scholarly journals Design and Implementation of a Contextual-Based Continuous Authentication Framework for Smart Homes

2019 ◽  
Vol 2 (1) ◽  
pp. 4 ◽  
Author(s):  
Yosef Ashibani ◽  
Dylan Kauling ◽  
Qusay Mahmoud
Keyword(s):  
User Authentication ◽  
Contextual Information ◽  
User Interaction ◽  
Smart Homes ◽  
Remote Access ◽  
Smart Devices ◽  
Continuous Authentication ◽  
Secure Information ◽  
Wide Range ◽  
Iot Devices

There has been a rapid increase in the number of Internet of Things (IoT) devices in the last few years, providing a wide range of services such as camera feeds, light controls, and door locks for remote access. Access to IoT devices, whether within the same environment or remotely via the Internet, requires proper security mechanisms in order to avoid disclosing any secure information or access privileges. Authentication, on which other security classes are built, is the most important part of IoT security. Without ensuring that the authorized party is who it claims to be, other security factors would be useless. Additionally, with the increased mobility of IoT devices, traditional authentication mechanisms, such as a username and password, are less effective. Numerous security challenges in the IoT domain have resulted in the proposal of many different approaches to authentication. Many of these methods require either carrying an authentication token, such as a smartcard, or restricting access to a particular physical location. Considering that most IoT devices contain a wide array of sensors, a large amount of contextual information can be provided. Thus, real-time security mechanisms can protect user access by, for example, utilizing contextual information to validate requests. A variety of contextual information can be retrieved to strengthen the authentication process, both at the time of access request and throughout the entire access session, without requiring user interaction, which avoids the risk of being discovered by attackers of these features. In this paper, we introduce a continuous authentication framework that integrates contextual information for user authentication in smart homes. The implementation and evaluation show that the framework can protect smart devices against unauthorized access from both anonymous and known users, either, locally or remotely, in a flexible manner and without requiring additional user intervention.

scholarly journals A Comprehensive Assessment on IOT Devices with Data Mining Techniques

2021 ◽  
Author(s):  
G. Vijay Kumar ◽  
M. Sreedevi ◽  
Arvind Yadav ◽  
B. Aruna
Keyword(s):  
Data Mining ◽  
Large Scale ◽  
Comprehensive Assessment ◽  
Smart Devices ◽  
Heterogeneous Environments ◽  
Data Mining Techniques ◽  
Wide Range ◽  
Entire World ◽  
Iot Devices ◽  
Cloud Technologies

Now at present development the entire world using vast variety of smart devices associated among sensors & handful of actuators. There is an enormous progress within the field of electronic communication; processing the data through devices and the bandwidth in internet technologies makes very easy to access and to interact with the variety of devices all over the whole world. There is a wide range research in the area of Internet of Things (IoT) along Cloud Technologies making to build incredible data which are creating from this type of heterogeneous environments and can be able to transform into a valuable knowledge with the help of data mining techniques. The knowledge that is generated will takes a crucial role in making intellectual decisions and also be a best possible resource management and services. In this paper we organized a comprehensive assessment on various data mining techniques engaged with small and large scale IoT applications to make the environment smart.

scholarly journals Secure Path: Block-Chaining IoT Information for Continuous Authentication in Smart Spaces

IoT ◽  
2021 ◽  
Vol 2 (2) ◽  
pp. 326-340
Author(s):  
Lorenzo Bracciale ◽  
Pierpaolo Loreti ◽  
Claudio Pisa ◽  
Alex Shahidi
Keyword(s):  
User Authentication ◽  
Single Point ◽  
Environmental Sensors ◽  
Smart Spaces ◽  
Secure Storage ◽  
Continuous Authentication ◽  
Wide Range ◽  
Authentication System ◽  
Analyse Data ◽  
The Internet Of Things

