(eds.) Insider Attack and Cyber Security, pp. In: Stolfo, S.J., Bellovin, S.M., Keromytis, A.D., Hershkop, S., Smith, S.W., Sinclair, S. Sinclair, S., Smith, S.W.: Preventative directions for insider threat mitigation via access control. In: The Network and Distributed System Security Symposium (NDSS) (2014) Rasmussen, K.B., Roeschlin, M., Martinovic, I., Tsudik, G.: Authentication using pulse- response biometrics. Pöpper, C., Tippenhauer, N.O., Danev, B., Capkun, S.: Investigation of signal and message manipulations on the wireless channel. In: 2015 12th IEEE International Conference on Advanced Video and Signal Based Surveillance (AVSS), pp.
#CHANGE RADBEACON FREQUENCY BLUETOOTH#
Palumbo, F., Barsocchi, P., Chessa, S., Augusto, J.C.: A stigmergic approach to indoor localization using Bluetooth low energy beacons. In: 2014 IEEE Symposium on Security and Privacy (SP), pp.
Mare, S., Markham, A.M., Cornelius, C., Peterson, R., Kotz, D.: Zebra: zero-effort bilateral recurring authentication. In: 2012 9th Workshop on Positioning Navigation and Communication (WPNC), pp. Kiliç, Y., Ali, A.J., Meijerink, A., Bentum, M.J., Scanlon, W.G.: The effect of human-body shadowing on indoor UWB TOA-based ranging systems. In: 2014 IEEE 3rd Global Conference on Consumer Electronics (GCCE), pp. Kajioka, S., Mori, T., Uchiya, T., Takumi, I., Matsuo, H.: Experiment of indoor position presumption based on RSSI of Bluetooth le beacon. Kaczmarek, T., Ozturk, E., Tsudik, G.: Assentication: user de-authentication and lunchtime attack mitigation with seated posture biometric. In: Network and Distributed System Security Symposium (NDSS), February 2016 Huhta, O., Shrestha, P., Udar, S., Juuti, M., Saxena, N., Asokan, N.: Pitfalls in designing zero-effort deauthentication: opportunistic human observation attacks. ACM (2002)Įberz, S., Rasmussen, K., Lenders, V., Martinovic, I.: Preventing lunchtime attacks: fighting insider threats with eye movement biometrics (2015)įaragher, R., Harle, R.: Location fingerprinting with Bluetooth low energy beacons. In: Proceedings of the 8th Annual International Conference on Mobile Computing and Networking, pp. IEEE (2017)Ĭorner, M.D., Noble, B.D.: Zero-interaction authentication. In: 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pp. IEEE (2015)Ĭonti, M., Lovisotto, G., Martinovic, I., Tsudik, G.: Fadewich: fast deauthentication over the wireless channel. In: 2015 IEEE International Conference on Consumer Electronics (ICCE), pp. IEEE (2016)Ĭhoi, M., Park, W.K., Lee, I.: Smart office energy management system using bluetooth low energy based beacons and a mobile app. In: 2016 IEEE Conference on Standards for Communications and Networking (CSCN), pp. IEEE (2012)īrauer, S., Zubow, A., Zehl, S., Roshandel, M., Mashhadi-Sohi, S.: On practical selective jamming of Bluetooth low energy advertising. In: 2012 IEEE Symposium on Security and Privacy, pp. 7(1), 116–139 (2012)īonneau, J.: The science of guessing: analyzing an anonymized corpus of 70 million passwords. Accessed 5 July 2018īanerjee, S.P., Woodard, D.L.: Biometric authentication and identification using keystroke dynamics: a survey. 1–10 (2015)Īpple: Potential sources of wi-fi and bluetooth interference (2017). In: European Conference on Cyber Warfare and Security, pp. KeywordsĪl Abdulwahid, A., Clarke, N., Stengel, I., Furnell, S., Reich, C.: A survey of continuous and transparent multibiometric authentication systems. We implemented DEB and conducted extensive experiments, showing a very high success rate, with a low risk of false positives when two beacons are used. DEB recognizes when the user physically steps away from the workstation, and transparently de-authenticates her in less than three seconds. It uses physical properties of wireless signals that cannot be trivially manipulated by an attacker. DEB can be easily deployed at a very low cost. The user is not required to wear or to be continuously interacting with any device. In DEB, the wireless signal emanates from a Bluetooth Low Energy Beacon, the only additional equipment needed. In this paper we propose DE-auth of the Blue (DEB) – a cheap, unobtrusive, fast and reliable system based on the impact of the human body on wireless signal propagation. Although there have been several proposals for automatic de-authentication, all of them have certain drawbacks, ranging from user burden to deployment costs and high rate of false positives. The so-called “lunchtime attack”, whereby a nearby attacker gains access to the casually departed user’s active log-in session, is a serious security risk that stems from lack of proper de-authentication. While user authentication (e.g., via passwords and/or biometrics) is considered important, the need for de-authentication is often underestimated.
0 kommentar(er)
