D. Chaudhari, Mohammad Zulkernine, Komminist Weldemariam
Software components are meant to be reusable and flexible by design. These characteristics and others continue attracting software developers to adapt a component (typically designed elsewhere) into their systems. However, software components are also believed to be most vulnerable to reliability and security problems due to the existence of non-obvious faults. In this paper, we present a framework that can help software system developers in detecting and ranking components failures systematically. Our approach can allow monitoring critical components within a software system under instrumentation and detecting failures based on specifications. Furthermore, the approach uses failure data and input from developers and rank the components accordingly. A prototype tool is designed along with a number of failure scenarios to detect specific failure types within a component of software system. We conducted an experimental evaluation to assess the effectiveness of the proposed approach and prototype tool and to measure its performance overhead. Our experimental results show that the approach can benefit system developers by prioritizing the maintenance of components with a minimal overhead.
{"title":"FRanC: A Ranking Framework for the Prioritization of Software Maintenance","authors":"D. Chaudhari, Mohammad Zulkernine, Komminist Weldemariam","doi":"10.1109/SERE-C.2014.20","DOIUrl":"https://doi.org/10.1109/SERE-C.2014.20","url":null,"abstract":"Software components are meant to be reusable and flexible by design. These characteristics and others continue attracting software developers to adapt a component (typically designed elsewhere) into their systems. However, software components are also believed to be most vulnerable to reliability and security problems due to the existence of non-obvious faults. In this paper, we present a framework that can help software system developers in detecting and ranking components failures systematically. Our approach can allow monitoring critical components within a software system under instrumentation and detecting failures based on specifications. Furthermore, the approach uses failure data and input from developers and rank the components accordingly. A prototype tool is designed along with a number of failure scenarios to detect specific failure types within a component of software system. We conducted an experimental evaluation to assess the effectiveness of the proposed approach and prototype tool and to measure its performance overhead. Our experimental results show that the approach can benefit system developers by prioritizing the maintenance of components with a minimal overhead.","PeriodicalId":373062,"journal":{"name":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","volume":"143 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127299378","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A notification service alerts a large number of recipients of important or emergency events in a timely manner. A Denial of Service (DoS) attack inserts unnecessary traffic to slow down or choke the notification service. A challenge of detecting DoS attacks lies in distinguishing them from temporary surges in normal traffic. This paper proposes an escalation hierarchy to detect DoS attacks by monitoring performance degradations at various levels. Our analysis shows the effectiveness of the approach. Further trials are underway.
{"title":"Detecting DoS Attacks on Notification Services","authors":"J. J. Li, T. Savor","doi":"10.1109/SERE-C.2014.38","DOIUrl":"https://doi.org/10.1109/SERE-C.2014.38","url":null,"abstract":"A notification service alerts a large number of recipients of important or emergency events in a timely manner. A Denial of Service (DoS) attack inserts unnecessary traffic to slow down or choke the notification service. A challenge of detecting DoS attacks lies in distinguishing them from temporary surges in normal traffic. This paper proposes an escalation hierarchy to detect DoS attacks by monitoring performance degradations at various levels. Our analysis shows the effectiveness of the approach. Further trials are underway.","PeriodicalId":373062,"journal":{"name":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116634655","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Since EPCglobal announced Class 1 Generation 2 tag (Gen2) as the standard tag for supply chain management applications and Gen2 was ratified as an ISO 18000-6C standard, much effort has been devoted to promoting various Gen2-based applications and improving the security of Gen2. However, as many Gen2-based applications go beyond the original supply chain management and the security requirements of these applications could not be fulfilled without modifying the original Gen2 standards, EPC Global recently (2013/11) announced the revised Gen2 standard-called Gen2 version 2 (Gen2v2 for short), Gen2v2 includes several new security and file management features to fit various possible application requirements. Inspired by these new features, Engels et al. proposed two Gen2v2-based mutual authentication schemes. In this paper, we cryptanalyze the protocols, show the security weaknesses, and proposed our improvements.
