The development of IoT has penetrated various sectors. The development of IoT devices continues to increase and is predicted to reach 75 billion by 2025. However, the development of IoT devices is not followed by security developments. Therefore, IoT devices can become gateways for cyber attacks, including brute force and sniffing attacks. Authentication mechanisms can be used to ward off attacks. However, the implementation of authentication mechanisms on IoT devices is challenging. IoT devices are dominated by constraint devices that have limited computing. Thus, conventional authentication mechanisms are not suitable for use. Two-factor authentication using RFID and fingerprint can be a solution in providing an authentication mechanism. Previous studies have proposed a two-factor authentication mechanism using RFID and fingerprint. However, previous research did not pay attention to message exchange security issues and did not provide mutual authentication. This research proposes a secure mutual authentication protocol using two-factor RFID and fingerprint using MQTT protocol. Two processes support the authentication process: the registration process and authentication. The proposed protocol is tested based on biometric security by measuring the false acceptance rate (FAR) and false rejection rate (FRR) on the fingerprint, measuring brute force attacks, and measuring sniffing attacks. The test results obtained the most optimal FAR and FRR at the 80\% threshold. Then the equal error rate (ERR) on FAR and FRR is around 59.5\%. Then, testing brute force and sniffing attacks found that the proposed protocol is resistant to both attacks.
Authored by Rizka Pahlevi, Vera Suryani, Hilal Nuha, Rahmat Yasirandi
The proliferation of sensitive information being stored online highlights the pressing need for secure and efficient user authentication methods. To address this issue, this paper presents a novel zero-effort two-factor authentication (2FA) approach that combines the unique characteristics of a user s environment and Machine Learning (ML) to confirm their identity. Our proposed approach utilizes Wi-Fi radio wave transmission and ML algorithms to analyze beacon frame characteristics and Received Signal Strength Indicator (RSSI) values from Wi-Fi access points to determine the user s location. The aim is to provide a secure and efficient method of authentication without the need for additional hardware or software. A prototype was developed using Raspberry Pi devices and experiments were conducted to demonstrate the effectiveness and practicality of the proposed approach. Results showed that the proposed system can significantly enhance the security of sensitive information in various industries such as finance, healthcare, and retail. This study sheds light on the potential of Wi-Fi radio waves and RSSI values as a means of user authentication and the power of ML to identify patterns in wireless signals for security purposes. The proposed system holds great promise in revolutionizing the field of 2FA and user authentication, offering a new era of secure and seamless access to sensitive information.
Authored by Ali AlQahtani, Thamraa Alshayeb
As digital ecosystems burgeon, the imperative to fortify user authentication methods intensifies. This paper introduces a novel two-factor authentication system designed to transcend the limitations of conventional password-based approaches. Our approach intertwines traditional login credentials with personalized image-based verification, ushering in a dual-layered authentication paradigm. This elevates security by mandating the fulfillment of two independent factors and engenders a user-centric authentication experience. Users establish primary login credentials during the account creation phase and select personalized images imbued with personal significance. Each image is intricately linked to a user-defined keyword, enhancing the authentication process s meaningfulness. The authentication phase comprises submitting primary credentials, random display of associated keywords, and subsequent user identification and image upload. The system intelligently restricts authentication attempts with differentiated limits for known and unknown devices to preempt password attacks. The amalgamation of personalized images, keywords, and a strategic limitation on authentication attempts distinguishes our system as a comprehensive solution. It mitigates the vulnerabilities associated with traditional authentication methods and augments the user experience. Our two-factor authentication system stands as a testament to the evolving landscape of user authentication, offering a secure and engaging pathway in an era of heightened digital vulnerabilities. While our innovative system presents significant progress, it is imperative to recognize certain limitations for a successful implementation. Ongoing attention and refinement are particularly crucial in addressing concerns related to device and image dependency and potential vulnerabilities associated with shoulder surfing attacks.
Authored by Essohanam Djeki, Jules Dégila, Muhtar Alhassan
In present authentication systems on the web, users are compelled to interact with identity providers. Initially, they are required to register on a particular website wherein they fill all their details. After this stage, they get a user id and password or token which they can use for accessing the application and their respective features. However, from security point of view, this type of system can be challenging. In such systems, authentication of data is available with the identity providers. It could be hacked to obtain the user passwords and other details. Various current systems track the activity of users and users provide access to sensitive information for the same. For example, access to storage, files, contacts, etc. To make sure that data is available, third-party servers are required which need to be available during authentication. In current, various methods for authentication such as Single-Factor, Two-Factor Authentication (2FA), Single Sign-On, Multi-Factor Authentication, etc are used. In this paper, we will study the authentication systems, their advantages and flaws along with the protocols used.
