Browsing by Subject "user authentication"

Now showing 1 - 2 of 2
  • Thumbnail Image
    Item
    Authenticating Users Through Fine-Grained Channel Information
    (IEEE, 2018-02) Liu, Hongbo; Wang, Yan; Liu, Jian; Yang, Jie; Chen, Yingying; Poor, H. Vincent; Engineering Technology, School of Engineering and Technology
    User authentication is the critical first step in detecting identity-based attacks and preventing subsequent malicious attacks. However, the increasingly dynamic mobile environments make it harder to always apply cryptographic-based methods for user authentication due to their infrastructural and key management overhead. Exploiting non-cryptographic based techniques grounded on physical layer properties to perform user authentication appears promising. In this work, the use of channel state information (CSI), which is available from off-the-shelf WiFi devices, to perform fine-grained user authentication is explored. Particularly, a user-authentication framework that can work with both stationary and mobile users is proposed. When the user is stationary, the proposed framework builds a user profile for user authentication that is resilient to the presence of a spoofer. The proposed machine learning based user-authentication techniques can distinguish between two users even when they possess similar signal fingerprints and detect the existence of a spoofer. When the user is mobile, it is proposed to detect the presence of a spoofer by examining the temporal correlation of CSI measurements. Both office building and apartment environments show that the proposed framework can filter out signal outliers and achieve higher authentication accuracy compared with existing approaches using received signal strength (RSS).
  • Thumbnail Image
    Item
    Revocable, Interoperable and User-Centric (Active) Authentication Across Cyberspace
    (Office of the Vice Chancellor for Research, 2014-04-11) Sui, Yan; Zou, Xukai; Du, Eliza Y.; Li, Feng
    This work addresses fundamental and challenging user authentication and universal identity issues and solves the problems of system usability, authentication data security, user privacy, irrevocability, interoperability, cross-matching attacks, and post-login authentication breaches associated with existing authentication systems. It developed a solid user-centric biometrics based authentication model, called Bio-Capsule (BC), and implemented an (active) authentication system. BC is the template derived from the (secure) fusion of a user’s biometrics and that of a Reference Subject (RS). RS is simply a physical object such as a doll or an artificial one, such as an image. It is users’ BCs, rather than original biometric templates, that are utilized for user authentication and identification. The implemented (active) authentication system will facilitate and safely protect individuals’ diffused cyber activities, which is particularly important nowadays, when people are immersed in cyberspace. User authentication is the first guard of any trustworthy computing system. Along with people’s immersion in the penetrated cyber space integrated with information, networked systems, applications and mobility, universal identity security& management and active authentication become of paramount importance for cyber security and user privacy. Each of three typical existing authentication methods, what you KNOW (Password/PIN), HAVE (SmartCard), and ARE (Fingerprint/Face/Iris) and their combinations, suffer from their own inherent problems. For example, biometrics is becoming a promising authentication/identification method because it binds an individual with his identity, is resistant to losses, and does not need to memorize/carry. However, biometrics introduces its own challenges. One serious problem with biometrics is that biometric templates are hard to be replaced once compromised. In addition, biometrics may disclose user’s sensitive information (such as race, gender, even health condition), thus creating user privacy concerns. In the recent years, there has been intensive research addressing biometric template security and replaceability, such as cancelable biometrics and Biometric Cryptosystems. Unfortunately, these approaches do not fully exploit biometric advantages (e.g., requiring a PIN), reduce authentication accuracy, and/or suffer from possible attacks. The proposed approach is the first elegant solution to effectively address irreplaceability, privacy-preserving, and interoperability of both login and after-login authentication. Our methodology preserves biometrics’ robustness and accuracy, without sacrificing system acceptability for the same user, and distinguishability between different users. Biometric features cannot be recovered from the user’s Biometric Capsule or Reference Subject, even when both are stolen. The proposed model can be applied at the signal, feature, or template levels, and facilitates integration with new biometric identification methods to further enhance authentication performance. Moreover, the proposed active, non-intrusive authentication is not only scalable, but also particularly suitable to emerging portable, mobile computing devices. In summary, the proposed approach is (i) usercentric, i.e., highly user friendly without additional burden on users, (ii) provably secure and resistant to attacks including cross-matching attacks, (iii) identity-bearing and privacy-preserving, (iv) replaceable, once Biometric Capsule is compromised, (v) scalable and highly adaptable, (vi) interoperable and single signing on across systems, and (vii) cost-effective and easy to use.