7,895 research outputs found
DoubleEcho: Mitigating Context-Manipulation Attacks in Copresence Verification
Copresence verification based on context can improve usability and strengthen
security of many authentication and access control systems. By sensing and
comparing their surroundings, two or more devices can tell whether they are
copresent and use this information to make access control decisions. To the
best of our knowledge, all context-based copresence verification mechanisms to
date are susceptible to context-manipulation attacks. In such attacks, a
distributed adversary replicates the same context at the (different) locations
of the victim devices, and induces them to believe that they are copresent. In
this paper we propose DoubleEcho, a context-based copresence verification
technique that leverages acoustic Room Impulse Response (RIR) to mitigate
context-manipulation attacks. In DoubleEcho, one device emits a wide-band
audible chirp and all participating devices record reflections of the chirp
from the surrounding environment. Since RIR is, by its very nature, dependent
on the physical surroundings, it constitutes a unique location signature that
is hard for an adversary to replicate. We evaluate DoubleEcho by collecting RIR
data with various mobile devices and in a range of different locations. We show
that DoubleEcho mitigates context-manipulation attacks whereas all other
approaches to date are entirely vulnerable to such attacks. DoubleEcho detects
copresence (or lack thereof) in roughly 2 seconds and works on commodity
devices
Group-In: Group Inference from Wireless Traces of Mobile Devices
This paper proposes Group-In, a wireless scanning system to detect static or
mobile people groups in indoor or outdoor environments. Group-In collects only
wireless traces from the Bluetooth-enabled mobile devices for group inference.
The key problem addressed in this work is to detect not only static groups but
also moving groups with a multi-phased approach based only noisy wireless
Received Signal Strength Indicator (RSSIs) observed by multiple wireless
scanners without localization support. We propose new centralized and
decentralized schemes to process the sparse and noisy wireless data, and
leverage graph-based clustering techniques for group detection from short-term
and long-term aspects. Group-In provides two outcomes: 1) group detection in
short time intervals such as two minutes and 2) long-term linkages such as a
month. To verify the performance, we conduct two experimental studies. One
consists of 27 controlled scenarios in the lab environments. The other is a
real-world scenario where we place Bluetooth scanners in an office environment,
and employees carry beacons for more than one month. Both the controlled and
real-world experiments result in high accuracy group detection in short time
intervals and sampling liberties in terms of the Jaccard index and pairwise
similarity coefficient.Comment: This work has been funded by the EU Horizon 2020 Programme under
Grant Agreements No. 731993 AUTOPILOT and No.871249 LOCUS projects. The
content of this paper does not reflect the official opinion of the EU.
Responsibility for the information and views expressed therein lies entirely
with the authors. Proc. of ACM/IEEE IPSN'20, 202
Inferring Person-to-person Proximity Using WiFi Signals
Today's societies are enveloped in an ever-growing telecommunication
infrastructure. This infrastructure offers important opportunities for sensing
and recording a multitude of human behaviors. Human mobility patterns are a
prominent example of such a behavior which has been studied based on cell phone
towers, Bluetooth beacons, and WiFi networks as proxies for location. However,
while mobility is an important aspect of human behavior, understanding complex
social systems requires studying not only the movement of individuals, but also
their interactions. Sensing social interactions on a large scale is a technical
challenge and many commonly used approaches---including RFID badges or
Bluetooth scanning---offer only limited scalability. Here we show that it is
possible, in a scalable and robust way, to accurately infer person-to-person
physical proximity from the lists of WiFi access points measured by smartphones
carried by the two individuals. Based on a longitudinal dataset of
approximately 800 participants with ground-truth interactions collected over a
year, we show that our model performs better than the current state-of-the-art.
Our results demonstrate the value of WiFi signals in social sensing as well as
potential threats to privacy that they imply
- …