Authored by Anagha Chaudhari, Ashish Pawar, Adesh Pawar, Ajay Pawar, Ganesh Pawar
The two-factor authentication (2FA) has become pervasive as the mobile devices become prevalent. Existing 2FA solutions usually require some form of user involvement, which could severely affect user experience and bring extra burdens to users. In this work, we propose a secure 2FA that utilizes the individual acoustic fingerprint of the speaker/microphone on enrolled device as the second proof. The main idea behind our system is to use both magnitude and phase fingerprints derived from the frequency response of the enrolled device by emitting acoustic beep signals alternately from both enrolled and login devices and receiving their direct arrivals for 2FA. Given the input microphone samplings, our system designs an arrival time detection scheme to accurately identify the beginning point of the beep signal from the received signal. To achieve a robust authentication, we develop a new distance mitigation scheme to eliminate the impact of transmission distances from the sound propagation model for extracting stable fingerprint in both magnitude and phase domain. Our device authentication component then calculates a weighted correlation value between the device profile and fingerprints extracted from run-time measurements to conduct the device authentication for 2FA. Our experimental results show that our proposed system is accurate and robust to both random impersonation and Man-in-the-middle (MiM) attack across different scenarios and device models.
Authored by Yanzhi Ren, Tingyuan Yang, Zhiliang Xia, Hongbo Liu, Yingying Chen, Nan Jiang, Zhaohui Yuan, Hongwei Li
The objective of this paper is to introduce a scheme of comprehensive-factor authentication in edge computing, focusing on a case study of time attendance in smart environments. This authentication scheme deploys all possible factors to maximize security while maintaining usability at a specific smart context. The factors used include three classic elements: something you know, something you have, and something you are, plus an additional location factor. The usability issue involves the ability to reduce time used and to minimize the human actions required throughout the authentication process. The results show that all factors should be authenticated at once in background, and a user can successfully complete the authentication process by performing one or two actions simultaneously. Since user role in a smart environment can be more complicated than roles in other smart offices, role classification at an early stage is highly recommended. The case study reveals that the same setting can require varying levels of security and usability for each user.
Authored by Chalee Vorakulpipat, Ekkachan Rattanalerdnusorn, Sasakorn Pichetjamroen
Cyber-physical Systems can be defined as a complex networked control system, which normally develop by combining several physical components with the cyber space. Cyber Physical System are already a part of our daily life. As its already being a part of everyone life, CPS also have great potential security threats and can be vulnerable to various cyber-attacks without showing any sign directly to component failure. To protect user security and privacy is a fundamental concern of any kind of system; either it’s a simple web application or supplicated professional system. Digital Multifactor authentication is one of the best ways to make secure authentication. It covers many different areas of a Cyberconnected world, including online payments, communications, access right management, etc. Most of the time, Multifactor authentication is little complex as it requires extra step from users. This paper will discuss the evolution from single authentication to Multi-Factor Authentication (MFA) starting from Single-Factor Authentication (SFA) and through Two-Factor Authentication (2FA). This paper seeks to analyze and evaluate the most prominent authentication techniques based on accuracy, cost, and feasibility of implementation. We also suggest several authentication schemes which incorporate with Multifactor authentication for CPS.
Authored by Mangal Sain, Oloviddin Normurodov, Chen Hong, Kueh Hui
Two-factor authentication (2FA) is commonly used in Internet of Things (IoT) authentication to provide multi-layer protection. Tokens, often known as One-Time Passwords (OTP), are used to offer additional information. While this technique provides flexible verification and an additional layer of security, it still has a number of security issues. This is because it relies on third-party services to produce tokens or OTPs, which leads to serious information leakage issues. Additionally, relying on a third party to provide authentication tokens significantly increases the risk of exposure and attacks, as tokens can be stolen via Man-In-The-Middle (MITM) attacks. In trying to rectify this issue, in this paper, we propose and develop a blockchain-based two-factor authentication method for web-based access to sensor data. The proposed method provides a lightweight and usercentric authentication that makes use of Ethereum blockchain and smart contracts technologies. Then we provided performance and security analysis of our system. Based on the evaluation results, our method has proven to be effective and has the ability to facilitate reliable authentication.
