Abstract
We introduce a non-interactive dual-channel protocol for continuous traffic authentication and analyze its security properties. We realize the proposed protocol by facilitating dual channels at the keyboard with the assistance of a lightweight hardware module. The proposed protocol does not require users' explicit engagement in the authentication process. Empirical results show that, for a 30-day period, the maximum false reject rate for all legitimate requests on a day is 6% (with a 30 day daily average of 2.4%) and the false accept rate on any given day is 0%. The daily maximum false reject rate of the user requests falls to 0% if the users are forced to engage explicitly in the protocol operation for a maximum of 1.2% of users' non-typed requests.
Original language | English (US) |
---|---|
Article number | 6815645 |
Pages (from-to) | 1133-1140 |
Number of pages | 8 |
Journal | IEEE Transactions on Information Forensics and Security |
Volume | 9 |
Issue number | 7 |
DOIs | |
State | Published - Jul 2014 |
Externally published | Yes |
Keywords
- Information exfiltration
- authentication
- non-interactive dual channel protocol
ASJC Scopus subject areas
- Safety, Risk, Reliability and Quality
- Computer Networks and Communications