电信科学 ›› 2019, Vol. 35 ›› Issue (10): 100-116.doi: 10.11959/j.issn.1000-0801.2019196
葛凯强1,2, 陈铁明2,3
修回日期:
2019-07-29
出版日期:
2019-10-20
发布日期:
2019-11-03
作者简介:
葛凯强(1992- ),男,浙江工业大学教育科学与技术学院硕士生,主要研究方向为物联网教育、物联网安全|陈铁明(1978- ),男,博士,浙江工业大学计算机科学与技术学院教授、博士生导师,浙江省网络安全创新研究中心主任,主要研究方向为网络与信息安全
基金资助:
Kaiqiang GE1,2, Tieming CHEN2,3
Revised:
2019-07-29
Online:
2019-10-20
Published:
2019-11-03
Supported by:
摘要:
随着物联网和人工智能等技术的发展,人机交互应用也在不断推陈出新。然而,人机交互技术的发展也伴生新的安全问题,人机交互安全攻击事件频发。综述分析了 4 种人机交互技术——HID-USB、指纹识别、语音识别和人脸识别的安全攻防现状及攻防效益,并探讨未来人机交互安全的研究方向,同时给出了一些建议。
中图分类号:
葛凯强, 陈铁明. 人机交互安全攻防综述[J]. 电信科学, 2019, 35(10): 100-116.
Kaiqiang GE, Tieming CHEN. A survey of attack and defense on human-computer interaction security[J]. Telecommunications Science, 2019, 35(10): 100-116.
[1] | 赵永惠 . 人机交互研究综述[J]. 信息与电脑(理论版), 2017(23): 24-25,28. |
ZHAO Y H . Survey of human-computer interaction research[J]. China Computer & Communication, 2017(23): 24-25,28. | |
[2] | CARD S , MORAN T P , NEWELL A . The psychology of human-computer interaction[M]. Hillsdale:Lawrence Erlbaum Associates,Inc. 1983. |
[3] | 吕志强, 薛亚楠, 张宁 ,等. 恶意 USB 设备安全技术研究综述[J]. 信息安全研究, 2018,4(7): 639-645. |
LV Z Q , XUE Y N , ZHANG N ,et al. Research on USB-HID device security[J]. Journal of Information Security Research, 2018,4(7): 639-645. | |
[4] | NISSIM N , YAHALOM R , ELOVICI Y . USB-based attacks[J]. Computers & Security, 2017(70): 675-688. |
[5] | CRENSHAW A . Programmable HID USB keystroke dongle:using the Teensy as a pen testing device[EB].2010. 2010. |
[6] | MONTA E . URFUKED[EB]. 2010. |
[7] | KAMKAR S . USBdriveby[EB]. 2014. |
[8] | FEROZ R . Evilduino!-USB hack tool[EB]. 2015. |
[9] | CLARK J , LEBLANC S , KNIGHT S . Compromise through USB-based hardware trojan horse device[J]. Future Generation Computer Systems, 2011,27(5): 555-563. |
[10] | NSA Playset. TURNIPSCHOOL[EB]. 2016. |
[11] | MULLINER C , MICHéLE B , . Read it twice! A mass-storage-based TOCTTOU attack[C]// The 6th USENIX Conference on Offensive Technologies,August 6-7,2012,Bellevue,WA,USA. New York:ACM Press, 2012: 105-112. |
[12] | Samy. KeySweeper[EB]. 2015. |
[13] | SRLab[EB]. 2014. |
[14] | WANG Z , STAVROU A . Exploiting smart-phone usb connectivity for fun and profit[C]// The 26th Annual Computer Security Applications Conference,December 6-10,2010,Austin,Texas,USA. New York:ACM Press, 2010: 357-366. |
[15] | CAUDILL A , WILSON B . Making BadUSB work for you[J]. 2014. |
[16] | LANGNER R . Stuxnet:dissecting a cyberwarfare weapon[J]. IEEE Security & Privacy, 2011,9(3): 49-51. |
[17] | HALDERMAN J A , SCHOEN S D , HENINGER N ,et al. Lest we remember:cold-boot attacks on encryption keys[J]. Communications of the ACM, 2009,52(5): 91-98. |
[18] | Wikipedia. Juice jacking[EB]. 2018. |
[19] | GURI M , MONITZ M , ELOVICI Y . USBee:air-gap covert-channel via electromagnetic emission from USB[C]// 2016 14th Annual Conference on Privacy,Security and Trust (PST),Dec 12-14,2016,Auckland,New Zealand. Piscataway:IEEE Press, 2016: 264-268. |
[20] | USB killer v2.0[EB]. 2015. |