自EPCglobal宣布将Class 1 Generation 2 tag (Gen2)作为供应链管理应用的标准标签,并批准Gen2为ISO 18000-6C标准以来,EPCglobal一直致力于推广各种基于Gen2的应用并提高Gen2的安全性。然而,由于许多基于Gen2的应用超出了原有的供应链管理,并且这些应用的安全需求无法在不修改原始Gen2标准的情况下得到满足,EPC Global最近(2013/11)宣布了修订后的Gen2标准-称为Gen2 version 2(简称Gen2v2), Gen2v2包含了几个新的安全和文件管理功能,以适应各种可能的应用需求。受这些新特性的启发,Engels等人提出了两种基于gen2v2的相互认证方案。本文对协议进行了密码分析,指出了协议的安全弱点,并提出了改进方案。
{"title":"New Gen2v2-Based Mutual Authentication Schemes","authors":"H. Chien","doi":"10.1109/SERE-C.2014.26","DOIUrl":"https://doi.org/10.1109/SERE-C.2014.26","url":null,"abstract":"Since EPCglobal announced Class 1 Generation 2 tag (Gen2) as the standard tag for supply chain management applications and Gen2 was ratified as an ISO 18000-6C standard, much effort has been devoted to promoting various Gen2-based applications and improving the security of Gen2. However, as many Gen2-based applications go beyond the original supply chain management and the security requirements of these applications could not be fulfilled without modifying the original Gen2 standards, EPC Global recently (2013/11) announced the revised Gen2 standard-called Gen2 version 2 (Gen2v2 for short), Gen2v2 includes several new security and file management features to fit various possible application requirements. Inspired by these new features, Engels et al. proposed two Gen2v2-based mutual authentication schemes. In this paper, we cryptanalyze the protocols, show the security weaknesses, and proposed our improvements.","PeriodicalId":373062,"journal":{"name":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128559938","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Attacks to Web systems have shown an increasing trend in the recent past. A contributing factor to this trend is the deployment of Web 2.0 technologies. While work related to characterization and classification of malicious Web traffic using supervised learning exists, little work has been done using semi-supervised learning with partially labeled data. In this paper an incremental semi-supervised algorithm (CSL-Stream) is used to classify malicious Web traffic to multiple classes, as well as to analyze the concept drift and concept evolution phenomena. The work is based on data collected in duration of nine months by a high-interaction honeypot running Web 2.0 applications. The results showed that on completely labeled data semi-supervised learning performed only slightly worse than the supervised learning algorithm. More importantly, multiclass classification of the partially labeled malicious Web traffic (i.e., 50% or 25% labeled sessions) was almost as good as the classification of completely labeled data.
{"title":"Classification of Partially Labeled Malicious Web Traffic in the Presence of Concept Drift","authors":"Goce Anastasovski, K. Goseva-Popstojanova","doi":"10.1109/SERE-C.2014.31","DOIUrl":"https://doi.org/10.1109/SERE-C.2014.31","url":null,"abstract":"Attacks to Web systems have shown an increasing trend in the recent past. A contributing factor to this trend is the deployment of Web 2.0 technologies. While work related to characterization and classification of malicious Web traffic using supervised learning exists, little work has been done using semi-supervised learning with partially labeled data. In this paper an incremental semi-supervised algorithm (CSL-Stream) is used to classify malicious Web traffic to multiple classes, as well as to analyze the concept drift and concept evolution phenomena. The work is based on data collected in duration of nine months by a high-interaction honeypot running Web 2.0 applications. The results showed that on completely labeled data semi-supervised learning performed only slightly worse than the supervised learning algorithm. More importantly, multiclass classification of the partially labeled malicious Web traffic (i.e., 50% or 25% labeled sessions) was almost as good as the classification of completely labeled data.","PeriodicalId":373062,"journal":{"name":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","volume":"467 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116412000","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Virtualization's architectural abstraction and encapsulation of guest systems in virtual machines facilitate migration, but existing real-time virtualization solutions are characterized by a static mapping of virtual machines to processors. This work studies migration of virtual machines with real-time constraints on homogeneous multiprocessor architectures as a service restoration in response to hardware faults. The migration policy respects real-time requirements and minimizes and predicts deadline misses based on a preceding comparison of downtime caused by the migration and slack-based computation of the virtual machine's maximum affordable downtime. The distributed design is characterized by a communication between the paravirtualized operating system and the hypervisor in order to provide the required scheduling information. The overhead regarding memory footprint, execution times, and paravirtualization effort is analyzed. The evaluation identifies ranges for virtual machine size and timing characteristics for which the approach is feasible. A reliability analysis based on a combinatorial model is used to quantify the impact of migration on reliability.