Authored by Mwrwan Abubakar, Zakwan Jaroucheh, Ahmed Dubai, Xiaodong Liu
Two-factor authentication (2FA) offers very important security enhancement to traditional username-password authentication, while in many cases incurring undesirable user burdens (e.g., entering a one-time verification code sent to a phone via SMS). Some zero-effort authentication techniques (e.g., Sound-Proof) have been proposed to relieve such burdens without degrading security, but are vulnerable to prediction attacks and co-existence attacks. This paper proposes ABLE, a zeroeffort 2FA approach based on co-location detection leveraging environmental Bluetooth Low Energy (BLE) signal characteristics. In this approach, a laptop on which the user tries to authenticate to a web server, and the user’s smartphone placed nearby which is trusted by the server, both collect and send a record of environmental BLE signal characteristics to the server. The server decides whether the two devices are colocated by evaluating the similarity of the two records, and makes the authentication decision. ABLE is constructed based on the fact that only two devices in close proximity share similar environmental signal characteristics, which distinguishes a legitimate user device from potential adversaries. Due to its location-sensitive nature, combining favorable features brought with the BLE protocol, ABLE is gifted with good resistance to attacks that threaten existing zero-effort authentication schemes. ABLE is not only immune to remote attackers, but also achieves an accuracy over 90\% even against co-present attackers.
Authored by Yaxi He, Wei Wang, Yajun Teng, Qiongxiao Wang, Mingyue Wang, Jingqiang Lin
The development of IoT has penetrated various sectors. The development of IoT devices continues to increase and is predicted to reach 75 billion by 2025. However, the development of IoT devices is not followed by security developments. Therefore, IoT devices can become gateways for cyber attacks, including brute force and sniffing attacks. Authentication mechanisms can be used to ward off attacks. However, the implementation of authentication mechanisms on IoT devices is challenging. IoT devices are dominated by constraint devices that have limited computing. Thus, conventional authentication mechanisms are not suitable for use. Two-factor authentication using RFID and fingerprint can be a solution in providing an authentication mechanism. Previous studies have proposed a twofactor authentication mechanism using RFID and fingerprint. However, previous research did not pay attention to message exchange security issues and did not provide mutual authentication. This research proposes a secure mutual authentication protocol using two-factor RFID and fingerprint using MQTT protocol. Two processes support the authentication process: the registration process and authentication. The proposed protocol is tested based on biometric security by measuring the false acceptance rate (FAR) and false rejection rate (FRR) on the fingerprint, measuring brute force attacks, and measuring sniffing attacks. The test results obtained the most optimal FAR and FRR at the 80\% threshold. Then the equal error rate (ERR) on FAR and FRR is around 59.5\%. Then, testing brute force and sniffing attacks found that the proposed protocol is resistant to both attacks.
Authored by Rizka Pahlevi, Vera Suryani, Hilal Nuha, Rahmat Yasirandi
Increasing number of online services have brought great convenience to users, and remote user authentication schemes have been widely used to verify the legitimacy of the authorized users. However, most of the existing authentication schemes are based on password, in which users need to remember the complex passwords and change them frequently. In addition, the great majority of authentication schemes have security defects. Through the analysis of the scheme proposed by Haq et al., we find that it is difficult to resist the key compromise impersonation attack. Therefore, an improved two-factor multiserver authentication scheme without password is proposed. The perfect combination of the user s biological characteristics and the PUF s physical characteristics enhances the practicality and efficiency of the solution. Security analysis of the proposed scheme shows that it can resist various known security attacks.
Authored by Shuwan Sun, Weixin Bian, Dong Xie, Biao Jie, Yi Huang
This work proposes a two-factor authentication method by integrating the second factor into the authentication service in system with a centralized user s database. This approach made it possible to achieve the universality of the process and reduce the authentication time. In this case, the compromise of the first factor becomes inexpedient. Simulation showed that the rest of the authentication parameters meet the requirements defined by international standards for two-factor authentication procedures.
Authored by Bohdan Rezanov, Heorhii Kuchuk
There are three critical aspects of cyber security: authentication, safety, and secrecy. Consumers have access to a wide range of alternatives for improving the safety of passwordbased login systems. With two-factor authentication, the majority of this was done. Two-factor authentication combines singlefactor authentication processes. Two-factor authentication is becoming increasingly common and widely accepted in today’s technological age due to the growing need for privacy and security. Customized security measures are more effective and bought if they are easy to use and implement. For increased website and mobile app security, this study examines the consequences of using a three- factor authentication scheme. This post will present an app we built that might provide a good three-factor authentication approach without losing the convenience.
