90,024 research outputs found
PIANO: Proximity-based User Authentication on Voice-Powered Internet-of-Things Devices
Voice is envisioned to be a popular way for humans to interact with
Internet-of-Things (IoT) devices. We propose a proximity-based user
authentication method (called PIANO) for access control on such voice-powered
IoT devices. PIANO leverages the built-in speaker, microphone, and Bluetooth
that voice-powered IoT devices often already have. Specifically, we assume that
a user carries a personal voice-powered device (e.g., smartphone, smartwatch,
or smartglass), which serves as the user's identity. When another voice-powered
IoT device of the user requires authentication, PIANO estimates the distance
between the two devices by playing and detecting certain acoustic signals;
PIANO grants access if the estimated distance is no larger than a user-selected
threshold. We implemented a proof-of-concept prototype of PIANO. Through
theoretical and empirical evaluations, we find that PIANO is secure, reliable,
personalizable, and efficient.Comment: To appear in ICDCS'1
Recommended from our members
Evaluating the resilience and security of boundaryless, evolving socio-technical Systems of Systems
Detection loophole attacks on semi-device-independent quantum and classical protocols
Semi-device-independent quantum protocols realize information tasks - e.g.
secure key distribution, random access coding, and randomness generation - in a
scenario where no assumption on the internal working of the devices used in the
protocol is made, except their dimension. These protocols offer two main
advantages: first, their implementation is often less demanding than
fully-device-independent protocols. Second, they are more secure than their
device-dependent counterparts. Their classical analogous is represented by
random access codes, which provide a general framework for describing one-sided
classical communication tasks. We discuss conditions under which detection
inefficiencies can be exploited by a malicious provider to fake the performance
of semi-device-independent quantum and classical protocols - and how to prevent
it.Comment: 13 pages, 1 figure, published versio
CEPS Task Force on Artificial Intelligence and Cybersecurity Technology, Governance and Policy Challenges Task Force Evaluation of the HLEG Trustworthy AI Assessment List (Pilot Version). CEPS Task Force Report 22 January 2020
The Centre for European Policy Studies launched a Task Force on Artificial Intelligence (AI) and
Cybersecurity in September 2019. The goal of this Task Force is to bring attention to the market,
technical, ethical and governance challenges posed by the intersection of AI and cybersecurity,
focusing both on AI for cybersecurity but also cybersecurity for AI. The Task Force is multi-stakeholder
by design and composed of academics, industry players from various sectors, policymakers and civil
society.
The Task Force is currently discussing issues such as the state and evolution of the application of AI
in cybersecurity and cybersecurity for AI; the debate on the role that AI could play in the dynamics
between cyber attackers and defenders; the increasing need for sharing information on threats and
how to deal with the vulnerabilities of AI-enabled systems; options for policy experimentation; and
possible EU policy measures to ease the adoption of AI in cybersecurity in Europe.
As part of such activities, this report aims at assessing the High-Level Expert Group (HLEG) on AI Ethics
Guidelines for Trustworthy AI, presented on April 8, 2019. In particular, this report analyses and
makes suggestions on the Trustworthy AI Assessment List (Pilot version), a non-exhaustive list aimed
at helping the public and the private sector in operationalising Trustworthy AI. The list is composed
of 131 items that are supposed to guide AI designers and developers throughout the process of
design, development, and deployment of AI, although not intended as guidance to ensure
compliance with the applicable laws. The list is in its piloting phase and is currently undergoing a
revision that will be finalised in early 2020.
This report would like to contribute to this revision by addressing in particular the interplay between
AI and cybersecurity. This evaluation has been made according to specific criteria: whether and how
the items of the Assessment List refer to existing legislation (e.g. GDPR, EU Charter of Fundamental
Rights); whether they refer to moral principles (but not laws); whether they consider that AI attacks
are fundamentally different from traditional cyberattacks; whether they are compatible with
different risk levels; whether they are flexible enough in terms of clear/easy measurement,
implementation by AI developers and SMEs; and overall, whether they are likely to create obstacles
for the industry.
The HLEG is a diverse group, with more than 50 members representing different stakeholders, such
as think tanks, academia, EU Agencies, civil society, and industry, who were given the difficult task of
producing a simple checklist for a complex issue. The public engagement exercise looks successful
overall in that more than 450 stakeholders have signed in and are contributing to the process.
The next sections of this report present the items listed by the HLEG followed by the analysis and
suggestions raised by the Task Force (see list of the members of the Task Force in Annex 1)
- …