[21] | TIAN D J , BATES A , BUTLER K . Defending against malicious USB firmware with GoodUSB[C]// The 31st Annual Computer Security Applications Conference,December 7-11,2015,Los Angeles,CA,USA. New York:ACM Press, 2015: 261-270. |
[22] | BARBHUIYA F A , SAIKIA T , NANDI S . An anomaly based approach for HID attack detection using keystroke dynamics[M]// Cyberspace Safety and Security. Berlin:Springer, 2012: 139-152. |
[23] | 王曙光 . 指纹识别技术综述[J]. 信息安全研究, 2016,2(4): 343-355. |
WANG S G . A survey of fingerprint recognition technology[J]. Journal of Information Security Research, 2016,2(4): 343-355. | |
[24] | GALTON F . Fingerprints[M]. London: MacmillanPress, 1892. |
[25] | 顾陈磊, 刘宇航, 聂泽东 ,等. 指纹识别技术发展现状[J]. 中国生物医学工程学报, 2017,36(4): 470-482. |
GU C L , LIU Y H , NIE Z D ,et al. A review of fingerprint recognition technology[J]. Chinese Journal of Biomedical Engineering, 2017,36(4): 470-482. | |
[26] | 温婧 . 橘子皮能解指纹识别锁?专家:不要给手机贴指纹贴[J]. 广西质量监督导报, 2018(2): 14-15. |
WEN J . Orange peel can solve the fingerprint identification lock? Expert:do not give the mobile phone a fingerprint sticker[J]. Guangxi Quality Supervision Guide Periodical, 2018(2): 14-15. | |
[27] | 超声波指纹传感器将大体提升指纹传感器安全系数[J]. 电子世界, 2015(13):21. |
WEN J . Ultrasonic fingerprint sensor will greatly improve the safety factor of fingerprint sensor[J]. Electronics World, 2015(13):21. | |
[28] | 范丽芳 . 芯片安全防护技术助力指纹识别系统安全[J]. 电子产品世界, 2017,24(1): 72-73,36. |
FAN L F . Chip security technology guarantees the security of fingerprint identification system[J]. Qutlook of Electronic Technology, 2017,24(1): 72-73,36. | |
[29] | 王群峰 . 指纹识别系统活体检测技术研究[D]. 广州:广东工业大学, 2016. |
WANG Q F . Research on liveness detection technique in fingerprint identification system[D]. Guangzhou:Guangdong University of Technology, 2016. | |
[30] | 叶文炜, 何丽鹏, 林峰 . 指纹静脉多模识别光学系统的设计[J]. 激光与光电子学进展, 2018,55(9): 370-376. |
YE W W , HE L P , LIN F . Design of optical system for multimode recognition based on fingerprint and veins[J]. Laser &Optoelectronics Progress, 2018,55(9): 370-376. | |
[31] | SCHLüTER R , DOETSCH P , GOLIK P ,et al. Automatic speech recognition based on neural networks[M]. Berlin: SpringerPress, 2016: 3-17. |
[32] | CARLINI N , WAGNER D . Audio adversarial examples:targeted attacks on speech-to-text[J]. arXiv:1801.01944, 2018. |
[33] | 李山路, 王泳, 甘俊英 . 重录语音检测算法[J]. 信号处理, 2017,33(1): 95-101. |
LI S L , WANG Y , GAN J Y . An algorithm of speech recapture detection[J]. Journal of Signal Processing, 2017,33(1): 95-101. | |
[34] | 王志锋, 贺前华, 张雪源 ,等. 基于信道模式噪声的录音回放攻击检测[J]. 华南理工大学学报(自然科学版), 2011,39(10): 7-12. |
WANG Z F , HE Q H , ZHANG X Y ,et al. Playback attack detection based on channel pattern noise[J]. Journal of South China University of Technology(Natural Science Edition), 2011,39(10): 7-12. | |
[35] | PAL M , SAHA G . On robustness of speech based biometric systems against voice conversion attack[J]. Applied Soft Computing, 2015(30): 214-228. |
[36] | 苏楠, 吴冰, 徐伟 ,等. 人脸识别综合技术的发展[J]. 信息安全研究, 2016,2(1): 33-39. |
SU N , WU B , XU W ,et al. The Comprehensive Technology Development of Face Recognition[J]. Journal of Information Security Research, 2016,2(1): 33-39. | |
