Drone to the Rescue: Relay-Resilient Authentication using Ambient Multi-sensing
نویسندگان
چکیده
Many mobile and wireless authentication systems are prone to relay attacks whereby two non co-presence colluding entities can subvert the authentication functionality by simply relaying the data between a legitimate prover (P) and verifier (V). Examples include payment systems involving NFC and RFID devices, and zero-interaction token-based authentication approaches. Utilizing the contextual information to determine P-V proximity, or lack thereof, is a recently proposed approach to defend against relay attacks. Prior work considered WiFi, Bluetooth, GPS and Audio as different contextual modalities for the purpose of relay-resistant authentication. In this paper, we explore purely ambient physical sensing capabilities to address the problem of relay attacks in authentication systems. Specifically, we consider the use of four new sensor modalities, ambient temperature, precision gas, humidity, and altitude, for P-V proximity detection. Using an off-the-shelf ambient sensing platform, called Sensordrone, connected to Android devices, we show that combining these different modalities provides a robust proximity detection mechanism, yielding very low false positives (security against relay attacks) and very low false negatives (good usability). Such use of multiple ambient sensor modalities offers unique security advantages over traditional sensors (WiFi, Bluetooth, GPS or Audio) because it requires the attacker to simultaneously manipulate the multiple characteristics of the physical environment.
منابع مشابه
TRec: Relay-Resilient Transparent Authentication using Trajectory Recognition
Transparent authentication (TA) schemes are those in which a user is authenticated by a verifier without requiring explicit user interaction. Those schemes promise high usability and security simultaneously. Many TA schemes rely on the received signal strength as an indicator for the proximity of a user device (prover). However, such implicit proximity verification is not secure against an adve...
متن کاملProximity Verification Based on Acoustic Room Impulse Response
Device proximity verification has a wide range of security applications such as effortless zero-interaction authentication, multi-factor authentication, group-membership management and many more. To achieve high ease-of-use, a recently proposed class of solutions exploit contextual information captured by onboard sensors including radio (Wi-Fi, Bluetooth and GPS receivers), ambient sounds (micr...
متن کاملOptimal Power Management to Minimize SER in Amplify and-Forward Relay Networks
This paper studies optimal power allocation to minimize symbol error rate (SER) of amplify-and-forward cooperative diversity networks. First, we analytically solve optimal power allocation problem to minimize SER for three different scenarios, namely, multi-branch single-relay, single-branch multi-relay and multi-branch multi-relay cooperative diversity networks, all subject to a given total re...
متن کاملA Distributed Authentication Scheme for a Wireless Sensing System
Wireless sensor technologies are becoming more efficient and smaller in size and as a result, they are becoming more widely used for a variety of applications. However, due to their limited computational, energy, and storage resources, these devices can only perform relatively simple tasks. Furthermore, implementing strong security in sensor networks has often been disregarded because most comm...
متن کاملRESCUE: Reputation based Service for Cloud User Environment
Exceptional characteristics of Cloud computing has replaced all traditional computing. With reduced resource management and without in-advance investment, it has been victorious in making the IT world to migrate towards it. Microsoft announced its office package as Cloud, which can prevent people moving from Windows to Linux. As this drift is escalating in an exponential rate, the cloud environ...
متن کامل