{"title":"Virtual Machine Migration as a Fault Tolerance Technique for Embedded Real-Time Systems","authors":"Stefan Grösbrink","doi":"10.1109/SERE-C.2014.16","DOIUrl":"https://doi.org/10.1109/SERE-C.2014.16","url":null,"abstract":"Virtualization's architectural abstraction and encapsulation of guest systems in virtual machines facilitate migration, but existing real-time virtualization solutions are characterized by a static mapping of virtual machines to processors. This work studies migration of virtual machines with real-time constraints on homogeneous multiprocessor architectures as a service restoration in response to hardware faults. The migration policy respects real-time requirements and minimizes and predicts deadline misses based on a preceding comparison of downtime caused by the migration and slack-based computation of the virtual machine's maximum affordable downtime. The distributed design is characterized by a communication between the paravirtualized operating system and the hypervisor in order to provide the required scheduling information. The overhead regarding memory footprint, execution times, and paravirtualization effort is analyzed. The evaluation identifies ranges for virtual machine size and timing characteristics for which the approach is feasible. A reliability analysis based on a combinatorial model is used to quantify the impact of migration on reliability.","PeriodicalId":373062,"journal":{"name":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126237472","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Code reuse attacks such as return-oriented programming, one of the most powerful threats to software system, rely on the absolute address of instructions. Therefore, address space randomization should be an effective defending method. However, current randomization techniques either are lack of enough entropy or have significant time or space overhead. In this paper, we present a novel fine-grained randomization technique at basic block level. In contrast to previous work, our technique dealt with critical technical challenges including indirect branches, callbacks and position independent codes properly at least cost. We implement an efficient prototype randomization system which supports Linux ELF file format and x86 architecture. Our evaluation demonstrated that it can defend ROP attacks with tiny performance overhead (4% on average) successfully.
{"title":"Defending ROP Attacks Using Basic Block Level Randomization","authors":"Xun Zhan, Tao Zheng, Shixiang Gao","doi":"10.1109/SERE-C.2014.28","DOIUrl":"https://doi.org/10.1109/SERE-C.2014.28","url":null,"abstract":"Code reuse attacks such as return-oriented programming, one of the most powerful threats to software system, rely on the absolute address of instructions. Therefore, address space randomization should be an effective defending method. However, current randomization techniques either are lack of enough entropy or have significant time or space overhead. In this paper, we present a novel fine-grained randomization technique at basic block level. In contrast to previous work, our technique dealt with critical technical challenges including indirect branches, callbacks and position independent codes properly at least cost. We implement an efficient prototype randomization system which supports Linux ELF file format and x86 architecture. Our evaluation demonstrated that it can defend ROP attacks with tiny performance overhead (4% on average) successfully.","PeriodicalId":373062,"journal":{"name":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125578357","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Firefox OS, a new Web-based OS developed by Mozilla mainly for mobile platforms, is designed to realize the "Boot to the Web" concept for the open Web. It supports users booting to the network directly, launching remote applications and accessing remote data with the standard Web technologies. Although Firefox OS has adopted several mechanisms to enhance its security, its current design is lack of a mechanism to detect 1) applications calling Web API with unusual frequency, and 2) applications consuming abnormal amount of resources. In this paper, we propose an anomaly detection module which takes the system resource usage and the amount of inter-process communication as the inputs to detect whether the system has an anomaly. We also conduct several experiments to examine the ability of the proposed module. The results show that detection accuracy of our module is 0% in false negative rate and 12.5% in false positive rate.
