-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrelated.tex
75 lines (69 loc) · 5.58 KB
/
related.tex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
\section{Related Work}
\label{section: relate-work}
Our work lies at the intersection between computer vision based attacks and
cracking graphical- and touch-based authentication methods. This work brings
together techniques developed in the domain of computer vision and motion
tracking to develop a new attack. Our work is the first attempt
of reconstructing a locking pattern from a video footage without
capturing the content displayed on the screen.
\noindent \textbf{Computer Vision-based Attacks.} No work has targeted using video
footage to crack Android pattern lock and this is the first to do so. Our work is inspired by the work
presented by Shukla \emph{et al.}~\cite{shukla2014beware} on video-based attacks of
PIN-based passwords. In addition to addressing the new challenges highlighted in Section~\ref{sec:intro}, our work differs to their approach in
two ways.
Firstly, we target a different authentication method, i.e. graphical-based passwords are fundamentally different from PIN-based passwords. %Secondly, we
%exploit the geometry information exposed by fingertip movement to identify candidate patterns.
Secondly, our approach does not require knowledge of the size of the screen or the grid.
Other work in the area including~\cite{yue2014blind} which attacks PIN-based passwords by analyzing how the screen brightness changes when entering a password.
But the subtle changes of the screen brightness can be dramatically affected by the lighting condition. This restricts the application of their approach.
There is a body of work using reflections to recover information typed by the user~\cite{kuhn2002compromising,xu2013seeing,raguram2011ispy,backes2009tempest}. These schemes require having a clear vision of the content displayed on the screen while our approach does not have such a requirement.
\noindent \textbf{Cracking Graphical-based Passwords.} Aviv \emph{et al.} demonstrated that it is possible to
reconstruct a locking pattern by analyzing the oily residues left on the screen~\cite{aviv2010smudge}. This method is
highly restricted as oily residues can be messed up by any on-screen activities after pattern drawing. Abedlrahman
\emph{et al.} explored the fact that PINs or patterns are likely to be recognized by tracking the heat left on the
screen~\cite{abdelrahman2017stay}. Likewise, their approach is significantly disrupted by other on-screen operations
after drawing the PIN or pattern. Zhang \emph{et al.} exploit the WiFi signal interferences caused by finger motions to
recover patterns~\cite{zhang2016privacy}. Their method requires a complex setup and is highly sensitive to moving
objects of the environment
because the WiFi signal can be disrupted by a moving object.
%\vspace{2mm}
%\noindent \textbf{Attacks on Touch-based Authentication.}
%%\FIXME{See: When Kids' Toys Breach Mobile Phone Security, CCS 13 and other papers}
%Ballard \emph{et al.} implemented a forgery attack on handwriting
%authentication~\cite{ballard2007forgery}. Using a small number of training
%examples, they achieve a high success rate for this attack. More recently,
%Serwadda \emph{et al.} show that a simple robot can achieve high penetration
%rates against touch-based authentication systems by analyzing on-screen gestures including
%swiping and zooming~\cite{serwadda2013kids}.
%In this paper, we present a new, video-based attack for graphical-based passwords.
%Research in this area all demonstrates the need for a closer look of the security risks of touch-based authentication.
\noindent \textbf{Study of Android Pattern Lock.}
Uellebenk \emph{et al.} study how people use Android pattern lock on
a daily basis~\cite{uellenbeck2013quantifying}. They found that although there
is a large number of Android patterns, in
practice many people only use a small set of them due to users' bias in
generating patterns. L{\o}ge explored the correlation between
human's characteristics (e.g. ages and genders) and the choice of
patterns~\cite{alpnorway}. Her study shows that users have a bias in selecting the
starting dot to form a pattern and people tend to use complex patterns
for sensitive applications.
Aviv \emph{et al.} conducted a large user study to understand the security of the Android graphical based passwords~\cite{Aviv2014Understanding}. They analyzed the security and usability preference of users, using six visual features of the pattern lock including pattern length, number of crosses, etc.
After conducting a larger user study, they developed a brutal-force algorithm to
crack the pattern lock~\cite{Aviv2015Is}. Their results show that 15\% and 20\% of the patterns
generated on a grid of $3\times3$ and $4\times4$ dots respectively can be cracked within 20 guesses.
%within thousands of guesses, where simple patterns need less attempts.
%In a more recent work~\cite{Aviv2016Anlyzing}, they study the representativeness of
%pattern locks collected through various methods. Their work suggests
%that there are subtle differences for patterns collected using a pen-and-paper
% and online survey.
%\vspace{2mm}
%\noindent \textbf{Motion Tracking.} In addition to TLD, there are other methods proposed in the past for tracking object
%motions. Some of them apply image analysis to track the hand and gesture
%motions from video
%footage~\cite{Yang:2002:EMT:605089.605095,Stenger:2006:MHT:1159166.1159342,
%Beh2014Rule}. In this paper we do not seek to advance the field of
%motion tracking. Instead we demonstrate that a new attack can be built
%using classical motion tracking algorithms. We show that the attack presented in
%this work can be a serious threat for Android pattern lock.
%This has never been attempted in
%prior work on motion tracking.