TU Darmstadt / ULB / TUbiblio

I know where you are: Proofs of Presence resilient to malicious provers

Miettinen, Markus ; Asokan, N. ; Koushanfar, Farinaz ; Nguyen, Thien Duc ; Rios, Jon ; Sadeghi, Ahmad-Reza ; Sobhani, Majid ; Yellapantula, Sudha :
I know where you are: Proofs of Presence resilient to malicious provers.
10th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2015)
[Konferenz- oder Workshop-Beitrag], (2015)

Kurzbeschreibung (Abstract)

In the recent years, new services and businesses leveraging location-based services (LBS) are rapidly emerging. On the other hand this has raised the incentive of users to cheat about their locations to the service providers for personal benefits. Context-based proofs-of-presence (PoPs) have been proposed to enable verification of users' location claims. However, as we show in this paper, they are vulnerable to context guessing attacks. To make PoPs resilient to malicious provers we propose two complementary approaches for making context-based PoPs: one approach focuses on surprisal filtering based on estimating the entropy of particular PoPs in order to detect context measurements vulnerable to such attacks. The other approach is based on utilizing longitudinal observations of ambient modalities like noise level and ambient luminosity. It is capable of extracting more entropy from the context to construct PoPs that are hard to guess by an attacker even in situations in which other context sensor modalities fail to provide reliable PoPs.

Typ des Eintrags: Konferenz- oder Workshop-Beitrag (Keine Angabe)
Erschienen: 2015
Autor(en): Miettinen, Markus ; Asokan, N. ; Koushanfar, Farinaz ; Nguyen, Thien Duc ; Rios, Jon ; Sadeghi, Ahmad-Reza ; Sobhani, Majid ; Yellapantula, Sudha
Titel: I know where you are: Proofs of Presence resilient to malicious provers
Sprache: Deutsch
Kurzbeschreibung (Abstract):

In the recent years, new services and businesses leveraging location-based services (LBS) are rapidly emerging. On the other hand this has raised the incentive of users to cheat about their locations to the service providers for personal benefits. Context-based proofs-of-presence (PoPs) have been proposed to enable verification of users' location claims. However, as we show in this paper, they are vulnerable to context guessing attacks. To make PoPs resilient to malicious provers we propose two complementary approaches for making context-based PoPs: one approach focuses on surprisal filtering based on estimating the entropy of particular PoPs in order to detect context measurements vulnerable to such attacks. The other approach is based on utilizing longitudinal observations of ambient modalities like noise level and ambient luminosity. It is capable of extracting more entropy from the context to construct PoPs that are hard to guess by an attacker even in situations in which other context sensor modalities fail to provide reliable PoPs.

Buchtitel: 10th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2015)
Freie Schlagworte: ICRI-SC
Fachbereich(e)/-gebiet(e): 20 Fachbereich Informatik
20 Fachbereich Informatik > Systemsicherheit
Profilbereiche
Profilbereiche > Cybersicherheit (CYSEC)
Hinterlegungsdatum: 04 Aug 2016 10:13
ID-Nummer: TUD-CS-2015-0012
Verwandte URLs:
Export:

Optionen (nur für Redakteure)

Eintrag anzeigen Eintrag anzeigen