[37] | 龚飞, 金炜, 朱珂晴 ,等. 采用双字典协作稀疏表示的光照及表情顽健人脸识别[J]. 电信科学, 2017,33(3): 52-58. |
GONG F , JIN W , ZHU K Q ,et al. Illumination and expression robust face recognition using collaboration of double- dictionary’s sparse representation-based classification[J]. Telecommunications Science, 2017,33(3): 52-58. | |
[38] | RONG C , YUE Z . A novel feature selection and extraction method for sequence images of lip-reading[M]// Advances in Automation and Robotics. Berlin:Springer, 2011: 347-353. |
[39] | ELREFAEI L A , HAMID D H , BAYAZED A A ,et al. Developing iris recognition system for smartphone security[J]. Multimedia Tools and Applications, 2018,77(12): 14579-14603. |
[40] | SIVARATHINABALA M , ABIRAMI S , BASKARAN R . A study on security and surveillance system using gait recognition[M]// Intelligent Techniques in Signal Processing for Multimedia Security. Berlin:Springer, 2017: 227-252. |
[41] | TAN D , NIJHOLT A . Brain-computer interfaces and human-computer interaction[M]// Brain-Computer Interfaces. New York:ACM Press, 2010: 3-19. |
[42] | SU M L , FENG Z Y . Virtual reality technology[M]. New York: ACM PressPress, 2003. |
[43] | 陈山枝 . 发展5G的分析与建议[J]. 电信科学, 2016,32(7): 1-10. |
CHEN S Z . Analysis and suggestion of future 5G directions[J]. Telecommunications Science, 2016,32(7): 1-10. | |
[44] | 潘教峰 . 新科技革命与三元融合社会——关于雄安新区建设的宏观思考[J]. 中国科学院院刊, 2017,32(11): 1177-1184. |
PAN J F . New science and technology revolution and ternary fusion society——macroscopic views on xiongan new area construction[J]. Bulletin of Chinese Academy of Sciences, 2017,32(11): 1177-1184. | |
[45] | KITCHIN .ROB.The real-time city? Big data and smart urbanism[M]. Berlin: SpringerPress, 2014. |
[46] | 吴军 . 大数据和机器智能对未来社会的影响[J]. 电信科学, 2015,31(2): 7-16. |
WU J . Big data,machine intelligence and their impacts to the future world[J]. Telecommunications Science, 2015,31(2): 7-16. | |
[47] | 徐川, 杜成, 唐红 . DDoS 攻击检测研究综述[J]. 电信科学, 2011,27(3): 85-89. |
XU C , DU C , TANG H . A survey of detection research on DDoS attack[J]. Telecommunications Science, 2011,27(3): 85-89. |
[1] | 李悦, 钱亚冠, 关晓惠, 李蔚, 王滨, 顾钊铨. 面向人脸识别的口罩区域修复算法[J]. 电信科学, 2021, 37(8): 66-76. |
[2] | 叶学义, 钱丁炜, 应娜, 王涛. 基于吸引模式的局部二阶梯度轮廓人脸识别算法[J]. 电信科学, 2021, 37(7): 96-106. |
[3] | 董斌. 运营商智慧客服体系化建设[J]. 电信科学, 2020, 36(7): 118-125. |
[4] | 刘玉超,李子月. 面向安防场景的智能网联巡逻车关键技术及应用[J]. 电信科学, 2020, 36(4): 53-60. |
[5] | 王一鸣,陈恳,萨阿卜杜萨拉木·艾海提拉木. 基于SDBN和BLSTM注意力融合的端到端视听双模态语音识别[J]. 电信科学, 2019, 35(12): 79-89. |
[6] | 唐彪,金炜,符冉迪,龚飞. 多稀疏表示分类器决策融合的人脸识别[J]. 电信科学, 2018, 34(4): 31-40. |
[7] | 王海坤,潘嘉,刘聪. 语音识别技术的研究进展与展望[J]. 电信科学, 2018, 34(2): 1-11. |
[8] | 刘景文,许玮,吕伯轩,王单,聂雯莹,樊宁. 基于NFC技术的移动支付系统设计方案[J]. 电信科学, 2018, 34(2): 131-138. |
[9] | 龚飞,金炜,朱珂晴,符冉迪,曹燕. 采用双字典协作稀疏表示的光照及表情顽健人脸识别[J]. 电信科学, 2017, 33(3): 52-58. |
[10] | 汤雅妃,张云勇,张尼. 基于指纹识别的云安全认证技术[J]. 电信科学, 2015, 31(8): 158-164. |
[11] | 杨震,徐敏捷,刘璋峰,秦达,姚晓辉. 语音大数据信息处理架构及关键技术研究[J]. 电信科学, 2013, 29(11): 1-5. |
[12] | 赵学军,梁柏青,罗 喧,魏颖琪. 智能终端发展关键技术探讨[J]. 电信科学, 2012, 28(5): 1-8. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||
|