The Internet of Things offers a wide range of possibilities that can be exploited more or less explicitly for user authentication, ranging from specifically designed systems including biometric devices to environmental sensors that can be opportunistically used to feed behavioural authentication systems. How to integrate all this information in a reliable way to get a continuous authentication service presents several open challenges. Among these: how to combine semi-trusted information coming from non-tamper-proof sensors, where to store such data avoiding a single point of failure, how to analyse data in a distributed way, which interface to use to provide an authentication service to a multitude of different services and applications. In this paper, we present a Blockchain-based architectural solution of a distributed system able to transform IoT interactions into useful data for an authentication system. The design includes: (i) a security procedure to certify users’ positions and identities, (ii) a secure storage to hold this information, and (iii) a service to dynamically assign a trust level to a user’s position. We call this system “Secure Path”.

scholarly journals Biometrics for Internet-of-Things Security: A Review

Sensors ◽  
2021 ◽  
Vol 21 (18) ◽  
pp. 6163
Author(s):  
Wencheng Yang ◽  
Song Wang ◽  
Nor Masri Sahri ◽  
Nickson M. Karie ◽  
Mohiuddin Ahmed ◽  
...  
Keyword(s):  
Internet Of Things ◽  
Smart Devices ◽  
Future Research ◽  
Iot Security ◽  
Security Challenges ◽  
Wide Range ◽  
Comprehensive Survey ◽  
Future Research Directions ◽  
Iot Devices ◽  
Art Research

The large number of Internet-of-Things (IoT) devices that need interaction between smart devices and consumers makes security critical to an IoT environment. Biometrics offers an interesting window of opportunity to improve the usability and security of IoT and can play a significant role in securing a wide range of emerging IoT devices to address security challenges. The purpose of this review is to provide a comprehensive survey on the current biometrics research in IoT security, especially focusing on two important aspects, authentication and encryption. Regarding authentication, contemporary biometric-based authentication systems for IoT are discussed and classified based on different biometric traits and the number of biometric traits employed in the system. As for encryption, biometric-cryptographic systems, which integrate biometrics with cryptography and take advantage of both to provide enhanced security for IoT, are thoroughly reviewed and discussed. Moreover, challenges arising from applying biometrics to IoT and potential solutions are identified and analyzed. With an insight into the state-of-the-art research in biometrics for IoT security, this review paper helps advance the study in the field and assists researchers in gaining a good understanding of forward-looking issues and future research directions.

scholarly journals Multimodal Continuous User Authentication on Mobile Devices via Interaction Patterns

2021 ◽  
Vol 2021 ◽  
pp. 1-15
Author(s):  
Xiaomei Zhang ◽  
Pengming Zhang ◽  
Haomin Hu
Keyword(s):  
Mobile Devices ◽  
User Authentication ◽  
User Interaction ◽  
Behavior Modeling ◽  
Interaction Patterns ◽  
Hand Motion ◽  
Static Interaction ◽  
Continuous Authentication ◽  
Multimodal Systems ◽  
Continuous User

Behavior-based continuous authentication is an increasingly popular methodology that utilizes behavior modeling and sensing for authentication and account access authorization. As an appearing behavioral biometric, user interaction patterns with mobile devices focus on verifying their identity in terms of their features or operating styles while interacting with devices. However, unimodal continuous authentication schemes, which are on the basis of a single source of interaction information, can only deal with a particular action or scenario. Hence, multimodal systems should be taken to suit for various environmental conditions especially in circumstances of attacks. In this paper, we propose a multimodal continuous authentication method both based on static interaction patterns and dynamic interaction patterns with mobile devices. Behavioral biometric features, HMHP, which is combined hand motion (HM) and hold posture (HP), are essentially established upon the touch screen and accelerator and capture the variation model of microhand motions and hold patterns generated in both dynamic and static scenes. By combining the features of HM and HP, the fusion feature HMHP achieves 97% accuracy with a 3.49% equal error rate.

scholarly journals Smart Home Gateway Based on Integration of Deep Reinforcement Learning and Blockchain Framework

Processes ◽  
2021 ◽  
Vol 9 (9) ◽  
pp. 1593
Author(s):  
Zeinab Shahbazi ◽  
Yung-Cheol Byun ◽  
Ho-Young Kwak
Keyword(s):  
Reinforcement Learning ◽  
Smart Home ◽  
Smart Homes ◽  
Smart Devices ◽  
Home Gateway ◽  
Home Based ◽  
Information And Communication ◽  
Smart Home Gateway ◽  
Iot Devices ◽  
The Right

