Modern Authentication Schemes in Smartphones and IoT Devices: An Empirical Survey

Ahvanooey, Milad Taleby; Zhu, Mark Xuefang; Li, Qianmu; Mazurczyk, Wojciech; Choo, Kim‐Kwang Raymond; Gupta, Brij B.; Conti, Mauro

doi:10.1109/jiot.2021.3138073

Cited by 12 publications

(3 citation statements)

References 142 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The findings of this study shed light on the relationships between brand awareness (BA), perceived quality (PQ), perceived prestige value (PV), price premium (PP), brand preference (BP), and purchase intention in the context of smartphones [95][96][97]. The results indicate interesting variations across different countries and brands, revealing valuable insights into consumer behavior.…”

Section: Discussionmentioning

confidence: 79%

A Fuzzy-Based Analysis of the Mediating Factors Affecting Sustainable Purchase Intentions of Smartphones: The Case of Two Brands in Two Asian Countries

et al. 2023

View full text Add to dashboard Cite

Given their functionality, all smartphone brands are the same. Their similarities notwithstanding, they supply the same product at different prices in the same market. Strangely enough, the consumers do comply and willingly pay such price premiums. This study examines the mediation effect of price premium and brand preference on the causal impact of brand equity on sustainable purchase intention. The novelty of this study is in transforming the initial measures in a 5-point Likert scale into continuous values through a fuzzification and defuzzification process. Brand equity comprises three factors: brand awareness, perceived quality, and prestige value. Standardized questionnaire collected data in two countries (Taiwan and Indonesia) on two brands of smartphones (iPhone and HTC). Overall, 404 questionnaires were distributed in Taiwan, and 434 questionnaires were distributed in Indonesia. The data were analyzed by applying a structural equation model after conducting an exploratory and confirmatory factors analysis. In order to improve the estimations’ accuracy, the initial measures in a 5-point Likert scale were transformed into continuous values through a fuzzification and defuzzification process. The former consisted of assigning triangular fuzzy numbers, and the latter entailed assigning a center of gravity to each triangular fuzzy number and then extracting a random number from a normal distribution function based on the center of gravity. According to the results, price premium and brand preference exhibited significant mediation effects, with price premium having stronger effects than brand preference. Furthermore, the mediation effect was strongest for perceived quality and weakest for perceived prestige value.

show abstract

Section: Discussionmentioning

confidence: 79%

A Fuzzy-Based Analysis of the Mediating Factors Affecting Sustainable Purchase Intentions of Smartphones: The Case of Two Brands in Two Asian Countries

et al. 2023

View full text Add to dashboard Cite

show abstract

“…Various hardware-based authentication mechanisms [24], [14] are proposed to secure IoT authentication. These approaches consider various hardware features such as physical signal characteristics [36], [26], magnetic characteristics [21], sensors with human interaction [49], [38], [59], or physically unclonable functions (PUFs) [42].…”

Section: A Hardware-based Authenticationmentioning

confidence: 99%

From Hardware Fingerprint to Access Token: Enhancing the Authentication on IoT Devices

Xiao,

He,

Zhang

et al. 2024

Proceedings 2024 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

The proliferation of consumer IoT products in our daily lives has raised the need for secure device authentication and access control. Unfortunately, these resource-constrained devices typically use token-based authentication, which is vulnerable to token compromise attacks that allow attackers to impersonate the devices and perform malicious operations by stealing the access token. Using hardware fingerprints to secure their authentication is a promising way to mitigate these threats. However, once attackers have stolen some hardware fingerprints (e.g., via MitM attacks), they can bypass the hardware authentication by training a machine learning model to mimic fingerprints or by reusing these fingerprints to craft forged requests.In this paper, we present MCU-Token, a secure hardware fingerprinting framework for MCU-based IoT devices even if the cryptographic mechanisms (e.g., private keys) are compromised. MCU-Token can be easily integrated into various IoT devices by simply adding a short hardware fingerprint-based token to the existing payload. To prevent the reuse of this token, we propose a message mapping approach that binds the token to a specific request by generating the hardware fingerprints based on the request payload. To defeat the machine learning attacks, we mix the valid fingerprints with poisoning data so that attackers cannot train a usable model with the leaked tokens. MCU-Token can defend against adversaries who may replay, craft, and offload the requests via MitM or use both hardware (e.g., use identical devices) and software (e.g., machine learning attacks) strategies to mimic the fingerprints. The system evaluation shows that MCU-Token can achieve high accuracy (over 97%) with low overhead across various IoT devices and application scenarios.

show abstract

“…This is one of the principal requirements for any communication system and ensures that the right users (e.g., patients and physicians in a smart healthcare system) or devices (e.g., nodes and aggregators) can get access to the resources or take certain actions, and the services provided by an IoT network [77]. For example, granting access to the electronic health records and patient records.…”

Section: Authentication and Authorizationmentioning

confidence: 99%

Security in the Internet of Things Application Layer: Requirements, Threats, and Solutions

et al. 2022

View full text Add to dashboard Cite

Communication systems and networks are evolving as an integral part of not only of our everyday life but also as a part of the industry, fundamental infrastructures, companies, etc. Current directions and concepts, such as the Internet of Things (IoT), promise enhanced quality of life, greater business opportunities, cost-effective manufacturing, and efficient operation management through ubiquitous connectivity and deployment of smart physical objects. IoT networks are able to collect, preprocess, and transmit a huge amount of data. A considerable portion of this data is security-and privacycritical data, which makes IoT networks a tempting option for attackers. Given that these networks deal with the actual aspects of our lives and fundamental infrastructures (e.g. smart grids), cybersecurity in such networks is crucial. The large scale of these networks and their unique characteristics and complexity bring further vulnerabilities. In this study we give an introduction to IoT, focusing on the IoT application layer, security requirements, threats, and countermeasures in this layer, and some of the open issues and future research lines.

show abstract

Modern Authentication Schemes in Smartphones and IoT Devices: An Empirical Survey

Cited by 12 publications

References 142 publications

A Fuzzy-Based Analysis of the Mediating Factors Affecting Sustainable Purchase Intentions of Smartphones: The Case of Two Brands in Two Asian Countries

A Fuzzy-Based Analysis of the Mediating Factors Affecting Sustainable Purchase Intentions of Smartphones: The Case of Two Brands in Two Asian Countries

From Hardware Fingerprint to Access Token: Enhancing the Authentication on IoT Devices

Security in the Internet of Things Application Layer: Requirements, Threats, and Solutions

Contact Info

Product

Resources

About