Design and Implementation of a Contextual-Based Continuous Authentication Framework for Smart Homes

Ashibani, Yosef; Kauling, Dylan; Mahmoud, Qusay H.

doi:10.3390/asi2010004

Cited by 29 publications

(16 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…According to the user's authentication policy, he/she will attain the authorization policy to access devices and locations. Another framework for smart homes is presented by Ashibani et al [18]. It provides continuous authentication based on contextual information.…”

Section: B Continuous Authenticationmentioning

confidence: 99%

“…Several authors proposed continuous authentication, and mainly focused on authenticating user-to-device (U2D), e.g., [15], [16], [17], [18], etc. Therefore, this research focuses on continuous authentication between devices referred to as device-to-device (D2D), where devices deal with and communicate with each other in the IoT environment.…”

mentioning

confidence: 99%

“…The device's features should be carefully selected to improve the authentication process. Moreover, the use of multiple features or contextual information to authenticate users would increase the reliability and security of the authentication process [18].…”

mentioning

confidence: 99%

See 2 more Smart Citations

A Robust Device-to-Device Continuous Authentication Protocol for the Internet of Things

Badhib¹,

Alshehri

Cherif

2021

IEEE Access

View full text Add to dashboard Cite

The Internet of Things (IoT) is a heterogeneous environment that connects billions of devices. Thus, it is a significantly high-value target for attackers and suffers from several threats, especially impersonation attacks during the session. Moreover, the denial of service attack (DoS) threatens IoT environments, as it affects the availability and energy of communicating devices. Continuous authentication solves session hijacking since it checks user legitimacy during the session. Several continuous authentication schemes were proposed to authenticate users to IoT devices, while few works addressed device-to-device authentication. Therefore, it is essential to authenticate devices because if one device gets compromised, then the whole system is at risk. Continuous authentication between devices differs from user-to-device authentication since it cannot rely on biometrics and passwords. This research proposes a fast and secure device-to-device continuous authentication protocol that relies on devices' features (token, battery, and location), and mitigates DoS attacks using shadow IDs and emergency keys. Moreover, it takes the sensor movement into account while preserving privacy. To evaluate the robustness and validate the security of the proposed protocol, we conducted informal and formal analyses using Scyther. In addition, we tested its performance to establish computation costs relative to the system counterparts. The results show the protocol is robust against security threats, incurring reasonable computational costs.

show abstract

Section: B Continuous Authenticationmentioning

confidence: 99%

mentioning

confidence: 99%

See 1 more Smart Citation

A Robust Device-to-Device Continuous Authentication Protocol for the Internet of Things

Badhib¹,

Alshehri

Cherif

2021

IEEE Access

View full text Add to dashboard Cite

show abstract

“…a PIN or password) and will be used at and beyond the login stage on the mobile device. This approach can be integrated as a second layer of authentication and identification in an implemented framework [36]. In this framework, a central controller hub, namely a smart home server that functions as the network controller, is responsible for user registration, authentication, and identification as well as feature collection and extraction.…”

Section: Proposed Modelmentioning

confidence: 99%

A Multi-Feature User Authentication Model Based on Mobile App Interactions

Ashibani

Mahmoud

2020

IEEE Access

Self Cite

View full text Add to dashboard Cite

Knowledge-based authentication approaches such as the use of passwords and personal identification numbers (PINs) are the most common ways of authenticating users. The main problem with such approach is relying on simple authentication login credentials at the login stage, and assuming the user is still the same between access sessions makes applications and networks vulnerable to access by unauthorized users. Application-level access patterns on smartphone and tablet devices can be utilized to provide an approach for continuously authenticating and identifying users. This paper presents a user authentication and identification method based on mobile application access patterns, and throughout the paper we use a smart home environment as a motivating scenario. To enhance the classification process, many features have been extracted and utilized which considerably improved differentiating between users and eliminating similarities in the access usage patterns. The proposed model has been evaluated using two datasets, and the results show an ability to authenticate users with high accuracy in terms of low false positive, false negative, and equal error rates. Overall, the statistical analysis of the extracted multi-features and the results show that the feasibility of decision-making based on app interactions can lead to high accuracy.INDEX TERMS Mobile app interactions, continuous user authentication and identification, multi-class classification, smart home networks.

show abstract

“…User profiles are then dynamically updated over time, thus guaranteeing the adaptability of the entire procedure. Another continuous authentication framework was detailed in [35], integrating contextual information for user authentication in smart homes. The framework proposed by the authors models behavioral profiles based on how users behave or what they do.…”

Section: Related Workmentioning

confidence: 99%

PALOT: Profiling and Authenticating Users Leveraging Internet of Things

Nespoli

Zago

Celdrán

et al. 2019

Sensors

View full text Add to dashboard Cite

Continuous authentication was introduced to propose novel mechanisms to validate users’ identity and address the problems and limitations exposed by traditional techniques. However, this methodology poses several challenges that remain unsolved. In this paper, we present a novel framework, PALOT, that leverages IoT to provide context-aware, continuous and non-intrusive authentication and authorization services. To this end, we propose a formal information system model based on ontologies, representing the main source of knowledge of our framework. Furthermore, to recognize users’ behavioral patterns within the IoT ecosystem, we introduced a new module called “confidence manager”. The module is then integrated into an extended version of our early framework architecture, IoTCAF, which is consequently adapted to include the above-mentioned component. Exhaustive experiments demonstrated the efficacy, feasibility and scalability of the proposed solution.

show abstract

Design and Implementation of a Contextual-Based Continuous Authentication Framework for Smart Homes

Cited by 29 publications

References 40 publications

A Robust Device-to-Device Continuous Authentication Protocol for the Internet of Things

A Robust Device-to-Device Continuous Authentication Protocol for the Internet of Things

A Multi-Feature User Authentication Model Based on Mobile App Interactions

PALOT: Profiling and Authenticating Users Leveraging Internet of Things

Contact Info

Product

Resources

About