The development of information and communication technology in terms of sensor technologies cause the Internet of Things (IoT) step toward smart homes for prevalent sensing and management of resources. The gateway connections contain various IoT devices in smart homes representing the security based on the centralized structure. To address the security purposes in this system, the blockchain framework is considered a smart home gateway to overcome the possible attacks and apply Deep Reinforcement Learning (DRL). The proposed blockchain-based smart home approach carefully evaluated the reliability and security in terms of accessibility, privacy, and integrity. To overcome traditional centralized architecture, blockchain is employed in the data store and exchange blocks. The data integrity inside and outside of the smart home cause the ability of network members to authenticate. The presented network implemented in the Ethereum blockchain, and the measurements are in terms of security, response time, and accuracy. The experimental results show that the proposed solution contains a better outperform than recent existing works. DRL is a learning-based algorithm which has the most effective aspects of the proposed approach to improve the performance of system based on the right values and combining with blockchain in terms of security of smart home based on the smart devices to overcome sharing and hacking the privacy. We have compared our proposed system with the other state-of-the-art and test this system in two types of datasets as NSL-KDD and KDD-CUP-99. DRL with an accuracy of 96.9% performs higher and has a stronger output compared with Artificial Neural Networks with an accuracy of 80.05% in the second stage, which contains 16% differences in terms of improving the accuracy of smart homes.

scholarly journals Enhancing Security on IoT Devices via Machine Learning on Conditional Power Dissipation

Electronics ◽  
2020 ◽  
Vol 9 (11) ◽  
pp. 1799
Author(s):  
Dimitrios Myridakis ◽  
Stefanos Papafotikas ◽  
Konstantinos Kalovrektis ◽  
Athanasios Kakarountas
Keyword(s):  
Machine Learning ◽  
Power Dissipation ◽  
Low Cost ◽  
Rapid Development ◽  
Abnormal Behavior ◽  
Smart Devices ◽  
Side Channel ◽  
Sensitive Data ◽  
Wide Range ◽  
Iot Devices

The rapid development of connected devices and the sensitive data, which they produce, is a major challenge for manufacturers seeking to fully protect their devices from attack. Consumers expect their IoT devices and data to be adequately protected against a wide range of vulnerabilities and exploits. Successful attacks target IoT devices, cause security problems, and pose new challenges. Successful attacks from botnets residing on mastered IoT devices increase significantly in number and the severity of the damage they cause is similar to that of a war. The characteristics of attacks vary widely from attack to attack and from time to time. The warnings about the severity of the attacks indicate that there is a need for solutions to address the attacks from birth. In addition, there is a need to quarantine infected IoT devices, preventing the spread of the virus and thus the formation of the botnet. This work introduces the exploitation of side-channel attack techniques to protect the low-cost smart devices intuitively, and integrates a machine learning-based algorithm for Intrusion Detection, exploiting current supply characteristic dissipation. The results of this work showed successful detection of abnormal behavior of smart IoT devices.

Improving Energy Efficiency in Internet of Things using Artificial Bee Colony Algorithm

2020 ◽  
Vol 14 ◽  
Author(s):  
M. Sivaram ◽  
V. Porkodi ◽  
Amin Salih Mohammed ◽  
S. Anbu Karuppusamy
Keyword(s):  
Energy Efficiency ◽  
Energy Consumption ◽  
Artificial Bee Colony ◽  
Trust Model ◽  
Sensor Nodes ◽  
Remote Areas ◽  
Bee Colony ◽  
Important Concern ◽  
Wide Range ◽  
Iot Devices

Background: With the advent of IoT, the deployment of batteries with a limited lifetime in remote areas is a major concern. In certain conditions, the network lifetime gets restricted due to limited battery constraints. Subsequently, the collaborative approaches for key facilities help to reduce the constraint demands of the current security protocols. Aim: This work covers and combines a wide range of concepts linked by IoT based on security and energy efficiency. Specifically, this study examines the WSN energy efficiency problem in IoT and security for the management of threats in IoT through collaborative approaches and finally outlines the future. The concept of energy-efficient key protocols which clearly cover heterogeneous IoT communications among peers with different resources has been developed. Because of the low capacity of sensor nodes, energy efficiency in WSNs has been an important concern. Methods: Hence, in this paper, we present an algorithm for Artificial Bee Colony (ABC) which reviews security and energy consumption to discuss their constraints in the IoT scenarios. Results: The results of a detailed experimental assessment are analyzed in terms of communication cost, energy consumption and security, which prove the relevance of a proposed ABC approach and a key establishment. Conclusion: The validation of DTLS-ABC consists of designing an inter-node cooperation trust model for the creation of a trusted community of elements that are mutually supportive. Initial attempts to design the key methods for management are appropriate individual IoT devices. This gives the system designers, an option that considers the question of scalability.

