894 research outputs found

    Biometrics for internet‐of‐things security: A review

    Get PDF
    The large number of Internet‐of‐Things (IoT) devices that need interaction between smart devices and consumers makes security critical to an IoT environment. Biometrics offers an interesting window of opportunity to improve the usability and security of IoT and can play a significant role in securing a wide range of emerging IoT devices to address security challenges. The purpose of this review is to provide a comprehensive survey on the current biometrics research in IoT security, especially focusing on two important aspects, authentication and encryption. Regarding authentication, contemporary biometric‐based authentication systems for IoT are discussed and classified based on different biometric traits and the number of biometric traits employed in the system. As for encryption, biometric‐cryptographic systems, which integrate biometrics with cryptography and take advantage of both to provide enhanced security for IoT, are thoroughly reviewed and discussed. Moreover, challenges arising from applying biometrics to IoT and potential solutions are identified and analyzed. With an insight into the state‐of‐the‐art research in biometrics for IoT security, this review paper helps advance the study in the field and assists researchers in gaining a good understanding of forward‐looking issues and future research directions

    Two-Dimensional Dynamic Fusion for Continuous Authentication

    Full text link
    Continuous authentication has been widely studied to provide high security and usability for mobile devices by continuously monitoring and authenticating users. Recent studies adopt multibiometric fusion for continuous authentication to provide high accuracy even when some of captured biometric data are of a low quality. However, existing continuous fusion approaches are resource-heavy as they rely on all classifiers being activated all the time and may not be suitable for mobile devices. In this paper, we propose a new approach to multibiometric continuous authentication: two-dimensional dynamic fusion. Our key insight is that multibiometric continuous authentication calculates two-dimensional matching scores over classifiers and over time. Based on this, we dynamically select a set of classifiers based on the context in which authentication is taking place, and fuse matching scores by multi-classifier fusion and multi-sample fusion. Through experimental evaluation, we show that our approach provides a better balance between resource usage and accuracy than the existing fusion methods. In particular, we show that our approach provides higher accuracy than the existing methods with the same number of score calculations by adopting multi-sample fusion.Comment: Accepted to IJCB'2

    Adaptive User Authentication on Mobile Devices

    Get PDF
    Modern mobile devices allow users to access various applications and services anywhere. However, high mobility also exposes mobile devices to device loss, unauthorized access, and many other risks. Existing studies have proposed a variety of explicit authentication (EA) and implicit authentication (IA) mechanisms to secure sensitive personal and corporate data on mobile devices. Considering the limitations of these mechanisms under different circumstances, we expect that future authentication systems will be able to dynamically determine when and how to authenticate users based on the current context, which is called adaptive authentication. This thesis investigates adaptive authentication from the perspectives of context sensing techniques, authentication and access control adaptations, and adaptation modeling. First, we investigate the smartphone loss scenario. Context sensing is critical for triggering immediate device locking with re-authentication and an alert to the owner before they leave without the phone. We propose Chaperone, an active acoustic sensing based solution to detect a user's departure from the device. It is designed to robustly provide a user's proximity and motion contexts in real-world scenarios characterized by bursting high-frequency noise, bustling crowds, and diverse environmental layouts. Extensive evaluations at a variety of real-world locations have shown that Chaperone has high accuracy and low detection latency under various conditions. Second, we investigate temporary device sharing as a special scenario of adaptive authentication. We propose device sharing awareness (DSA), a new sharing-protection approach for temporarily shared mobile devices. DSA exploits natural handover gestures and behavioral biometrics as contextual factors to transparently enable and disable a device's sharing mode without requiring explicit input of the device owner. It also supports various access control strategies to fulfill sharing requirements imposed by an app. Our user study has shown the effectiveness of handover detection and demonstrated how DSA automatically processes sharing events to provide a secure sharing environment. Third, we investigate the adaptation of an IA system to shared mobile devices to reject imposters and distinguish between legitimate users in real-time. We propose a multi-user IA solution that incorporates multiple modalities and supports adding new users and automatically labeling new incoming data for model updating. Our solution adopts a score fusion strategy based on Dempster-Shafer (D-S) theory to improve accuracy with considering uncertainties among different IA mechanisms. We also provide an evaluation framework to support IA researchers in the evaluation of multi-user, multi-modal IA systems. We present two sample use cases to showcase how our framework helps address practical design questions of multi-user IA systems. Fourth, we investigate a high-level organization of different adaptation policies in an adaptive authentication system. We design and build a multi-stage risk-aware adaptive authentication and access control framework (MRAAC). MRAAC organizes adaptation policies in multiple stages to handle various scenarios and progressively adapts authentication mechanisms based on context, resource sensitivity, and user authenticity. We present three use cases to show how MRAAC enables various stakeholders (device manufacturers, enterprise and secure app developers) to provide adaptive authentication workflows on COTS Android with low processing and battery overhead. In conclusion, this thesis fills the gaps in adaptive authentication systems for shared mobile devices and adaptation models for authentication and access control. Our frameworks and implementations also benefit researchers and developers to develop and evaluate their adaptive authentication systems efficiently

