5,005 research outputs found
Implicit Sensor-based Authentication of Smartphone Users with Smartwatch
Smartphones are now frequently used by end-users as the portals to
cloud-based services, and smartphones are easily stolen or co-opted by an
attacker. Beyond the initial log-in mechanism, it is highly desirable to
re-authenticate end-users who are continuing to access security-critical
services and data, whether in the cloud or in the smartphone. But attackers who
have gained access to a logged-in smartphone have no incentive to
re-authenticate, so this must be done in an automatic, non-bypassable way.
Hence, this paper proposes a novel authentication system, iAuth, for implicit,
continuous authentication of the end-user based on his or her behavioral
characteristics, by leveraging the sensors already ubiquitously built into
smartphones. We design a system that gives accurate authentication using
machine learning and sensor data from multiple mobile devices. Our system can
achieve 92.1% authentication accuracy with negligible system overhead and less
than 2% battery consumption.Comment: Published in Hardware and Architectural Support for Security and
Privacy (HASP), 201
Survey and Systematization of Secure Device Pairing
Secure Device Pairing (SDP) schemes have been developed to facilitate secure
communications among smart devices, both personal mobile devices and Internet
of Things (IoT) devices. Comparison and assessment of SDP schemes is
troublesome, because each scheme makes different assumptions about out-of-band
channels and adversary models, and are driven by their particular use-cases. A
conceptual model that facilitates meaningful comparison among SDP schemes is
missing. We provide such a model. In this article, we survey and analyze a wide
range of SDP schemes that are described in the literature, including a number
that have been adopted as standards. A system model and consistent terminology
for SDP schemes are built on the foundation of this survey, which are then used
to classify existing SDP schemes into a taxonomy that, for the first time,
enables their meaningful comparison and analysis.The existing SDP schemes are
analyzed using this model, revealing common systemic security weaknesses among
the surveyed SDP schemes that should become priority areas for future SDP
research, such as improving the integration of privacy requirements into the
design of SDP schemes. Our results allow SDP scheme designers to create schemes
that are more easily comparable with one another, and to assist the prevention
of persisting the weaknesses common to the current generation of SDP schemes.Comment: 34 pages, 5 figures, 3 tables, accepted at IEEE Communications
Surveys & Tutorials 2017 (Volume: PP, Issue: 99
- …