In the near future, the process of authenticating to computers can be handled seamlessly with the usage of contextual information. In this project, we investigate a zero-effort continuous authentication system, ZEBRA. Continuous authentication is handled by validating sensor readings of a bracelet against input events observed at the session terminal. We identified a subtle incorrect assumption in the system architecture and used it to create an efficient attack strategy against the system, which allows an unauthorized user to remain logged in the system. In this project, we have built a real-time end-to-end implementation of ZEBRA and compared the security of the system against the claimed security of Mare et al.
People
- Otto Huhta, Aalto University
- Prakash Shrestha, University of Alabama at Birmingham
- Swapnil Udar, Aalto University
- Mika Juuti, Aalto University
- Nitesh Saxena, University of Alabama at Birmingham
- N. Asokan, Aalto University and University of Helsinki
Results
Demos/Posters
Research papers
- Technical report in arXiv
- Research paper at NDSS 2016 conference (to appear), February 2016
The Contextual Security project funded by the Academy of Finland.