RT Journal Article
T1 Impact of injection attacks on sensor-based continuous authentication for smartphones
A1 González Manzano, Lorena
A1 Mahbub, Upal
A1 Fuentes García-Romero de Tejada, José María de
A1 Chellapa, Rama
AB Given the relevance of smartphones for accessing personalized services in smart cities, Continuous Authentication (CA) mechanisms are attracting attention to avoid impersonation attacks. Some of them leverage Data Stream Mining (DSM) techniques applied over sensorial information. Injection attacks can undermine the effectiveness of DSM-based CA by fabricating artificial sensorial readings. The goal of this paper is to study the impact of injection attacks in terms of accuracy and immediacy to illustrate the time the adversary remains unnoticed. Two well-known DSM techniques (K-Nearest Neighbours and Hoeffding Adaptive Trees) and three data sources (location, gyroscope and accelerometer) are considered due to their widespread usage Results show that even if the attacker does not previously know anything about the victim, a significant attack surface arises - 1.35 min are needed, in the best case, to detect the attack on gyroscope and accelerometer and 7.27 min on location data. Moreover, we show that the type of sensor at stake and configuration settings may have a dramatic effect on countering this threat.
PB Elsevier
SN 0140-3664
YR 2020
FD 2020-11-01
LK https://hdl.handle.net/10016/33776
UL https://hdl.handle.net/10016/33776
LA eng
NO This work was supported by the Spanish Ministry of Science, Innovation and Universities grants TIN2016-79095-C2-2-R (SMOG-DEV), PID2019-111429RBC21(ODIO); by Comunidad de Madrid (CAM) grant P2018/TCS4566 (CYNAMON-CM) funded with European FEDER funds; and CAVTIONS-CM-UC3M funded by UC3M and CAM .
DS e-Archivo
RD 3 may. 2024