Abstract
Active authentication of mobile devices such as smartphones and ipads is promising to enhance security to access confidential data or systems. In this paper, we propose an active authentication scheme, which exploits the physical-layer properties of ambient radio signals to identify mobile devices in indoor environments. More specifically, we discriminate mobile devices in different locations by analyzing the ambient radio sources, because the received signal strength indicator set of the ambient signals measured by a smartphone is usually different from that observed by its spoofer located in another area. We formulate the interactions between the legitimate mobile device and its spoofer as an active authentication game, in which the receiver chooses its test threshold in the hypothesis test in the spoofing detection, while the spoofer chooses its attack strength. In a dynamic radio environment with unknown attack parameters, we propose a learning-based authentication algorithm based on the physical-layer properties of the ambient radio environments. Simulation results show that the proposed scheme accurately detects spoofers in typical indoor environments.
Similar content being viewed by others
References
Aksari Y, Artuner H (2009) Active authentication by mouse movements. In: Proceedings of IEEE Int’l symposium computer and information sciences:571–574
Barto AG (1998) Reinforcement learning: an introduction. MIT press
Bo C, Zhang L, Li X-Y (2013) Silentsense: silent user identification via dynamics of touch and movement behavioral biometrics. arXiv: 1309.0073
Chang JM, Fang C, Ho K, Kelly N, Wu P, Ding Y, Chu C, Gilbert S, Kamal AE, Kung S (2013) Capturing cognitive fingerprints from keystroke dynamics for active authentication. IEEE IT Prof 15(4):24– 28
Chellappa R (2014) Screen fingerprints as a novel modality for active authentication. tech. rep., DTIC Document
Cuadrado F, Dueñas JC (2012) Mobile application stores: success factors, existing approaches, and future developments. IEEE Commun Mag 50(11):160–167
De Luca A, Hang A, Brudy F, Lindner C, Hussmann H (2012) Touch me once and i know it’s you!: Implicit authentication based on touch screen patterns. In: Proceedings of ACM the SIGCHI Conference Human Factors in Computing Systems, pp 987–996
Deutschmann I, Nordstrom P, Nilsson L (2013) Continuous authentication, using behavioral biometrics, with keystroke and mouse. IEEE IT Prof 15(4):12–15
Fathy ME, Patel VM, Yeh T, Zhang Y, Chellappa R, Davis LS (2014) Screen-based active user authentication. Pattern Recogn Lett 42:122–127
Frank M, Biedert R, Ma E, Martinovic I, Song D (2013) Touchalytics: on the applicability of touchscreen input as a behavioral biometric for continuous authentication. IEEE Trans Inf Forensic Secur 8(1):136–148
Guidorizzi RP (2013) Security: active authentication. IEEE IT Prof 15(4):4–7
Hou W, Wang X, Chouinard J, Refaey A (2014) Physical layer authentication for mobile systems with time-varying carrier frequency offsets. IEEE Trans Commun 62(5):1658–1667
Jiang Z, Zhao J, Li X-Y, Han J, Xi W (2013) Rejecting the attack: Source authentication for wi-fi management frames using csi information. In: Proceedings of IEEE INFOCOM, pp 2544– 2552
Li F, Clarke N, Papadaki M, Dowland P (2014) Active authentication for mobile devices utilising behaviour profiling. Int’l J Inf Secur 13(3):229–244
Liu FJ, Wang X, Tang H (2011) Robust physical layer authentication using inherent properties of channel impulse response. In: IEEE military communications conference (MILCOM), pp 538– 542
Liu FJ, Wang X, Primak SL (2013) A two dimensional quantization algorithm for cir-based physical layer authentication. In: IEEE Int’l Conference Communications (ICC):4724–4728
Liu H, Wang Y, Liu J, Yang J, Chen Y (2014) Practical user authentication leveraging channel state information (csi). In: Proceedings of ACM symposium information, computer and communications security, pp 389–400