Authored by Mohammad Hossain, Sheikh Zaman, Tazria Khan, Sumiaya Katha, Md. Anwar, Muhammad Hossain
Privacy Policies and Measurement - With increased reliance of digital storage for personal, financial, medical, and policy information, a greater demand for robust digital authentication and cybersecurity protection measures results. Current security options include alpha-numeric passwords, two factor authentication, and bio-metric options such as fingerprint or facial recognition. However, all of these methods are not without their drawbacks. This projects leverages the fact that the use of physical handwritten signatures is still prevalent in society, and the thoroughly trained process and motions of handwritten signatures is unique for every individual. Thus, a writing stylus that can authenticate its user via inertial signature detection is proposed, which classifies inertial measurement features for user identification. The current prototype consists of two triaxial accelerometers, one mounted at each of the stylus’ terminal ends. Features extracted from how the pen is held, stroke styles, and writing speed can affect the stylus tip accelerations which leads to a unique signature detection and to deter forgery attacks. Novel, manual spatiotemporal features relating to such metrics were proposed and a multi-layer perceptron was utilized for binary classification. Results of a preliminary user study are promising with overall accuracy of 95.7\%, sensitivity of 100\%, and recall rate of 90\%.
Authored by Divas Subedi, Isabella Yung, Digesh Chitrakar, Kevin Huang
Multifactor Authentication - Internet connected Children s toys are a type of IoT devices that the security community should pay particular attention. A cyber-predator may interact with or gather confidential data about children without being physically present if IoT toys are hacked. Authentication to verify user identity is essential for all internetconnected applications, where relying on single authentication is not considered safe, especially in children s applications. Children often use easy-to-guess passwords in smart applications associated with the Internet of Things (IoT) for children s toys. In this paper, we propose to activate multi-factor authentication on the IoTs for children s toys connected to the internet using companion applications. When changing the user s behaviour (by IP address, GPS, OS version, and browser), the child s identity must be verified by two-factor authentication to prevent unauthorized access to preserve the child s safety and privacy. This paper introduces multi-authentication mechanisms: a password and another authentication type, either mobile phone SMS, security token, digital certificate, or biometric authentication.
Authored by Manal Alanazi, Majed Aborokbah
Multifactor Authentication - Cyber-physical Systems can be defined as a complex networked control system, which normally develop by combining several physical components with the cyber space. Cyber Physical System are already a part of our daily life. As its already being a part of everyone life, CPS also have great potential security threats and can be vulnerable to various cyber-attacks without showing any sign directly to component failure. To protect user security and privacy is a fundamental concern of any kind of system; either it’s a simple web application or supplicated professional system. Digital Multifactor authentication is one of the best ways to make secure authentication. It covers many different areas of a Cyberconnected world, including online payments, communications, access right management, etc. Most of the time, Multifactor authentication is little complex as it requires extra step from users. This paper will discuss the evolution from single authentication to Multi-Factor Authentication (MFA) starting from Single-Factor Authentication (SFA) and through Two-Factor Authentication (2FA). This paper seeks to analyze and evaluate the most prominent authentication techniques based on accuracy, cost, and feasibility of implementation. We also suggest several authentication schemes which incorporate with Multifactor authentication for CPS.
Authored by Mangal Sain, Oloviddin Normurodov, Chen Hong, Kueh Hui
Multifactor Authentication - Authentication is one of the primary problems with system security. The key component of the access control process to prevent unauthorised users from accessing data and resources is authentication, which may be described as the act of verifying a user s identity. The validity of the user cannot be guaranteed by a static technique of authentication. This led to the development of more cutting-edge authentication techniques. To increase the system s security, two factor authentication was initially deployed, followed by multi factor authentication. Later, adaptive authentication was added and it also had some problems. When authenticating a user in this study, an unique collection of user features was taken into account. A performance optimization technique was included since this research takes many user factors into account, and it improved performance by 25\%.
Authored by Shaik Akram, S.K. Joshi, Rajesh Deorari
Multifactor Authentication - Authentication is a mandatory factor in network security since decades. Conventional authentication schemes failed to improve system’s security, performance and scalability thus, two-factor, three factor and multifactor authentication schemes are developed. As technology grows, from single server authentication to multiserver authentication schemes and protocols are emerged. Single to multifactor authentication can be used as per the aspect and field of study. Different aspects may use different cryptographic schemes, key agreement to improve security, performance and scalability.
