当前位置: X-MOL 学术Int. J. Inf. Secur. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
A new smart smudge attack using CNN
International Journal of Information Security ( IF 3.2 ) Pub Date : 2021-02-21 , DOI: 10.1007/s10207-021-00540-z
Hansub Shin , Sungyong Sim , Hyukyoon Kwon , Sangheum Hwang , Younho Lee

This paper deals with a well-known problem in the area of the smudge attacks: when a user draws a pattern to unlock the pattern lock on a smartphone screen, pattern extraction sometimes becomes difficult owing to the existence of the oily residuals around it. This is because the phone screen becomes obscured by these residuals, which significantly lower the guess rate of the pattern lock. To address this, this paper proposes a novel attack method based on a Convolutional Neural Network (CNN). CNNs are known to exhibit high accuracy in image classification. However, using only CNNs for the attack is not sufficient, because there are 389,112 possible patterns, and training the CNN for all the cases is difficult. We therefore propose two ideas to overcome the aforementioned problem. The first one is the application of ’Screen Segmentation,’ where we divide the screen into four segments to reduce the number of possible patterns to 1470 in each segment. The second is the use of pruning rules, which reduces the number of total pattern cases by combining the patterns in each segment. Furthermore, by applying the Android pattern lock constraints, we reduce the number of possible patterns. To validate the proposed idea, we collected 3500 image data by photographing the screen of Android smartphones and generated 367,500 image data based on their possible combinations. Using those data sets, we conducted an experiment whereby we investigated the success rate of our attack in various situations, dealing with different pattern lock lengths and type of prior application usage. The result shows that up to a pattern lock length of seven, the proposed method has on an average, 79% success rate, which is meaningful result in smudge attacks. In addition, in an ideal case where only the actual pattern lock is entered, without oily residuals, the proposed scheme supports an even higher performance, i.e., a 93% successful guess rate on an average.



中文翻译:

使用CNN的新型智能污迹攻击

本文针对污迹攻击领域中的一个众所周知的问题:当用户绘制图案以解锁智能手机屏幕上的图案锁时,由于其周围存在油性残留物,图案提取有时会变得困难。这是因为电话屏幕被这些残留物所遮盖,从而大大降低了图案锁定的猜测率。为了解决这个问题,本文提出了一种基于卷积神经网络(CNN)的新型攻击方法。已知CNN在图像分类中表现出很高的准确性。但是,仅使用CNN进行攻击是不够的,因为存在389,112种可能的模式,并且很难在所有情况下训练CNN。因此,我们提出两个想法来克服上述问题。第一个是“屏幕细分”的应用,在这里,我们将屏幕分为四个部分,以将每个部分中可能的图案数量减少到1470。第二个是修剪规则的使用,它通过组合每个段中的模式来减少总模式情况的数量。此外,通过应用Android模式锁定约束,我们减少了可能的模式数量。为了验证所提出的想法,我们通过拍摄Android智能手机的屏幕收集了3500个图像数据,并根据其可能的组合生成了367,500个图像数据。使用这些数据集,我们进行了一项实验,从而研究了在各种情况下攻击的成功率,处理了不同的模式锁定长度和先前应用程序使用的类型。结果表明,最多7个模式锁定长度,所提出的方法平均有79%的成功率,这很有意义,可导致污迹攻击。另外,在理想情况下,仅输入实际的模式锁定,而没有油性残留,所提出的方案支持更高的性能,即平均成功猜测率为93%。

更新日期:2021-02-21
down
wechat
bug