Daniel Hintze, Matthias Füller, Sebastian Scholz, R. Findling, Muhammad Muaaz, Philip G. Kapfer, Wilhelm Nüßer, R. Mayrhofer
{"title":"CORMORANT:在Android上实现风险感知的多模态生物识别跨设备认证","authors":"Daniel Hintze, Matthias Füller, Sebastian Scholz, R. Findling, Muhammad Muaaz, Philip G. Kapfer, Wilhelm Nüßer, R. Mayrhofer","doi":"10.1145/3365921.3365923","DOIUrl":null,"url":null,"abstract":"This paper presents the design and open source implementation of Cormorant, an Android authentication framework able to increase usability and security of mobile authentication. It uses transparent behavioral and physiological biometrics like gait, face, voice, and keystrokes dynamics to continuously evaluate the user's identity without explicit interaction. Using signals like location, time of day, and nearby devices to assess the risk of unauthorized access, the required level of confidence in the user's identity is dynamically adjusted. Authentication results are shared securely, end-to-end encrypted using the Signal messaging protocol, with trusted devices to facilitate cross-device authentication for co-located devices, detected using Bluetooth low energy beacons. Cormorant is able to reduce the authentication overhead by up to 97% compared to conventional knowledge-based authentication whilst increasing security at the same time. We share our perspective on some of the successes and shortcomings we encountered implementing and evaluating Cormorant to hope to inform others working on similar projects.","PeriodicalId":162326,"journal":{"name":"Proceedings of the 17th International Conference on Advances in Mobile Computing & Multimedia","volume":"17 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"CORMORANT: On Implementing Risk-Aware Multi-Modal Biometric Cross-Device Authentication For Android\",\"authors\":\"Daniel Hintze, Matthias Füller, Sebastian Scholz, R. Findling, Muhammad Muaaz, Philip G. Kapfer, Wilhelm Nüßer, R. Mayrhofer\",\"doi\":\"10.1145/3365921.3365923\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper presents the design and open source implementation of Cormorant, an Android authentication framework able to increase usability and security of mobile authentication. It uses transparent behavioral and physiological biometrics like gait, face, voice, and keystrokes dynamics to continuously evaluate the user's identity without explicit interaction. Using signals like location, time of day, and nearby devices to assess the risk of unauthorized access, the required level of confidence in the user's identity is dynamically adjusted. Authentication results are shared securely, end-to-end encrypted using the Signal messaging protocol, with trusted devices to facilitate cross-device authentication for co-located devices, detected using Bluetooth low energy beacons. Cormorant is able to reduce the authentication overhead by up to 97% compared to conventional knowledge-based authentication whilst increasing security at the same time. We share our perspective on some of the successes and shortcomings we encountered implementing and evaluating Cormorant to hope to inform others working on similar projects.\",\"PeriodicalId\":162326,\"journal\":{\"name\":\"Proceedings of the 17th International Conference on Advances in Mobile Computing & Multimedia\",\"volume\":\"17 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-12-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 17th International Conference on Advances in Mobile Computing & Multimedia\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3365921.3365923\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 17th International Conference on Advances in Mobile Computing & Multimedia","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3365921.3365923","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
CORMORANT: On Implementing Risk-Aware Multi-Modal Biometric Cross-Device Authentication For Android
This paper presents the design and open source implementation of Cormorant, an Android authentication framework able to increase usability and security of mobile authentication. It uses transparent behavioral and physiological biometrics like gait, face, voice, and keystrokes dynamics to continuously evaluate the user's identity without explicit interaction. Using signals like location, time of day, and nearby devices to assess the risk of unauthorized access, the required level of confidence in the user's identity is dynamically adjusted. Authentication results are shared securely, end-to-end encrypted using the Signal messaging protocol, with trusted devices to facilitate cross-device authentication for co-located devices, detected using Bluetooth low energy beacons. Cormorant is able to reduce the authentication overhead by up to 97% compared to conventional knowledge-based authentication whilst increasing security at the same time. We share our perspective on some of the successes and shortcomings we encountered implementing and evaluating Cormorant to hope to inform others working on similar projects.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
