| Internet of Things terminals are massively deployed in human daily life,driven by the third tide of world information industry.Ubiquitous terminal devices embed abundant sensing sensors for capturing surrounding environment information,and thus directly boost the development of ubiquitous sensing technology and the formation of its environment.Nevertheless,in the ubiquitous sensing environment,when providing various services,terminal devices inevitably process and store user privacy data,such as personal behavior trajectory and private conversation.Once the privacy data is leaked,users will bear great security threats and service providers will lose social reputations.To prevent malicious objects from illegally accessing private data,identity authentication mechanisms are widely used to verify user access and operation rights on Internet of Things terminals.Although current authentication mechanisms reduce the risk of unauthorized access to private data to a certain extent,they still have limitations in three main aspects,i.e.,cost,security,and convenience.Relying on user identity information represented by image signal,vibration signal,voice signal,and magnetic signal in ubiquitous sensing environments,this paper proposes and implements an improved version of current authentication approaches,to meet usage demands for low-cost,high-security,and high-convenience in specific scenarios.(1)Image signal: to solve the large cost caused by high-security face authentication systems,this paper proposes a low-cost one-pass user authentication mechanism named Smile Auth relying on the features of dental edge structure features.Face authentication is one of the common identity authentication mechanisms utilized in Internet of Things terminals.However,cost-limited terminals only can obtain facial two-dimensional image information,which can be easily spoofed by fake masks and replay attacks.High-security face authentication mechanisms leverage expensive and customized sensors such as infrared lenses and dot-matrix projectors,to capture facial three-dimensional structure features.To deal with the conflict between highsecurity and low-cost,this paper finds the distinguishability in dental edge structure across users by comparing human dental structure differences and then extracts four types of features,i.e.,single-tooth,multi-tooth,full-tooth,and envelope shape,to represent user identity information.In particular,Smile Auth only utilizes the information extracted from multiple two-dimensional images to reconstruct the dental three-dimension structure features,which greatly reduces the threat caused by potential attacks.Compared with existing works,Smile Auth can realize secure authentication by using only two-dimensional image information captured by the built-in camera of low-cost terminals,and hence owning excellent scalability.(2)Vibration signal: considering that the one-pass authentication mode cannot track user identity during an entire service activation period,this paper proposes a high-security continuous authentication mechanism called Hand Pass based on hand vibration responses.Current access control mechanisms such as digit passwords and biometrics recognition utilized on terminals follow the one-pass authentication mode,that is,after the first identity authentication,user identity will not be tracked and verified during the entire service activation period.In this case,if the legal user is temporarily absent while the service is activated,there is a great opportunity for an attacker to illegally manipulate the device,thereby achieving snooping or even stealing private data.To realize the full cycle protection during the service activation period of handholding terminals,this paper regards the hand and device as a medium,explores the process of vibration generation,propagation,and attenuation in a medium,and presents the uniqueness of tapping-triggered vibration response patterns across users.Subsequently,statistical and customized features for user identity authentication are extracted in both time and frequency domains,to achieve continuous operation rights tracking.Compared to existing works,Hand Pass only employs a low-cost accelerometer to capture vibration response patterns,while achieving high-security continuous user authentication.(3)Voice signal: aiming at that vibration response pattern is applicable in the contact human-computer interaction scenarios for continuous identity tracking,this paper proposes a contactless mechanism named Live Probe relying on phoneme energy response liveness features.In recent years,thanks to the development of natural language processing technology,the non-contact interaction way provided by voice assistants has been widely used in human daily life.However,voice-related services are vulnerable to the threat posed by replaying attacks,that is,issuing illegal commands by electronic loudspeakers to manipulate target devices and making serious privacy risks.Therefore,for protecting the entire process of voice-driven human-computer interaction,distinguishing the identity type of sound sources is very critical.This paper compares the composition and working principle between human vocal organs and electronic loudspeakers,to further study the commands phoneme energy distribution differences caused by the two sound sources’ internal structure differences,and then extract human vocal organ-dependent phoneme energy response patterns and its dynamic variation traits,so as to realize the continuous type tracking of sound source identity.Compared with existing works,Live Probe can continuously capture liveness features only by using the built-in microphone to distinguish sound source identity types,which is complementary to the functions and application scenarios of contact authentication mechanisms.(4)Magnetic signal: to handle the cumbersome operations caused by cross-device user identity authentication in existing works,this paper proposes a convenient authentication mechanism named Mag Sign based on dynamic magnetic signatures.Although current privacysensitive terminals are equipped with authentication modules,there are obvious differences among the authentication ways supported by them,due to limitations in cost and size.For instance,smart loudspeakers often support voice recognition to complete identity authentication,while smart locks mostly leverage fingerprint features to judge user identity.In this case,one user needs to frequently switch and provide specific identity features when authenticating identity across multiple heterogeneous devices,which greatly compromises user experience.For realizing convenient cross-device identity authentication,this paper studies the corresponding relationship between screen contents of smart wearable devices and near-field magnetic signal intensities,and further proposes a scheme to encode digit passwords into magnetic signatures by using screen contents,and finally realizes the authentication mechanism based on magnetic signature representing user identity.In particular,this mechanism only leverages the screen of authorized devices the built-in magnetic sensor in unlocked devices and the screen of authorized devices to emit and receive magnetic signatures respectively,without revamping hardware modules,thus it can be adapted to heterogeneous COTS devices.Compared with existing works,Mag Sign can provide a convenient way to complete across-device authentication by a simple“one-touch unlocking” mode,relying on low-cost and widely-deployed magnetic sensors. |
PDF Full Text Request