Issue No. 02 - Feb. (2018 vol. 17)
Hongbo Liu , Department of Computer Information and Graphics Technology, Indiana University-Purdue University Indianapolis, Indianapolis, IN
Yan Wang , Department of Electrical and Computer Engineering, Stevens Institute of Technology, Hoboken, NJ
Jian Liu , Department of Electrical and Computer Engineering, Stevens Institute of Technology, Hoboken, NJ
Jie Yang , Department of Computer Science, Florida State University, Tallahassee, FL
Yingying Chen , Department of Electrical and Computer Engineering, Stevens Institute of Technology, Hoboken, NJ
H. Vincent Poor , Department of Electrical Engineering, Princeton University, Princeton, NJ
User authentication is the critical first step in detecting identity-based attacks and preventing subsequent malicious attacks. However, the increasingly dynamic mobile environments make it harder to always apply cryptographic-based methods for user authentication due to their infrastructural and key management overhead. Exploiting non-cryptographic based techniques grounded on physical layer properties to perform user authentication appears promising. In this work, the use of channel state information (CSI), which is available from off-the-shelf WiFi devices, to perform fine-grained user authentication is explored. Particularly, a user-authentication framework that can work with both stationary and mobile users is proposed. When the user is stationary, the proposed framework builds a user profile for user authentication that is resilient to the presence of a spoofer. The proposed machine learning based user-authentication techniques can distinguish between two users even when they possess similar signal fingerprints and detect the existence of a spoofer. When the user is mobile, it is proposed to detect the presence of a spoofer by examining the temporal correlation of CSI measurements. Both office building and apartment environments show that the proposed framework can filter out signal outliers and achieve higher authentication accuracy compared with existing approaches using received signal strength (RSS).
Authentication, Wireless communication, Mobile communication, Cryptography, Mobile computing, Correlation, Communication system security
H. Liu, Y. Wang, J. Liu, J. Yang, Y. Chen and H. V. Poor, "Authenticating Users Through Fine-Grained Channel Information," in IEEE Transactions on Mobile Computing, vol. 17, no. 2, pp. 251-264, 2018.