The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
Serangan kelayakan yang berkembang pesat telah menjadi cabaran keselamatan yang hebat kepada sistem maklumat berasaskan kata laluan semasa. Baru-baru ini, faktor biometrik seperti muka, iris atau cap jari yang sukar dipalsukan meningkat sebagai elemen utama untuk mereka bentuk pengesahan tanpa kata laluan. Walau bagaimanapun, menangkap dan menganalisis faktor sedemikian biasanya memerlukan peranti khas, menghalang kebolehlaksanaan dan kepraktisannya. Untuk tujuan ini, kami mempersembahkan WiASK, tanpa peranti WiPenderiaan Fi didayakan Apengesahan System meneroka Kdinamik eystroke. Lebih khusus lagi, WiASK menangkap ketukan kekunci pengguna yang menaip rentetan yang mudah diingati yang telah ditetapkan yang memanfaatkan infrastruktur WiFi sedia ada. Tetapi daripada memfokuskan pada rentetan itu sendiri yang terdedah kepada serangan kata laluan, WiASK mentafsir cara ia ditaip, iaitu, dinamik ketukan kekunci, ke dalam identiti pengguna, berdasarkan korelasi yang disahkan secara biologi antara mereka. Kami membuat prototaip WiASK pada peranti WiFi di luar rak kos rendah dan mengesahkan prestasinya dalam tiga persekitaran sebenar. Keputusan empirikal menunjukkan bahawa WiASK mencapai purata ketepatan pengesahan 93.7%, kadar penerimaan palsu 2.5% dan kadar penolakan palsu 5.1%.
Yuanwei HOU
Peking University
Yu GU
Hefei University of Technology
Weiping LI
Peking University
Zhi LIU
The University of Electro-Communications
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Salinan
Yuanwei HOU, Yu GU, Weiping LI, Zhi LIU, "Combating Password Vulnerability with Keystroke Dynamics Featured by WiFi Sensing" in IEICE TRANSACTIONS on Fundamentals,
vol. E105-A, no. 9, pp. 1340-1347, September 2022, doi: 10.1587/transfun.2021EAP1119.
Abstract: The fast evolving credential attacks have been a great security challenge to current password-based information systems. Recently, biometrics factors like facial, iris, or fingerprint that are difficult to forge rise as key elements for designing passwordless authentication. However, capturing and analyzing such factors usually require special devices, hindering their feasibility and practicality. To this end, we present WiASK, a device-free WiFi sensing enabled Authentication System exploring Keystroke dynamics. More specifically, WiASK captures keystrokes of a user typing a pre-defined easy-to-remember string leveraging the existing WiFi infrastructure. But instead of focusing on the string itself which are vulnerable to password attacks, WiASK interprets the way it is typed, i.e., keystroke dynamics, into user identity, based on the biologically validated correlation between them. We prototype WiASK on the low-cost off-the-shelf WiFi devices and verify its performance in three real environments. Empirical results show that WiASK achieves on average 93.7% authentication accuracy, 2.5% false accept rate, and 5.1% false reject rate.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.2021EAP1119/_p
Salinan
@ARTICLE{e105-a_9_1340,
author={Yuanwei HOU, Yu GU, Weiping LI, Zhi LIU, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Combating Password Vulnerability with Keystroke Dynamics Featured by WiFi Sensing},
year={2022},
volume={E105-A},
number={9},
pages={1340-1347},
abstract={The fast evolving credential attacks have been a great security challenge to current password-based information systems. Recently, biometrics factors like facial, iris, or fingerprint that are difficult to forge rise as key elements for designing passwordless authentication. However, capturing and analyzing such factors usually require special devices, hindering their feasibility and practicality. To this end, we present WiASK, a device-free WiFi sensing enabled Authentication System exploring Keystroke dynamics. More specifically, WiASK captures keystrokes of a user typing a pre-defined easy-to-remember string leveraging the existing WiFi infrastructure. But instead of focusing on the string itself which are vulnerable to password attacks, WiASK interprets the way it is typed, i.e., keystroke dynamics, into user identity, based on the biologically validated correlation between them. We prototype WiASK on the low-cost off-the-shelf WiFi devices and verify its performance in three real environments. Empirical results show that WiASK achieves on average 93.7% authentication accuracy, 2.5% false accept rate, and 5.1% false reject rate.},
keywords={},
doi={10.1587/transfun.2021EAP1119},
ISSN={1745-1337},
month={September},}
Salinan
TY - JOUR
TI - Combating Password Vulnerability with Keystroke Dynamics Featured by WiFi Sensing
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 1340
EP - 1347
AU - Yuanwei HOU
AU - Yu GU
AU - Weiping LI
AU - Zhi LIU
PY - 2022
DO - 10.1587/transfun.2021EAP1119
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E105-A
IS - 9
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - September 2022
AB - The fast evolving credential attacks have been a great security challenge to current password-based information systems. Recently, biometrics factors like facial, iris, or fingerprint that are difficult to forge rise as key elements for designing passwordless authentication. However, capturing and analyzing such factors usually require special devices, hindering their feasibility and practicality. To this end, we present WiASK, a device-free WiFi sensing enabled Authentication System exploring Keystroke dynamics. More specifically, WiASK captures keystrokes of a user typing a pre-defined easy-to-remember string leveraging the existing WiFi infrastructure. But instead of focusing on the string itself which are vulnerable to password attacks, WiASK interprets the way it is typed, i.e., keystroke dynamics, into user identity, based on the biologically validated correlation between them. We prototype WiASK on the low-cost off-the-shelf WiFi devices and verify its performance in three real environments. Empirical results show that WiASK achieves on average 93.7% authentication accuracy, 2.5% false accept rate, and 5.1% false reject rate.
ER -