Liu H, Wang Y, Liu J, Yang J, Chen Y (2014) Practical user authentication leveraging channel state information (csi). In: Proceedings of ACM Symposium Information, computer and communications security, pp 389–400
Mathur S, Miller R, Varshavsky A, Trappe W, Mandayam N (2011) Proximate: proximity-based secure pairing using ambient wireless signals. In: Proceedings of ACM Int’l Conference Mobile systems, applications, and services, pp 211–224
Nag AK, Dasgupta D (2014) An adaptive approach for continuous multi-factor authentication in an identity eco-system. In: Proceedings of ACM Annual Cyber and Information Security Research Conference, pp 65–68
Primo A, Phoha VV, Kumar R, Serwadda A (2014) Context-aware active authentication using smartphone accelerometer measurements. In: Proceedings of IEEE Conference Computer Vision and Pattern Recognition Workshops (CVPRW), pp 98–105
Roy A, Halevi T, Memon N (2014) An HMM-based behavior modeling approach for continuous mobile authentication. In: Proceedings of IEEE Int’l Conference Acoustics, Speech and Signal Processing (ICASSP), pp 3789–3793
Sae-Bae N, Ahmed K, Isbister K, Memon N (2012) Biometric-rich gestures: a novel approach to authentication on multi-touch devices. In: Proceedings of ACM the SIGCHI Conference Human Factors in Computing Systems, pp 977–986
Stolerman A, Fridman A, Greenstadt R, Brennan P, Juola P (2014) Active linguistic authentication using real-time stylometric evaluation for multi-modal decision fusion. In: Advances in digital forensics X. Springer, pp 165–183
Tugnait JK (2013) Wireless user authentication via comparison of power spectral densities. IEEE J Sel Areas Commun 31(9):1791–1802
Tugnait JK, Kim H (2010) A channel-based hypothesis testing approach to enhance user authentication in wireless networks. In: IEEE Int’l Conference Communication Systems and Networks (COMSNETS), pp 1–9
Wu X, Yang Z (2015) Physical-layer authentication for multi-carrier transmission. IEEE Commun Lett 19(1):74–77
Wu P, Fang C, Chang JM, Gilbert SB, Kung SY (2014) Cost-effective kernel ridge regression implementation for keystroke-based active authentication system. In: Proceedings of IEEE Int’l Conference Acoustics, Speech and Signal Processing (ICASSP), pp 6028–6032
Xiao L, Greenstein L, Mandayam N, Trappe W (2007) Fingerprints in the ether: Using the physical layer for wireless authentication. In: IEEE Int’l conference communication (ICC), pp 4646– 4651
Xiao L, Yan Q, Lou W, Chen G, Hou YT (2013) Proximity-based security techniques for mobile users in wireless networks. IEEE Trans Inf Forensic Secur 8(12):2089–2100
Xiao L, Yan Q, Lou W, Hou YT (2013) Proximity-based security using ambient radio signals. In: IEEE Int’l Conference Communications (ICC), pp 1609–1613
Yang J, Chen Y, Trappe W, Cheng J (2013) Detection and localization of multiple spoofing attackers in wireless networks. IEEE Trans Parallel Distrib Syst 24 (1):44–58
Yu PL, Baras JS, Sadler BM (2008) Physical-layer authentication. IEEE Trans Inf Forensic Secur 3(1):38–51
Zhang Y, Monrose F, Reiter MK (2010) The security of modern password expiration: an algorithmic framework and empirical analysis. In: Proceedings of ACM Conference Computer and Communications Security, pp 176–186
Zeng K, Govindan K, Mohapatra P (2010) Non-cryptographic authentication and identification in wireless networks. Netw Secur 17(5):56–62
Zheng Y, Li M, Lou W, Hou YT (2012) Sharp: private proximity test and secure handshake with cheat-proof location tags. In: ESORICS computer security. Springer, pp 361–378
Author information
Authors and Affiliations
Corresponding author
Additional information
This work is supported in part by NSFC (61271242, 61440002).
Rights and permissions
About this article
Cite this article
Liu, J., Xiao, L., Liu, G. et al. Active authentication with reinforcement learning based on ambient radio signals. Multimed Tools Appl 76, 3979–3998 (2017). https://doi.org/10.1007/s11042-015-2958-x
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-015-2958-x