TY - GEN
T1 - Location-enhanced authentication using the IoT because you cannot be in two places at once
AU - Agadakos, Ioannis
AU - Hallgren, Per
AU - Damopoulos, Dimitrios
AU - Sabelfeld, Andrei
AU - Portokalidis, Georgios
N1 - Publisher Copyright:
© 2016 ACM.
PY - 2016/12/5
Y1 - 2016/12/5
N2 - User location can act as an additional factor of authentication in scenarios where physical presence is required, such as when making in-person purchases or unlocking a vehicle. This paper proposes a novel approach for estimating user location and modeling user movement using the Internet of Things (IoT). Our goal is to utilize its scale and diversity to estimate location more robustly, than solutions based on smartphones alone, and stop adversaries from using compromised user credentials (e.g., stolen keys, passwords, etc.), when sufficient evidence physically locates them elsewhere. To locate users, we leverage the increasing number of IoT devices carried and used by them and the smart environments that observe these devices. We also exploit the ability of many IoT devices to "sense" the user. To demonstrate our approach, we build a system, called Icelus. Our experiments with it show that it exhibits a smaller false-rejection rate than smartphone-based location-based authentication (LBA) and it rejects attackers with few errors (i.e., false acceptances).
AB - User location can act as an additional factor of authentication in scenarios where physical presence is required, such as when making in-person purchases or unlocking a vehicle. This paper proposes a novel approach for estimating user location and modeling user movement using the Internet of Things (IoT). Our goal is to utilize its scale and diversity to estimate location more robustly, than solutions based on smartphones alone, and stop adversaries from using compromised user credentials (e.g., stolen keys, passwords, etc.), when sufficient evidence physically locates them elsewhere. To locate users, we leverage the increasing number of IoT devices carried and used by them and the smart environments that observe these devices. We also exploit the ability of many IoT devices to "sense" the user. To demonstrate our approach, we build a system, called Icelus. Our experiments with it show that it exhibits a smaller false-rejection rate than smartphone-based location-based authentication (LBA) and it rejects attackers with few errors (i.e., false acceptances).
KW - Authentication
KW - Internet of things
KW - Location-based services
KW - Trust
UR - http://www.scopus.com/inward/record.url?scp=85007550389&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85007550389&partnerID=8YFLogxK
U2 - 10.1145/2991079.2991090
DO - 10.1145/2991079.2991090
M3 - Conference contribution
AN - SCOPUS:85007550389
T3 - ACM International Conference Proceeding Series
SP - 251
EP - 264
BT - Proceedings - 32nd Annual Computer Security Applications Conference, ACSAC 2016
T2 - 32nd Annual Computer Security Applications Conference, ACSAC 2016
Y2 - 5 December 2016 through 9 December 2016
ER -