1,286 research outputs found
Authenticating Users Through Fine-Grained Channel Information
User authentication is the critical first step in detecting identity-based attacks and preventing subsequent malicious attacks. However, the increasingly dynamic mobile environments make it harder to always apply cryptographic-based methods for user authentication due to their infrastructural and key management overhead. Exploiting non-cryptographic based techniques grounded on physical layer properties to perform user authentication appears promising. In this work, the use of channel state information (CSI), which is available from off-the-shelf WiFi devices, to perform fine-grained user authentication is explored. Particularly, a user-authentication framework that can work with both stationary and mobile users is proposed. When the user is stationary, the proposed framework builds a user profile for user authentication that is resilient to the presence of a spoofer. The proposed machine learning based user-authentication techniques can distinguish between two users even when they possess similar signal fingerprints and detect the existence of a spoofer. When the user is mobile, it is proposed to detect the presence of a spoofer by examining the temporal correlation of CSI measurements. Both office building and apartment environments show that the proposed framework can filter out signal outliers and achieve higher authentication accuracy compared with existing approaches using received signal strength (RSS)
Implicit Smartphone User Authentication with Sensors and Contextual Machine Learning
Authentication of smartphone users is important because a lot of sensitive
data is stored in the smartphone and the smartphone is also used to access
various cloud data and services. However, smartphones are easily stolen or
co-opted by an attacker. Beyond the initial login, it is highly desirable to
re-authenticate end-users who are continuing to access security-critical
services and data. Hence, this paper proposes a novel authentication system for
implicit, continuous authentication of the smartphone user based on behavioral
characteristics, by leveraging the sensors already ubiquitously built into
smartphones. We propose novel context-based authentication models to
differentiate the legitimate smartphone owner versus other users. We
systematically show how to achieve high authentication accuracy with different
design alternatives in sensor and feature selection, machine learning
techniques, context detection and multiple devices. Our system can achieve
excellent authentication performance with 98.1% accuracy with negligible system
overhead and less than 2.4% battery consumption.Comment: Published on the IEEE/IFIP International Conference on Dependable
Systems and Networks (DSN) 2017. arXiv admin note: substantial text overlap
with arXiv:1703.0352
Peer-assisted location authentication and access control for wireless networks
This paper presents the development and implementation of a locationābased, lightweight peerāassisted authentication scheme for use in wireless networks. The notion of peerāassisted authentication is based upon some target user equipmentā (UE) seeking authentication and access to a network based upon its physical location. The target UE seeks authentication through the UE of peers in the same network. Compared with previous work, the approach in this paper does not rely on any cryptographic proofs from a central authentication infrastructure, thus avoiding complex infrastructure management. However, the peerāassisted authentication consumes network channel resources which will impact on network performance. In this paper, we also present an access control algorithm for balancing the location authentication, network quality of service (QoS), network capacity and time delay. The results demonstrate that peerāassisted authentication considering location authentication and system QoS through dynamic access control strategies can be effectively and efficiently implemented in a number of use cases
PIANO: Proximity-based User Authentication on Voice-Powered Internet-of-Things Devices
Voice is envisioned to be a popular way for humans to interact with
Internet-of-Things (IoT) devices. We propose a proximity-based user
authentication method (called PIANO) for access control on such voice-powered
IoT devices. PIANO leverages the built-in speaker, microphone, and Bluetooth
that voice-powered IoT devices often already have. Specifically, we assume that
a user carries a personal voice-powered device (e.g., smartphone, smartwatch,
or smartglass), which serves as the user's identity. When another voice-powered
IoT device of the user requires authentication, PIANO estimates the distance
between the two devices by playing and detecting certain acoustic signals;
PIANO grants access if the estimated distance is no larger than a user-selected
threshold. We implemented a proof-of-concept prototype of PIANO. Through
theoretical and empirical evaluations, we find that PIANO is secure, reliable,
personalizable, and efficient.Comment: To appear in ICDCS'1
Privacy Preserving Physical Layer Authentication Scheme for LBS based Wireless Networks
With the fast development in services related to localisation, location-based service (LBS) gains more importance amongst all the mobile wireless services. To avail the service in the LBS system, information about the location and identity of the user has to be provided to the service provider. The service provider authenticates the user based on their identity and location before providing services. In general, sharing location information and preserving the userās privacy is a highly challenging task in conventional authentication techniques. To resolve these challenges in authenticating the users, retaining usersā privacy, a new SVD (singular value decomposition) based Privacy Preserved Location Authentication Scheme (SPPLAS) has been proposed. In this proposed method, physical layer signatures such as channel state information (CSI) and carrier frequency offset (CFO) are used for generating secret key required for encrypting the userās location and identity information, and thus encrypted userās information is sent to service provider for authentication. Secret key is generated by applying SVD on CSI vector. The proposed scheme aids in authenticating the user through location information while protecting the userās privacy. The performance of the proposed method is evaluated in terms of bit mismatch, leakage and bit error rate performance of receiver and adversary. The simulation results show that the proposed scheme achieves better robustness and security than the existing location-based authentication techniques
Higher order feature extraction and selection for robust human gesture recognition using CSI of COTS Wi-Fi devices
Device-free human gesture recognition (HGR) using commercial o the shelf (COTS) Wi-Fi
devices has gained attention with recent advances in wireless technology. HGR recognizes the human
activity performed, by capturing the reflections ofWi-Fi signals from moving humans and storing
them as raw channel state information (CSI) traces. Existing work on HGR applies noise reduction
and transformation to pre-process the raw CSI traces. However, these methods fail to capture
the non-Gaussian information in the raw CSI data due to its limitation to deal with linear signal
representation alone. The proposed higher order statistics-based recognition (HOS-Re) model extracts
higher order statistical (HOS) features from raw CSI traces and selects a robust feature subset for the
recognition task. HOS-Re addresses the limitations in the existing methods, by extracting third order
cumulant features that maximizes the recognition accuracy. Subsequently, feature selection methods
derived from information theory construct a robust and highly informative feature subset, fed as
input to the multilevel support vector machine (SVM) classifier in order to measure the performance.
The proposed methodology is validated using a public database SignFi, consisting of 276 gestures
with 8280 gesture instances, out of which 5520 are from the laboratory and 2760 from the home
environment using a 10 5 cross-validation. HOS-Re achieved an average recognition accuracy of
97.84%, 98.26% and 96.34% for the lab, home and lab + home environment respectively. The average
recognition accuracy for 150 sign gestures with 7500 instances, collected from five di erent users was
96.23% in the laboratory environment.Taylor's University through its TAYLOR'S PhD SCHOLARSHIP Programmeinfo:eu-repo/semantics/publishedVersio
- ā¦