Impact of injection attacks on sensor-based continuous authentication for smartphones

e-Archivo Repository

Show simple item record González Manzano, Lorena Mahbub, Upal Fuentes García-Romero de Tejada, José María de Chellapa, Rama 2021-12-15T15:52:46Z 2021-12-15T15:52:46Z 2020-11-01
dc.identifier.bibliographicCitation González-Manzano, L., Mahbub, U., Fuentes, J.M., Chellapa, R. (2020). Impact of injection attacks on sensor-based continuous authentication for smartphones. Computer Communications, 163, pp. 150-161.
dc.identifier.issn 0140-3664
dc.description.abstract Given the relevance of smartphones for accessing personalized services in smart cities, Continuous Authentication (CA) mechanisms are attracting attention to avoid impersonation attacks. Some of them leverage Data Stream Mining (DSM) techniques applied over sensorial information. Injection attacks can undermine the effectiveness of DSM-based CA by fabricating artificial sensorial readings. The goal of this paper is to study the impact of injection attacks in terms of accuracy and immediacy to illustrate the time the adversary remains unnoticed. Two well-known DSM techniques (K-Nearest Neighbours and Hoeffding Adaptive Trees) and three data sources (location, gyroscope and accelerometer) are considered due to their widespread usage Results show that even if the attacker does not previously know anything about the victim, a significant attack surface arises - 1.35 min are needed, in the best case, to detect the attack on gyroscope and accelerometer and 7.27 min on location data. Moreover, we show that the type of sensor at stake and configuration settings may have a dramatic effect on countering this threat.
dc.description.sponsorship This work was supported by the Spanish Ministry of Science, Innovation and Universities grants TIN2016-79095-C2-2-R (SMOG-DEV), PID2019-111429RBC21(ODIO); by Comunidad de Madrid (CAM) grant P2018/TCS4566 (CYNAMON-CM) funded with European FEDER funds; and CAVTIONS-CM-UC3M funded by UC3M and CAM .
dc.language.iso eng
dc.publisher Elsevier
dc.rights © 2020 The Author(s). Published by Elsevier B.V.
dc.rights Atribución-NoComercial-SinDerivadas 3.0 España
dc.subject.other continuous authentication (CA)
dc.subject.other data stream mining
dc.subject.other injection attacks
dc.subject.other smartphones
dc.title Impact of injection attacks on sensor-based continuous authentication for smartphones
dc.type article
dc.subject.eciencia Informática
dc.rights.accessRights openAccess
dc.relation.projectID Gobierno de España. TIN2016-79095-C2-2-R
dc.relation.projectID Gobierno de España. PID2019-111429RBC21(ODIO)
dc.relation.projectID Comunidad de Madrid. P2018/TCS4566
dc.type.version publishedVersion
dc.identifier.publicationfirstpage 150
dc.identifier.publicationlastpage 161
dc.identifier.publicationtitle COMPUTER COMMUNICATIONS
dc.identifier.publicationvolume 163
dc.identifier.uxxi AR/0000027708
dc.contributor.funder Comunidad de Madrid
dc.contributor.funder European Commission
dc.contributor.funder Ministerio de Ciencia, Innovación y Universidades (España)
 Find Full text

Files in this item

*Click on file's image for preview. (Embargoed files's preview is not supported)

The following license files are associated with this item:

This item appears in the following Collection(s)

Show simple item record