CAREER: Towards Secure and Usable IoT Authentication Under Constraints

职业：在约束下实现安全可用的物联网身份验证

• 批准号: 2144669
• 负责人: Qiang Zeng
• 金额: $ 54.57万
• 依托单位: University of South Carolina at Columbia
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-06-01 至 2023-02-28
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2144669&HistoricalAwards=false
• 关键词: CAREER; Towards; Secure; Usable; IoT

The booming development of Internet of Things (IoT) makes ever-growing impacts on various industries and daily lives. IoT authentication, which authenticates the legitimacy of a user and/or an IoT device, is among the most fundamental and critical IoT security problems. Existing approaches often suffer from insecurity (e.g., Bluetooth based proximity proving can be exploited by wireless attacks) or poor usability (e.g., requiring user interfaces or sensors unavailable on most IoT devices). The research advances secure and usable IoT authentication under constraints. Unlike many prior works that build authentication on proximity, which can be exploited by wireless attacks, the project's novelty is based on physical operations that cannot be spoofed by an attacker. The project's broader significance and importance are as follows. 1) The research can help people in rural areas or with disabilities have equal rights of access to modern techniques, such as drone delivery, without relying on special user-side hardware. 2) The research can make IoT pairing and authentication much easier and more secure, and the results have wide applications to smart health, forensics, and continuous security monitoring. 3) The PI will conduct outreach and educational activities that aim to increase awareness of cybersecurity in the K-12 community and broaden the participation of students from underrepresented groups. The project seeks to improve IoT authentication and deliver novel approaches, algorithms, techniques, and systems through the following thrusts. Thrust 1: Authentication for UI-Constrained Devices. A protocol that supports mutual authentication, over an insecure wireless channel, to establish trust between a UI-constrained device and the user to support authentication for heterogeneous IoT devices. Thrust 2: Authentication for Distance-Constrained Devices. A highly usable approach enables secure authentication between an IoT device and the user even when they are multiple meters apart, which has applications ranging from drone delivery to ride sharing. Thrust 3: Authentication for Operation-Constrained Devices. For traditional objects retrofitted with zero-UI sensor nodes, AI-assisted implicit authentication enables recognizing a user without requiring any explicit authentication operations. In sum, the research seeks to substantially advance IoT authentication and foster a variety of IoT applications.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

物联网（IoT）的蓬勃发展对各个行业和日常生活产生了越来越大的影响。物联网认证是对用户和/或物联网设备的合法性进行认证，是最基本和最关键的物联网安全问题之一。现有的方法经常遭受不安全性（例如，基于蓝牙的邻近性证明可被无线攻击利用）或较差的可用性（例如，需要在大多数IoT设备上不可用的用户接口或传感器）。该研究在约束条件下推进了安全和可用的物联网认证。与许多先前的作品不同，这些作品建立在接近的基础上，可以被无线攻击利用，该项目的新奇是基于攻击者无法欺骗的物理操作。该项目的更广泛意义和重要性如下。1)这项研究可以帮助农村地区或残疾人平等地获得现代技术，如无人机送货，而不依赖于特殊的用户端硬件。2)该研究可以使物联网配对和身份验证变得更容易，更安全，其结果在智能健康，取证和持续安全监控方面具有广泛的应用。3)PI将开展外联和教育活动，旨在提高K-12社区的网络安全意识，并扩大代表性不足群体的学生的参与。该项目旨在改善物联网认证，并通过以下方面提供新的方法，算法，技术和系统。目标1：UI受限设备的身份验证。一种协议，支持通过不安全的无线信道进行相互身份验证，以在UI受限的设备和用户之间建立信任，从而支持异构IoT设备的身份验证。目标2：距离受限设备的身份验证。一种高度可用的方法可以实现物联网设备和用户之间的安全认证，即使它们相距数米，其应用范围从无人机交付到乘车共享。重点3：操作受限器械的认证。对于使用零UI传感器节点改造的传统对象，AI辅助的隐式身份验证可以识别用户，而无需任何显式身份验证操作。该奖项反映了NSF的法定使命，通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

Authentication for drone delivery through a novel way of using face biometrics

• DOI: 10.1145/3495243.3560550
• 发表时间: 2022-10
• 期刊: Proceedings of the 28th Annual International Conference on Mobile Computing And Networking
• 作者: Jonathan Sharp;Chuxiong Wu;Qiang Zeng

IoT Phantom-Delay Attacks: Demystifying and Exploiting IoT Timeout Behaviors

• DOI: 10.1109/dsn53405.2022.00050
• 发表时间: 2022-06
• 期刊: 2022 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
• 作者: Chenglong Fu;Qiang Zeng;Haotian Chi;Xiaojiang Du;Siva Likitha Valluru

G2Auth: secure mutual authentication for drone delivery without special user-side hardware

• DOI: 10.1145/3498361.3538941
• 发表时间: 2022-06
• 期刊: Proceedings of the 20th Annual International Conference on Mobile Systems, Applications and Services
• 作者: Chuxiong Wu;Xiaopeng Li;Lannan Luo;Qiang Zeng