智能化的安卓手势密码取证关键技术

Intellectualized forensic technique for Android pattern locks

在电子数据取证中,如何对手机等移动设备进行屏幕解锁一直是亟待攻克的难题。将手势图形密码这种广泛应用于手机屏幕解锁以及软件访问授权的密码防护机制作为研究对象,针对已有的手势图形密码还原技术存在的隐蔽性差、实用性低、非智能化、场景单一等弊端,从肩膀冲浪、监控摄像、现场取证等场景中抽象出两个基本的威胁模型,提出一种多场景下的手势图形密码侧信道攻击技术方法。该方法以监控摄像头或人工拍摄视频数据为基础,采用智能视觉识别技术,实时而动态地对视频中目标设备和解锁生物关键点进行识别、选择与跟踪;随后采用空间映射和剪枝算法,将离散的跟踪轨迹进行整合,使用降噪算法对跟踪轨迹进行去冗余和优化,定位出视频中绘制手势图形密码的关键转折点;最后将精简的轨迹与手势图形密码的规则进行比对和匹配,根据置信度对实际绘制的手势图形密码进行猜测和还原。实验结果表明,在监控摄像场景中,即设备屏幕可见场景下,所提技术对手势图形密码的10次尝试成功率为89%,20次尝试成功率为99.3%;在面对面拍摄场景中,即屏幕和手部关键点被遮挡情况下,10次尝试成功率为82%,20次尝试成功率为89.3%;拍摄水平距离的增加在监控摄像场景下对成功率的影响较明显,但随着尝试次数的增加影响逐渐降低;复杂密码在所提技术中无法起到更好的保护作用,在20次尝试内,复杂密码的破解成功率始终高于简单密码;拍摄角度偏转在5°以内对破解成功率几乎没有影响。

In the field of digital forensics,how to unlock mobile devices such as phones has always been an urgent problem to overcome.As a special kind of password,pattern lock is widely used in mobile phone screen unlock and software access authorization.Existing pattern lock cracking techniques have several non-negligible disadvantages,such as poor concealment,low practicability,non-intelligence and single application scenario.Two basic threat models were abstracted from shoulder surfing,surveillance camera,and real-time forensics,and a multi-scenario side channel attack on pattern locks was proposed.Based on the data of surveillance camera or manual video,intelligent vision recognition algorithms were adopted to identify,select and track the target device and biological key points in the video dynamically.Then,discrete tracking points were integrated by spatial mapping and pruning algorithm.The denoising algorithm was used to eliminate redundancy and optimize the trajectory.Through procedures above,the original trajectory was simplified into regular polylines defined by several key turning points.Finally,the simplified pattern was compared and matched with the rules of legal pattern locks to inference and retort its actual pattern.Possible candidates will be sorted in the output according to their confidences.Results show that in the surveillance camera scenario,where the device screen is always visible,the cracking success rate of our technique is 89%for 10 attempts and 99.3%for 20 attempts.In the face-to-face scenario,where the subject consciously blocks the screen and his drawing finger,the success rate was 82%after 10 attempts and 89.3%after 20 attempts.In the surveillance camera scenario,the increase of shooting horizontal distance can significantly decrease the cracking success rate.But this effect diminishes with the increase of the number of attempts.Results show that the cracking success rate of the complex password is always higher than that of the simple password during 20 attempts,which means a complex pattern lock cannot play a better protection role if the proposed technique is applied.Shooting angle deflection within 5°has little effect on the success rate of cracking.