scholarly journals Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication

Electronics ◽  
2021 ◽  
Vol 10 (15) ◽  
pp. 1819
Author(s):  
Rasa Bruzgiene ◽  
Konstantinas Jurgilas
Keyword(s):  
Information Systems ◽  
Identity Management ◽  
Critical Infrastructure ◽  
User Authentication ◽  
Remote Access ◽  
Access To Information ◽  
Digital Space ◽  
Cyber Threats ◽  
The Core ◽  
Common Target

Information systems of critical infrastructure provide services on which the core functions of a state and its economy depend as well as welfare of society. Such systems are becoming an increasingly common target for crimes and attacks in cyberspace, as their vulnerabilities can be exploited for malicious activities seeking financial or political gain. One of the main reasons that threatens the security of these systems is the weak control of remote access, otherwise defined as management of a system’s user identity. Management of user identity depends on user authentication, authorization and the assignment of certain rights in the digital space. This paper provides the proposed two-factor (2FA) digital authentication method for remote access to an information system of a critical infrastructure. Results of testing the method’s usability and resilience to cyber threats have shown that the system, in which the method was implemented, is protected from dangerous HTTP requests and publicly available system’s endpoints are protected from threatening inputs that could cause malicious activities on the critical infrastructure. Additionally, the implementation of the authentication API application ensures the rapidity of the method for less than 500 ms for 100 users working in parallel with the system at the same time.

scholarly journals A Framework for Continuous Authentication Based on Touch Dynamics Biometrics for Mobile Banking Applications

Sensors ◽  
2021 ◽  
Vol 21 (12) ◽  
pp. 4212
Author(s):  
Priscila Morais Argôlo Bonfim Estrela ◽  
Robson de Oliveira Albuquerque ◽  
Dino Macedo Amaral ◽  
William Ferreira Giozza ◽  
Rafael Timóteo de Sousa Júnior
Keyword(s):  
User Authentication ◽  
Internet Banking ◽  
Supervised Machine Learning ◽  
Smart Devices ◽  
Static Verification ◽  
User Behaviors ◽  
Legitimate User ◽  
Continuous User ◽  
Mobile Banking Applications ◽  
Effective Layer

As smart devices have become commonly used to access internet banking applications, these devices constitute appealing targets for fraudsters. Impersonation attacks are an essential concern for internet banking providers. Therefore, user authentication countermeasures based on biometrics, whether physiological or behavioral, have been developed, including those based on touch dynamics biometrics. These measures take into account the unique behavior of a person when interacting with touchscreen devices, thus hindering identitification fraud because it is hard to impersonate natural user behaviors. Behavioral biometric measures also balance security and usability because they are important for human interfaces, thus requiring a measurement process that may be transparent to the user. This paper proposes an improvement to Biotouch, a supervised Machine Learning-based framework for continuous user authentication. The contributions of the proposal comprise the utilization of multiple scopes to create more resilient reasoning models and their respective datasets for the improved Biotouch framework. Another contribution highlighted is the testing of these models to evaluate the imposter False Acceptance Error (FAR). This proposal also improves the flow of data and computation within the improved framework. An evaluation of the multiple scope model proposed provides results between 90.68% and 97.05% for the harmonic mean between recall and precision (F1 Score). The percentages of unduly authenticated imposters and errors of legitimate user rejection (Equal Error Rate (EER)) are between 9.85% and 1.88% for static verification, login, user dynamics, and post-login. These results indicate the feasibility of the continuous multiple-scope authentication framework proposed as an effective layer of security for banking applications, eventually operating jointly with conventional measures such as password-based authentication.

Sign in / Sign up

Export Citation Format

Share Document