    Trustworthy Edge Machine Learning: A Survey

    Full text link
    The convergence of Edge Computing (EC) and Machine Learning (ML), known as Edge Machine Learning (EML), has become a highly regarded research area by utilizing distributed network resources to perform joint training and inference in a cooperative manner. However, EML faces various challenges due to resource constraints, heterogeneous network environments, and diverse service requirements of different applications, which together affect the trustworthiness of EML in the eyes of its stakeholders. This survey provides a comprehensive summary of definitions, attributes, frameworks, techniques, and solutions for trustworthy EML. Specifically, we first emphasize the importance of trustworthy EML within the context of Sixth-Generation (6G) networks. We then discuss the necessity of trustworthiness from the perspective of challenges encountered during deployment and real-world application scenarios. Subsequently, we provide a preliminary definition of trustworthy EML and explore its key attributes. Following this, we introduce fundamental frameworks and enabling technologies for trustworthy EML systems, and provide an in-depth literature review of the latest solutions to enhance trustworthiness of EML. Finally, we discuss corresponding research challenges and open issues.Comment: 27 pages, 7 figures, 10 table

    Resilient Infrastructure and Building Security

    Get PDF

    Internet of robotic things : converging sensing/actuating, hypoconnectivity, artificial intelligence and IoT Platforms

    Get PDF
    The Internet of Things (IoT) concept is evolving rapidly and influencing newdevelopments in various application domains, such as the Internet of MobileThings (IoMT), Autonomous Internet of Things (A-IoT), Autonomous Systemof Things (ASoT), Internet of Autonomous Things (IoAT), Internetof Things Clouds (IoT-C) and the Internet of Robotic Things (IoRT) etc.that are progressing/advancing by using IoT technology. The IoT influencerepresents new development and deployment challenges in different areassuch as seamless platform integration, context based cognitive network integration,new mobile sensor/actuator network paradigms, things identification(addressing, naming in IoT) and dynamic things discoverability and manyothers. The IoRT represents new convergence challenges and their need to be addressed, in one side the programmability and the communication ofmultiple heterogeneous mobile/autonomous/robotic things for cooperating,their coordination, configuration, exchange of information, security, safetyand protection. Developments in IoT heterogeneous parallel processing/communication and dynamic systems based on parallelism and concurrencyrequire new ideas for integrating the intelligent “devices”, collaborativerobots (COBOTS), into IoT applications. Dynamic maintainability, selfhealing,self-repair of resources, changing resource state, (re-) configurationand context based IoT systems for service implementation and integrationwith IoT network service composition are of paramount importance whennew “cognitive devices” are becoming active participants in IoT applications.This chapter aims to be an overview of the IoRT concept, technologies,architectures and applications and to provide a comprehensive coverage offuture challenges, developments and applications
    • 

    corecore