Firefox OS是Mozilla为移动平台开发的一款基于Web的新操作系统,旨在实现面向开放Web的“Boot to the Web”理念。它支持用户直接引导到网络,启动远程应用程序,并使用标准的Web技术访问远程数据。尽管Firefox OS采用了几种机制来增强其安全性,但其目前的设计缺乏一种机制来检测1)异常频率调用Web API的应用程序,以及2)消耗异常数量资源的应用程序。本文提出了一种以系统资源使用情况和进程间通信量为输入来检测系统是否存在异常的异常检测模块。我们还进行了几个实验来检验所提出的模块的能力。结果表明,该模块的假阴性检测准确率为0%,假阳性检测准确率为12.5%。
{"title":"An Anomaly Detection Module for Firefox OS","authors":"Borting Chen, Ming-Wei Shih, Yu-Lun Huang","doi":"10.1109/SERE-C.2014.36","DOIUrl":"https://doi.org/10.1109/SERE-C.2014.36","url":null,"abstract":"Firefox OS, a new Web-based OS developed by Mozilla mainly for mobile platforms, is designed to realize the \"Boot to the Web\" concept for the open Web. It supports users booting to the network directly, launching remote applications and accessing remote data with the standard Web technologies. Although Firefox OS has adopted several mechanisms to enhance its security, its current design is lack of a mechanism to detect 1) applications calling Web API with unusual frequency, and 2) applications consuming abnormal amount of resources. In this paper, we propose an anomaly detection module which takes the system resource usage and the amount of inter-process communication as the inputs to detect whether the system has an anomaly. We also conduct several experiments to examine the ability of the proposed module. The results show that detection accuracy of our module is 0% in false negative rate and 12.5% in false positive rate.","PeriodicalId":373062,"journal":{"name":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130832107","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Authenticating wireless devices based on PARADIS technique draws increasing research interest recently, providing security access services in wireless networks. This paper provides an overview of various schemes for PARADIS identification using physical layer characteristics. Firstly, this work systematizes the existing knowledge on this topic for a better understanding of PARADIS device identification, its implications on the analysis and design of security solutions in wireless mobile networks, and possible applications. Secondly, we review the development progress of PARADIS identification techniques, discuss the merits and demerits of existing PARADIS identification schemes and provide a summary of the current state of the art. Moreover, we propose a new authentication scheme based on PRARDIS and discuss its security and feasibility in the SAE/LTE application. We also highlight the open problems of PRARDIS and motivate future works.
{"title":"Security Analysis of MAC Protocol for Mobile Device Identification Based on PARADIS","authors":"Niansheng Liu, H. Dai, Donghui Guo","doi":"10.1109/SERE-C.2014.45","DOIUrl":"https://doi.org/10.1109/SERE-C.2014.45","url":null,"abstract":"Authenticating wireless devices based on PARADIS technique draws increasing research interest recently, providing security access services in wireless networks. This paper provides an overview of various schemes for PARADIS identification using physical layer characteristics. Firstly, this work systematizes the existing knowledge on this topic for a better understanding of PARADIS device identification, its implications on the analysis and design of security solutions in wireless mobile networks, and possible applications. Secondly, we review the development progress of PARADIS identification techniques, discuss the merits and demerits of existing PARADIS identification schemes and provide a summary of the current state of the art. Moreover, we propose a new authentication scheme based on PRARDIS and discuss its security and feasibility in the SAE/LTE application. We also highlight the open problems of PRARDIS and motivate future works.","PeriodicalId":373062,"journal":{"name":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115727567","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Xiaolei Li, Guangdong Bai, Benjamin Thian, Zhenkai Liang, Heng Yin
Mobile devices are becoming increasingly general-purpose, and therefore the physical boundary used to separate important resources disappears. As a result, malicious applications (apps) get chances to abuse resources that are available on the mobile platform. In this paper, we propose resource virtualization as a security mechanism for the Android system to strengthen the physical barrier between many types of resources and confine resource-abusing Android apps. The physical resources on a mobile device are virtualized to a different virtual view for selected Android apps. Resource virtualization simulates a partial but consistent virtual view of the Android resources. Therefore, it can not only confine the resource-abusing apps effectively, but also ensure the usability of these apps. We implement a system prototype, RVL, and evaluate it with real-world apps of various types. Our results demonstrate its effectiveness on malicious Android apps and its compatibility and usability on benign Android apps.
