A Brute-Force System for HID (Human Interface Device) Attack for Android Lock Screen Devices with Automatic Unlock Detection

Mateus Nunes; Rafael Schneider

doi:10.5753/sbseg.2023.233106

Mateus Nunes PCI-SC
Rafael Schneider PCI-SC

DOI: https://doi.org/10.5753/sbseg.2023.233106

Resumo

Electronic devices can be used to conduct illegal activities making examination of their contents essential for criminal investigation. Many mechanisms implemented over the years for securing users’ privacy can hinder lawful access to phone data. This research investigates attack via USB-OTG (On-the-Go) using HID (human interface device) and introduces a system for both PIN and pattern screen lock brute-force. Contributions include stop/resume attack and automatic unlock detection via sensor on display. An assessment was done with 18 compatible devices from real cases and found that 66% were compatible with password retrieval, most of them in less than one week.

Referências

Afonin, O. and Katalov, V. (2016). Mobile Forensics – Advanced Investigative Strategies. Packt Publishing Ltd.

Andriotis, P., Oikonomou, G., Mylonas, A., and Tryfonas, T. (2016). A study on usability and security features of the android pattern lock screen. Information & Computer Security, 24(1):53–72.

Aviv, A. J., Gibson, K. L., Mossop, E., Blaze, M., and Smith, J. M. (2010). Smudge attacks on smartphone touch screens. Woot, 10:1–7.

Cha, S., Kwag, S., Kim, H., and Huh, J. H. (2017). Boosting the guessing attack performance on android lock patterns with smudge attacks. In Proceedings of the 2017 ACM on Asia conference on computer and communications security, pages 313–326.

Chernyshev, M., Zeadally, S., Baig, Z., and Woodward, A. (2017). Mobile forensics: advances, challenges, and research opportunities. IEEE Security & Privacy, 15(6):42– 51.

Gómez, L. S. M. (2018). Descubrimiento automatizado de patrones de acceso en dispositivos móviles android. In XVIII Simposio Argentino de Informática y Derecho (SID)-JAIIO 47 (CABA, 2018).

Google (2018). Android open source project: Android api guide.

Groß, T., Busch, M., and Müller, T. (2021). One key to rule them all: Recovering the master key from ram to break android’s file-based encryption. Forensic Science International: Digital Investigation, 36:301113.

Loftus, R., Baumann, M., van Galen, R., and de Vries, R. (2017). Android 7 file based encryption and the attacks against it. University of Amsterdam, 33.

Markert, P., Bailey, D. V., Golla, M., Dürmuth, M., and Aviv, A. J. (2021). On the security of smartphone unlock pins. ACM Transactions on Privacy and Security (TOPS), 24(4):1–36.

Mayrhofer, R., Stoep, J. V., Brubaker, C., and Kralevich, N. (2021). The android platform security model. ACM Transactions on Privacy and Security (TOPS), 24(3):1–35.

Potockỳ, S. and Štulrajter, J. (2022). The human interface device (hid) attack on android lock screen non-biometric protections and its computational complexity. Science & Military Journal, 17(1):29–36.

Reedy, P. (2020). Interpol review of digital evidence 2016-2019. Forensic Science International: Synergy, 2:489–520.

Ye, G., Tang, Z., Fang, D., Chen, X., Kim, K. I., Taylor, B., and Wang, Z. (2017). Cracking android pattern lock in five attempts. In Proceedings of the 2017 Network and Distributed System Security Symposium 2017 (NDSS 17). Internet Society.

Ye, G., Tang, Z., Fang, D., Chen, X., Wolff, W., Aviv, A. J., and Wang, Z. (2018). A video-based attack for android pattern lock. ACM Transactions on Privacy and Security (TOPS), 21(4):1–31.