| 智能化的安卓手势密码取证关键技术 |
| |
| 作者姓名: | 裘佳浩 邱卫东 王杨德 查言 谢宇明 李岩 |
| |
| 作者单位: | 1. 上海交通大学网络空间安全学院,上海200240;2. 司法鉴定科学研究院上海市司法鉴定专业技术服务平台司法部司法鉴定重点实验室,上海 200063 |
| |
| 基金项目: | 科研院所公益研究专项(GY2019G-2);科研院所公益研究专项(GY2020G-6) |
| |
| 摘 要: | 在电子数据取证中,如何对手机等移动设备进行屏幕解锁一直是亟待攻克的难题.将手势图形密码这种广泛应用于手机屏幕解锁以及软件访问授权的密码防护机制作为研究对象,针对已有的手势图形密码还原技术存在的隐蔽性差、实用性低、非智能化、场景单一等弊端,从肩膀冲浪、监控摄像、现场取证等场景中抽象出两个基本的威胁模型,提出一种多场景下的...
|
| 关 键 词: | 手势图形密码 智能视觉识别 电子数据取证 侧信道攻击 |
Intellectualized forensic technique for Android pattern locks |
| |
| Authors: | Jiahao QIU Weidong QIU Yangde WANG Yan ZHA Yuming XIE Yan LI |
| |
| Affiliation: | 1. School of Cyber Science and Engineering, Shanghai Jiao Tong University, Shanghai 200240, China;2. Key Laboratory of Forensic Science, Shanghai Forensic Service Platform, Ministry of Justice, Academy of Forensic Science, Shanghai 200063, China |
| |
| Abstract: | In the field of digital forensics, how to unlock mobile devices such as phones has always been an urgent problem to overcome.As a special kind of password, pattern lock is widely used in mobile phone screen unlock and software access authorization.Existing pattern lock cracking techniques have several non-negligible disadvantages, such as poor concealment, low practicability, non-intelligence and single application scenario.Two basic threat models were abstracted from shoulder surfing, surveillance camera, and real-time forensics, and a multi-scenario side channel attack on pattern locks was proposed.Based on the data of surveillance camera or manual video, intelligent vision recognition algorithms were adopted to identify, select and track the target device and biological key points in the video dynamically.Then, discrete tracking points were integrated by spatial mapping and pruning algorithm.The denoising algorithm was used to eliminate redundancy and optimize the trajectory.Through procedures above, the original trajectory was simplified into regular polylines defined by several key turning points.Finally, the simplified pattern was compared and matched with the rules of legal pattern locks to inference and retort its actual pattern.Possible candidates will be sorted in the output according to their confidences.Results show that in the surveillance camera scenario, where the device screen is always visible, the cracking success rate of our technique is 89% for 10 attempts and 99.3% for 20 attempts.In the face-to-face scenario, where the subject consciously blocks the screen and his drawing finger, the success rate was 82% after 10 attempts and 89.3% after 20 attempts.In the surveillance camera scenario, the increase of shooting horizontal distance can significantly decrease the cracking success rate.But this effect diminishes with the increase of the number of attempts.Results show that the cracking success rate of the complex password is always higher than that of the simple password during 20 attempts, which means a complex pattern lock cannot play a better protection role if the proposed technique is applied.Shooting angle deflection within 5° has little effect on the success rate of cracking. |
| |
| Keywords: | pattern lock intelligent vision recognition digital forensics side channel attack |
|
| 点击此处可从《》浏览原始摘要信息 |
|
点击此处可从《》下载全文 |
|
