Intellectualized forensic technique for Android pattern locks

QIU Jiahao, QIU Weidong, WANG Yangde, ZHA Yan, XIE Yuming

doi:10.11959/j.issn.2096−109x.2022005

网络与信息安全学报 (Feb 2022)

Intellectualized forensic technique for Android pattern locks

QIU Jiahao, QIU Weidong, WANG Yangde, ZHA Yan, XIE Yuming

Affiliations

QIU Jiahao, QIU Weidong, WANG Yangde, ZHA Yan, XIE Yuming: School of Cyber Science and Engineering, Shanghai Jiao Tong University, Shanghai 200240, China

DOI: https://doi.org/10.11959/j.issn.2096−109x.2022005
Journal volume & issue: Vol. 8, no. 1
pp. 118 – 127

Abstract

Read online

In the field of digital forensics, how to unlock mobile devices such as phones has always been an urgent problem to overcome. As a special kind of password, pattern lock is widely used in mobile phone screen unlock and software access authorization. Existing pattern lock cracking techniques have several non-negligible disadvantages, such as poor concealment, low practicability, non-intelligence and single application scenario. Two basic threat models were abstracted from shoulder surfing, surveillance camera, and real-time forensics, and a multi-scenario side channel attack on pattern locks was proposed. Based on the data of surveillance camera or manual video, intelligent vision recognition algorithms were adopted to identify, select and track the target device and biological key points in the video dynamically. Then, discrete tracking points were integrated by spatial mapping and pruning algorithm. The denoising algorithm was used to eliminate redundancy and optimize the trajectory. Through procedures above, the original trajectory was simplified into regular polylines defined by several key turning points. Finally, the simplified pattern was compared and matched with the rules of legal pattern locks to inference and retort its actual pattern. Possible candidates will be sorted in the output according to their confidences. Results show that in the surveillance camera scenario, where the device screen is always visible, the cracking success rate of our technique is 89% for 10 attempts and 99.3% for 20 attempts. In the face-to-face scenario, where the subject consciously blocks the screen and his drawing finger, the success rate was 82% after 10 attempts and 89.3% after 20 attempts. In the surveillance camera scenario, the increase of shooting horizontal distance can significantly decrease the cracking success rate. But this effect diminishes with the increase of the number of attempts. Results show that the cracking success rate of the complex password is always higher than that of the simple password during 20 attempts, which means a complex pattern lock cannot play a better protection role if the proposed technique is applied. Shooting angle deflection within 5° has little effect on the success rate of cracking.

Published in 网络与信息安全学报

ISSN: 2096-109X (Print)
Publisher: POSTS&TELECOM PRESS Co., LTD
Country of publisher: China
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: http://www.infocomm-journal.com/cjnis/CN/2096-109X/home.shtml

About the journal

Abstract

Keywords