CAREER: Towards Secure and Usable IoT Authentication Under Constraints

职业：在约束下实现安全可用的物联网身份验证

• 批准号: 2144669
• 负责人: Qiang Zeng
• 金额: $ 54.57万
• 依托单位: University of South Carolina at Columbia
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-06-01 至 2023-02-28
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2144669&HistoricalAwards=false
• 关键词: CAREER; Towards; Secure; Usable; IoT

The booming development of Internet of Things (IoT) makes ever-growing impacts on various industries and daily lives. IoT authentication, which authenticates the legitimacy of a user and/or an IoT device, is among the most fundamental and critical IoT security problems. Existing approaches often suffer from insecurity (e.g., Bluetooth based proximity proving can be exploited by wireless attacks) or poor usability (e.g., requiring user interfaces or sensors unavailable on most IoT devices). The research advances secure and usable IoT authentication under constraints. Unlike many prior works that build authentication on proximity, which can be exploited by wireless attacks, the project's novelty is based on physical operations that cannot be spoofed by an attacker. The project's broader significance and importance are as follows. 1) The research can help people in rural areas or with disabilities have equal rights of access to modern techniques, such as drone delivery, without relying on special user-side hardware. 2) The research can make IoT pairing and authentication much easier and more secure, and the results have wide applications to smart health, forensics, and continuous security monitoring. 3) The PI will conduct outreach and educational activities that aim to increase awareness of cybersecurity in the K-12 community and broaden the participation of students from underrepresented groups. The project seeks to improve IoT authentication and deliver novel approaches, algorithms, techniques, and systems through the following thrusts. Thrust 1: Authentication for UI-Constrained Devices. A protocol that supports mutual authentication, over an insecure wireless channel, to establish trust between a UI-constrained device and the user to support authentication for heterogeneous IoT devices. Thrust 2: Authentication for Distance-Constrained Devices. A highly usable approach enables secure authentication between an IoT device and the user even when they are multiple meters apart, which has applications ranging from drone delivery to ride sharing. Thrust 3: Authentication for Operation-Constrained Devices. For traditional objects retrofitted with zero-UI sensor nodes, AI-assisted implicit authentication enables recognizing a user without requiring any explicit authentication operations. In sum, the research seeks to substantially advance IoT authentication and foster a variety of IoT applications.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

物联网的蓬勃发展对各行各业和人们的日常生活产生了越来越大的影响。物联网身份验证用于验证用户和/或物联网设备的合法性，是最基本、最关键的物联网安全问题之一。现有方法通常存在不安全性（例如，基于蓝牙的邻近度证明可能被无线攻击利用）或可用性差（例如，需要大多数物联网设备上不可用的用户界面或传感器）。该研究在限制下推进了安全且可用的物联网身份验证。与许多先前基于邻近度构建身份验证（可被无线攻击利用）的作品不同，该项目的新颖性基于攻击者无法欺骗的物理操作。该项目的更广泛意义和重要性如下。 1）该研究可以帮助农村地区或残疾人有平等的权利获得现代技术，例如无人机送货，而无需依赖特殊的用户端硬件。 2）该研究可以使物联网配对和身份验证变得更加容易和安全，其结果在智能健康、取证和持续安全监控方面具有广泛的应用。 3) PI 将开展外展和教育活动，旨在提高 K-12 社区的网络安全意识，并扩大代表性不足群体学生的参与。该项目旨在通过以下重点改进物联网身份验证并提供新颖的方法、算法、技术和系统。主旨 1：UI 受限设备的身份验证。一种支持相互身份验证的协议，通过不安全的无线通道在 UI 受限设备和用户之间建立信任，以支持异构 IoT 设备的身份验证。主旨 2：距离受限设备的身份验证。高度可用的方法可以在物联网设备和用户之间进行安全身份验证，即使它们相距数米，其应用范围从无人机送货到乘车共享。主旨 3：操作受限设备的身份验证。对于配备零 UI 传感器节点的传统对象，人工智能辅助隐式身份验证无需任何显式身份验证操作即可识别用户。总之，该研究旨在大幅推进物联网认证并促进各种物联网应用。该奖项反映了 NSF 的法定使命，并通过使用基金会的智力价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

Use It-No Need to Shake It!: Accurate Implicit Authentication for Everyday Objects with Smart Sensing

使用它-无需摇动它！：通过智能传感对日常物体进行准确的隐式身份验证

• DOI: 10.1145/3550322
• 发表时间: 2022-09
• 期刊: Wearable and Ubiquitous Technologies
• 作者: Wu, Chuxiong;Li, Xiaopeng;Zuo, Fei;Luo, Lannan;Du, Xiaojiang;Di, Jia;Zeng, Qiang
• 通讯作者: Zeng, Qiang

Authentication for drone delivery through a novel way of using face biometrics

通过使用面部生物识别技术的新颖方式对无人机送货进行身份验证

• DOI: 10.1145/3495243.3560550
• 发表时间: 2022-10
• 期刊: the 28th Annual International Conference on Mobile Computing And Networking
• 作者: Sharp, Jonathan;Wu, Chuxiong;Zeng, Qiang
• 通讯作者: Zeng, Qiang

G2Auth: secure mutual authentication for drone delivery without special user-side hardware

G2Auth：无人机交付的安全相互身份验证，无需特殊的用户端硬件

• DOI: 10.1145/3498361.3538941
• 发表时间: 2022-06
• 期刊: Applications and Services
• 作者: Wu, Chuxiong;Li, Xiaopeng;Luo, Lannan;Zeng, Qiang
• 通讯作者: Zeng, Qiang

IoT Phantom-Delay Attacks: Demystifying and Exploiting IoT Timeout Behaviors

物联网幻像延迟攻击：揭秘和利用物联网超时行为

• DOI: 10.1109/dsn53405.2022.00050
• 发表时间: 2022-06
• 期刊: 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN
• 作者: Fu, Chenglong;Zeng, Qiang;Chi, Haotian;Du, Xiaojiang;Valluru, Siva Likitha
• 通讯作者: Valluru, Siva Likitha