13,135 research outputs found
DoubleEcho: Mitigating Context-Manipulation Attacks in Copresence Verification
Copresence verification based on context can improve usability and strengthen
security of many authentication and access control systems. By sensing and
comparing their surroundings, two or more devices can tell whether they are
copresent and use this information to make access control decisions. To the
best of our knowledge, all context-based copresence verification mechanisms to
date are susceptible to context-manipulation attacks. In such attacks, a
distributed adversary replicates the same context at the (different) locations
of the victim devices, and induces them to believe that they are copresent. In
this paper we propose DoubleEcho, a context-based copresence verification
technique that leverages acoustic Room Impulse Response (RIR) to mitigate
context-manipulation attacks. In DoubleEcho, one device emits a wide-band
audible chirp and all participating devices record reflections of the chirp
from the surrounding environment. Since RIR is, by its very nature, dependent
on the physical surroundings, it constitutes a unique location signature that
is hard for an adversary to replicate. We evaluate DoubleEcho by collecting RIR
data with various mobile devices and in a range of different locations. We show
that DoubleEcho mitigates context-manipulation attacks whereas all other
approaches to date are entirely vulnerable to such attacks. DoubleEcho detects
copresence (or lack thereof) in roughly 2 seconds and works on commodity
devices
A secure and lightweight ad-hoc routing algorithm for personal networks
Over the past few years, there has been increasing interest in utilizing Personal Area Networks (PANs) to offer users innovative and personalized services. This interest is a consequence of the widespread use of mobile devices such as laptops, mobile phones, PDAs, digital cameras, wireless headsets, etc. to carry out a variety of user-centric tasks. The PAN itself is built upon an ad-hoc network where devices trust their neighbors to route their packets. The cooperative nature of ad-hoc networks allows malicious nodes to easily cripple the network by inserting false route information, replaying old messages, modifying messages of other nodes, etc. An applicable area still under research, and the focus of this paper, is secure routing protocols for ad-hoc networks. To achieve availability in the PAN, the routing protocol used must be robust against both dynamically changing topology and malicious attacks. However, the heterogeneous nature of Personal Network (PN) devices means that traditional security mechanisms are too resource intensive to be sufficient by themselves. This paper describes a new ad-hoc secure routing protocol for Personal Networks (PNs), suitable in a limited multi-hop scenario. This protocol is based on ADOV and relies on efficient cryptographic primitives to safeguard the security and privacy of PN users. Following that, a number of attacks in the area of ad-hoc networks are discussed, and it is shown that the new algorithm protects against multiple un-coordinated active attackers, in spite of compromised nodes in the network
H2B: Heartbeat-based Secret Key Generation Using Piezo Vibration Sensors
We present Heartbeats-2-Bits (H2B), which is a system for securely pairing
wearable devices by generating a shared secret key from the skin vibrations
caused by heartbeat. This work is motivated by potential power saving
opportunity arising from the fact that heartbeat intervals can be detected
energy-efficiently using inexpensive and power-efficient piezo sensors, which
obviates the need to employ complex heartbeat monitors such as
Electrocardiogram or Photoplethysmogram. Indeed, our experiments show that
piezo sensors can measure heartbeat intervals on many different body locations
including chest, wrist, waist, neck and ankle. Unfortunately, we also discover
that the heartbeat interval signal captured by piezo vibration sensors has low
Signal-to-Noise Ratio (SNR) because they are not designed as precision
heartbeat monitors, which becomes the key challenge for H2B. To overcome this
problem, we first apply a quantile function-based quantization method to fully
extract the useful entropy from the noisy piezo measurements. We then propose a
novel Compressive Sensing-based reconciliation method to correct the high bit
mismatch rates between the two independently generated keys caused by low SNR.
We prototype H2B using off-the-shelf piezo sensors and evaluate its performance
on a dataset collected from different body positions of 23 participants. Our
results show that H2B has an overwhelming pairing success rate of 95.6%. We
also analyze and demonstrate H2B's robustness against three types of attacks.
Finally, our power measurements show that H2B is very power-efficient
The Meeting of Acquaintances: A Cost-efficient Authentication Scheme for Light-weight Objects with Transient Trust Level and Plurality Approach
Wireless sensor networks consist of a large number of distributed sensor
nodes so that potential risks are becoming more and more unpredictable. The new
entrants pose the potential risks when they move into the secure zone. To build
a door wall that provides safe and secured for the system, many recent research
works applied the initial authentication process. However, the majority of the
previous articles only focused on the Central Authority (CA) since this leads
to an increase in the computation cost and energy consumption for the specific
cases on the Internet of Things (IoT). Hence, in this article, we will lessen
the importance of these third parties through proposing an enhanced
authentication mechanism that includes key management and evaluation based on
the past interactions to assist the objects joining a secured area without any
nearby CA. We refer to a mobility dataset from CRAWDAD collected at the
University Politehnica of Bucharest and rebuild into a new random dataset
larger than the old one. The new one is an input for a simulated authenticating
algorithm to observe the communication cost and resource usage of devices. Our
proposal helps the authenticating flexible, being strict with unknown devices
into the secured zone. The threshold of maximum friends can modify based on the
optimization of the symmetric-key algorithm to diminish communication costs
(our experimental results compare to previous schemes less than 2000 bits) and
raise flexibility in resource-constrained environments.Comment: 27 page
A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends
This paper examines the security vulnerabilities and threats imposed by the
inherent open nature of wireless communications and to devise efficient defense
mechanisms for improving the wireless network security. We first summarize the
security requirements of wireless networks, including their authenticity,
confidentiality, integrity and availability issues. Next, a comprehensive
overview of security attacks encountered in wireless networks is presented in
view of the network protocol architecture, where the potential security threats
are discussed at each protocol layer. We also provide a survey of the existing
security protocols and algorithms that are adopted in the existing wireless
network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term
evolution (LTE) systems. Then, we discuss the state-of-the-art in
physical-layer security, which is an emerging technique of securing the open
communications environment against eavesdropping attacks at the physical layer.
We also introduce the family of various jamming attacks and their
counter-measures, including the constant jammer, intermittent jammer, reactive
jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the
integration of physical-layer security into existing authentication and
cryptography mechanisms for further securing wireless networks. Finally, some
technical challenges which remain unresolved at the time of writing are
summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201
- …