Authored by Parvathy Pg, Dhanya K
Security and Controls with Data privacy in Internet of Things (IoT) devices is not only a present and future technology that is projected to connect a multitude of devices, but it is also a critical survival factor for IoT to thrive. As the quantity of communications increases, massive amounts of data are expected to be generated, posing a threat to both physical device and data security. In the Internet of Things architecture, small and low-powered devices are widespread. Due to their complexity, traditional encryption methods and algorithms are computationally expensive, requiring numerous rounds to encrypt and decode, squandering the limited energy available on devices. A simpler cryptographic method, on the other hand, may compromise the intended confidentiality and integrity. This study examines two lightweight encryption algorithms for Android devices: AES and RSA. On the other hand, the traditional AES approach generates preset encryption keys that the sender and receiver share. As a result, the key may be obtained quickly. In this paper, we present an improved AES approach for generating dynamic keys.
Authored by RV Chandrashekhar, J Visumathi, PeterSoosai Anandaraj
The increasing number of vehicles registered demands for safe and secure carparks due to increase in vehicle theft. The current Automatic Number Plate Recognition (ANPR) systems is a single authentication system and hence it is not secure. Therefore, this research has developed a double authentication system by combing ANPR with a Quick Response (QR) code system to create ANPR-DAS that improves the security at a carpark. It has yielded an accuracy of up to 93% and prevents car theft at a car park.
Authored by Ezilaan Irraivan, Swee Phang
Service-oriented architecture (SOA) is a widely adopted architecture that uses web services, which have become increasingly important in the development and integration of applications. Its purpose is to allow information system technologies to interact by exchanging messages between sender and recipient using the simple object access protocol (SOAP), an XML document, or the HTTP protocol. We will attempt to provide an overview and analysis of standards in the field of web service security, specifically SOAP messages, using Kerberos authentication, which is a computer network security protocol that provides users with high security for requests between two or more hosts located in an unreliable location such as the internet.Everything that has to do with Kerberos has to deal with systems that rely on data authentication.
Authored by Grela Ajvazi, Festim Halili
The development of IoT has penetrated various sectors. The development of IoT devices continues to increase and is predicted to reach 75 billion by 2025. However, the development of IoT devices is not followed by security developments. Therefore, IoT devices can become gateways for cyber attacks, including brute force and sniffing attacks. Authentication mechanisms can be used to ward off attacks. However, the implementation of authentication mechanisms on IoT devices is challenging. IoT devices are dominated by constraint devices that have limited computing. Thus, conventional authentication mechanisms are not suitable for use. Two-factor authentication using RFID and fingerprint can be a solution in providing an authentication mechanism. Previous studies have proposed a two-factor authentication mechanism using RFID and fingerprint. However, previous research did not pay attention to message exchange security issues and did not provide mutual authentication. This research proposes a secure mutual authentication protocol using two-factor RFID and fingerprint using MQTT protocol. Two processes support the authentication process: the registration process and authentication. The proposed protocol is tested based on biometric security by measuring the false acceptance rate (FAR) and false rejection rate (FRR) on the fingerprint, measuring brute force attacks, and measuring sniffing attacks. The test results obtained the most optimal FAR and FRR at the 80% threshold. Then the equal error rate (ERR) on FAR and FRR is around 59.5%. Then, testing brute force and sniffing attacks found that the proposed protocol is resistant to both attacks.
Authored by Rizka Pahlevi, Vera Suryani, Hilal Nuha, Rahmat Yasirandi
Cyber-physical Systems can be defined as a complex networked control system, which normally develop by combining several physical components with the cyber space. Cyber Physical System are already a part of our daily life. As its already being a part of everyone life, CPS also have great potential security threats and can be vulnerable to various cyber-attacks without showing any sign directly to component failure. To protect user security and privacy is a fundamental concern of any kind of system; either it’s a simple web application or supplicated professional system. Digital Multifactor authentication is one of the best ways to make secure authentication. It covers many different areas of a Cyber-connected world, including online payments, communications, access right management, etc. Most of the time, Multifactor authentication is little complex as it requires extra step from users. This paper will discuss the evolution from single authentication to Multi-Factor Authentication (MFA) starting from Single-Factor Authentication (SFA) and through Two-Factor Authentication (2FA). This paper seeks to analyze and evaluate the most prominent authentication techniques based on accuracy, cost, and feasibility of implementation. We also suggest several authentication schemes which incorporate with Multifactor authentication for CPS.
Authored by Mangal Sain, Oloviddin Normurodov, Chen Hong, Kueh Hui