关键虚拟机动态迁移方法研究[J]. 网络与信息安全学报, 2017, 3(8): 8-17.
[5]	任君,熊金波,姚志强. 基于差分隐私模型的云数据副本安全控制方案[J]. 网络与信息安全学报, 2017, 3(5): 38-46.
[6]	贾徽徽,王潮,顾健,宋好好,唐迪. ECC计时攻击研究与仿真[J]. 网络与信息安全学报, 2016, 2(4): 56-63.