| With the development of 5G networks,edge computing,human-computer interaction and sensor technology,Virtual Reality(VR)theory has been further improved.In recent years,it has gradually demonstrated its application value in various fields.At present,VR has been widely applied in entertainment,education,healthcare as well as other industries.Google,Microsoft and other companies have launched virtual reality commercial products,and the VR ecosystem is gradually improving.The VR system brings a better immersive interactive experience to users,but the privacy information entered by users in the interaction with the system is exposed to various potential side channel attack threats.Although there are few studies on the security of VR user password input,its importance is self-evident.To address these issues,a side channel attack based on VR terminal motion sensor is proposed for two different input ways,i.e.,headset input and controller input.Furthermore,a computer vision-based side channel attack is proposed for headset input.The security vunerability is verified through experiments.In order to defend against possible side channel attacks,we design a panoramic image-based security authentication approach.The research details mainly include the following aspects:(1)We investigate a motion sensor-based side channel attack.Firstly,we collect data from the motion sensor of the device,and design the user click recognition algorithm with the combination of user behavior analysis in the input process.Secondly,we calculate the variation of attitude angles of the corresponding input device during the input so as to recover the movement trajectory of the virtual cursor.Thirdly,we design a password recovery algorithm combining the virtual keyboard parameters.Finally we can infer the user password.(2)We propose a computer vision-based side channel attack.Firstly,we use a stereo camera to record user's password input,and pre-process the recording video by use of stereo calibration and correction technology.Secondly,we track the finger and the headset using the optical flow method to determine the touch frame.Thirdly,we calculate the variation of headset rotation angles,and estimate the moving track of the virtual cursor.Finally,we restore the user password.(3)We study a panoramic image-based VR security authentication approach.Firstly,we display the panoramic images in VR system,and design the image rotation/pause interactive mode.Secondly,in terms of the problem in image password storage,we design the region segmentation algorithm to discretize image passwords.Finally,we add the panoramic image random rotation factor to improve the authentication security on the premise that availability can be ensured.(4)By integrating the theoretical and technical research results of side channel attack and graphics authentication,we implement the VR user security authentication prototype system based on panoramic image.Besides,the function and performance of the prototype system are tested to verify the effectiveness and security of the authentication system.In summary,we focused on the security of the text authentication method in the VR system.Firstly,we design the motion sensor-based and computer vision-based side channel attack technologies to verify the security risk in the VR system.And then we perform research on the VR graphical password technology based on the panoramic image random rotation.Finally,we design and implement a VR security authentication prototype system to effectively protect users' private data. |