{"title":"A Light-Weight Software Environment for Confining Android Malware","authors":"Xiaolei Li, Guangdong Bai, Benjamin Thian, Zhenkai Liang, Heng Yin","doi":"10.1109/SERE-C.2014.34","DOIUrl":"https://doi.org/10.1109/SERE-C.2014.34","url":null,"abstract":"Mobile devices are becoming increasingly general-purpose, and therefore the physical boundary used to separate important resources disappears. As a result, malicious applications (apps) get chances to abuse resources that are available on the mobile platform. In this paper, we propose resource virtualization as a security mechanism for the Android system to strengthen the physical barrier between many types of resources and confine resource-abusing Android apps. The physical resources on a mobile device are virtualized to a different virtual view for selected Android apps. Resource virtualization simulates a partial but consistent virtual view of the Android resources. Therefore, it can not only confine the resource-abusing apps effectively, but also ensure the usability of these apps. We implement a system prototype, RVL, and evaluate it with real-world apps of various types. Our results demonstrate its effectiveness on malicious Android apps and its compatibility and usability on benign Android apps.","PeriodicalId":373062,"journal":{"name":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123759719","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
F. Rahman, Md Osman Gani, G. Ahsan, Sheikh Iqbal Ahamed
Security and usability plays an important role in the success in today's computer, mobile, and technology based system. In these systems, security gets higher priority for high security measures ignoring the fact that the system may lead to an unusable one. However, everyday technology users need a system that is usable and also safe. In this paper, we propose a novel approach for usable security for mobile system i.e. a mobile system that will be usable and also secured. Traditional mobile device authentication techniques do not consider the combination of user biometrics, environmental information, and information provided by the sensors within the pervasive system. In this paper, we present a four way fusion of user authentication techniques for efficient usable security on mobile devices. In this approach user is not required to remember any alphanumeric password. The location traces, gait pattern, emotion of user and context of an image is used as metric for authentication. This system silently does authentication using location traces and gait pattern of its user. If the silent authentication fails then system authenticates its users based on user's emotion sequence and an image context previously stored by the user. Our proposed fusion based authentication technique can be useful for numerous real life scenarios where mobile device security is important.
{"title":"Seeing Beyond Visibility: A Four Way Fusion of User Authentication for Efficient Usable Security on Mobile Devices","authors":"F. Rahman, Md Osman Gani, G. Ahsan, Sheikh Iqbal Ahamed","doi":"10.1109/SERE-C.2014.30","DOIUrl":"https://doi.org/10.1109/SERE-C.2014.30","url":null,"abstract":"Security and usability plays an important role in the success in today's computer, mobile, and technology based system. In these systems, security gets higher priority for high security measures ignoring the fact that the system may lead to an unusable one. However, everyday technology users need a system that is usable and also safe. In this paper, we propose a novel approach for usable security for mobile system i.e. a mobile system that will be usable and also secured. Traditional mobile device authentication techniques do not consider the combination of user biometrics, environmental information, and information provided by the sensors within the pervasive system. In this paper, we present a four way fusion of user authentication techniques for efficient usable security on mobile devices. In this approach user is not required to remember any alphanumeric password. The location traces, gait pattern, emotion of user and context of an image is used as metric for authentication. This system silently does authentication using location traces and gait pattern of its user. If the silent authentication fails then system authenticates its users based on user's emotion sequence and an image context previously stored by the user. Our proposed fusion based authentication technique can be useful for numerous real life scenarios where mobile device security is important.","PeriodicalId":373062,"journal":{"name":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133901964","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: