Assessing the Informativeness of Sensed Data for User Identification in IoT

The shortcomings of the traditional password-based authentication mechanism are becoming increasingly apparent as we transition from "one user - one device" to a richer "multiple users - multiple devices" computing paradigm. The currently dominant research direction focuses on on...

Full description

Bibliographic Details
Main Author: Krašovec, Andraž
Other Authors: Pejović, Veljko
Format: Master Thesis
Language:English
Published: 2020
Subjects:
Internet of Things
Continuous Authentication
Machine learning
Internet stvari
nenhna avtentikacija
strojno učenje
sami
Online Access:https://repozitorij.uni-lj.si/IzpisGradiva.php?id=119823
https://repozitorij.uni-lj.si/Dokument.php?id=134559&dn=
https://plus.si.cobiss.net/opac7/bib/30767107?lang=sl
id ftuniljubljanair:oai:repozitorij.uni-lj.si:IzpisGradiva.php-id-119823
record_format openpolar
institution Open Polar
collection Repository of the University of Ljubljana (RUL)
op_collection_id ftuniljubljanair
language English
topic Internet of Things
Continuous Authentication
Machine learning
Internet stvari
nenhna avtentikacija
strojno učenje
spellingShingle Internet of Things
Continuous Authentication
Machine learning
Internet stvari
nenhna avtentikacija
strojno učenje
Krašovec, Andraž
Assessing the Informativeness of Sensed Data for User Identification in IoT
topic_facet Internet of Things
Continuous Authentication
Machine learning
Internet stvari
nenhna avtentikacija
strojno učenje
description The shortcomings of the traditional password-based authentication mechanism are becoming increasingly apparent as we transition from "one user - one device" to a richer "multiple users - multiple devices" computing paradigm. The currently dominant research direction focuses on on-device biometrics, which require sensitive information, such as images of a user's face, to be constantly streamed from a single recording source, often the device on which a user is getting authenticated. Instead, in this work we explore the possibilities offered by heterogeneous devices that opportunistically collect non-sensitive data in smart environments. We construct an IoT testbed in which we gather data pertaining to a person's movement in space, interaction with certain physical objects, PC terminal usage, and keyboard typing, and construct machine learning models capturing the person's behaviour traits. We commence our examination with models constructed from data sensed during a previously-completed task run and with such models we achieve up to 68% user identification accuracy (c.f. 7% baseline) among up to 20 individuals. Taking into account the limits of behaviour persistence we then revise our approach to continuously refine the model with the most recently sampled sensor data. This method allows us to achieve 99.3% user verification accuracy and successfully prevent a session takeover attack within 12 seconds with less than 1% of false attack detection. Pomanjkljivost avtentikacijskih mehanizmov z uporabo gesel postajajo vse bolj očitne, sploh v prehodu s klasične metode uporabe naprav "en uporabnik - ena naprava'', v bogatejšo "več uporabnikov - več naprav''. Trenutno prevladujoče raziskovalno področje, ki se ukvarja z odpravo zastarelih konceptov avtentikacije, temelji na biometričnih podatkih. Takšna avtentikacija zahteva uporabo občutljivih podatkov, kot naprimer slike uporabnikovega obraza, ki se nenehno zajemajo in shranjujejo na napravi sami. Nasprotno v našem delu raziščemo možnosti, ki jih ponuja avtentikacija z množico naprav, ki zajemajo zgolj neobčutljive podatke v pametnem okolju. S tem namenom zasnujemo in postavimo testno okolje, ki temelji na tehnologijah interneta stvari (IoT) in zbira najrazličnejše vedenjske vzorce uporabnika, na primer rokovanje z miško in tipkovnico, uporaba računalniških virov in vzorci premikanja po prostoru. Nato na podlagi zbranih podatkov s pomočjo strojnega učenja te vzorce izluščimo in pridobljeno znanje uporabimo za prepoznavanje in nenehno avtentikacijo uporabnikov. Pridobljeno znanje zatem uporabimo za različne naloge. V tem delu se osredotočimo na prepoznavo uporabnikov in nato le-to nadgradimo s sistemom nenehne avtentikacije, ki vsako sekundo preveri, ali je v prostoru še vedno ista oseba kot je bila pred tem. Za izgradnjo modelov prepoznave uporabnikov uporabimo vnaprej pridobljene podatke, nakar s pomočjo teh modelov poiskusimo napovedati kateri uporabnik je trenutno prisoten v prostoru. Pri takšni napovedi dosežemo točnost 68% pri 7% točnosti večinskega klasifikatorja. Na podlagi pridobljenih izkušenj naposled zasnujemo še sistem nenehne avtentikacije, ki uporabi podatke zadnjih n sekund in napove ali se je oseba, prisotna v prostoru, zamenjala. Z uporabo tega pristopa ujamemo 99,3% vseh izvedenih napadov, s povprečnim zamikom dvanajstih sekund in z manj kot 1% lažnih zaznav napada.
author2 Pejović, Veljko
format Master Thesis
author Krašovec, Andraž
author_facet Krašovec, Andraž
author_sort Krašovec, Andraž
title Assessing the Informativeness of Sensed Data for User Identification in IoT
title_short Assessing the Informativeness of Sensed Data for User Identification in IoT
title_full Assessing the Informativeness of Sensed Data for User Identification in IoT
title_fullStr Assessing the Informativeness of Sensed Data for User Identification in IoT
title_full_unstemmed Assessing the Informativeness of Sensed Data for User Identification in IoT
title_sort assessing the informativeness of sensed data for user identification in iot
publishDate 2020
url https://repozitorij.uni-lj.si/IzpisGradiva.php?id=119823
https://repozitorij.uni-lj.si/Dokument.php?id=134559&dn=
https://plus.si.cobiss.net/opac7/bib/30767107?lang=sl
genre sami
genre_facet sami
op_relation https://repozitorij.uni-lj.si/IzpisGradiva.php?id=119823
https://repozitorij.uni-lj.si/Dokument.php?id=134559&dn=
https://plus.si.cobiss.net/opac7/bib/30767107?lang=sl
op_rights info:eu-repo/semantics/openAccess
_version_ 1766186829077282816
spelling ftuniljubljanair:oai:repozitorij.uni-lj.si:IzpisGradiva.php-id-119823 2023-05-15T18:14:07+02:00 Assessing the Informativeness of Sensed Data for User Identification in IoT Ocena informativnosti senzorjev za identifikacijo uporabnikov v okolju IoT Krašovec, Andraž Pejović, Veljko 2020-09-11 application/pdf https://repozitorij.uni-lj.si/IzpisGradiva.php?id=119823 https://repozitorij.uni-lj.si/Dokument.php?id=134559&dn= https://plus.si.cobiss.net/opac7/bib/30767107?lang=sl eng eng https://repozitorij.uni-lj.si/IzpisGradiva.php?id=119823 https://repozitorij.uni-lj.si/Dokument.php?id=134559&dn= https://plus.si.cobiss.net/opac7/bib/30767107?lang=sl info:eu-repo/semantics/openAccess Internet of Things Continuous Authentication Machine learning Internet stvari nenhna avtentikacija strojno učenje info:eu-repo/semantics/masterThesis info:eu-repo/semantics/publishedVersion 2020 ftuniljubljanair 2021-12-06T10:17:59Z The shortcomings of the traditional password-based authentication mechanism are becoming increasingly apparent as we transition from "one user - one device" to a richer "multiple users - multiple devices" computing paradigm. The currently dominant research direction focuses on on-device biometrics, which require sensitive information, such as images of a user's face, to be constantly streamed from a single recording source, often the device on which a user is getting authenticated. Instead, in this work we explore the possibilities offered by heterogeneous devices that opportunistically collect non-sensitive data in smart environments. We construct an IoT testbed in which we gather data pertaining to a person's movement in space, interaction with certain physical objects, PC terminal usage, and keyboard typing, and construct machine learning models capturing the person's behaviour traits. We commence our examination with models constructed from data sensed during a previously-completed task run and with such models we achieve up to 68% user identification accuracy (c.f. 7% baseline) among up to 20 individuals. Taking into account the limits of behaviour persistence we then revise our approach to continuously refine the model with the most recently sampled sensor data. This method allows us to achieve 99.3% user verification accuracy and successfully prevent a session takeover attack within 12 seconds with less than 1% of false attack detection. Pomanjkljivost avtentikacijskih mehanizmov z uporabo gesel postajajo vse bolj očitne, sploh v prehodu s klasične metode uporabe naprav "en uporabnik - ena naprava'', v bogatejšo "več uporabnikov - več naprav''. Trenutno prevladujoče raziskovalno področje, ki se ukvarja z odpravo zastarelih konceptov avtentikacije, temelji na biometričnih podatkih. Takšna avtentikacija zahteva uporabo občutljivih podatkov, kot naprimer slike uporabnikovega obraza, ki se nenehno zajemajo in shranjujejo na napravi sami. Nasprotno v našem delu raziščemo možnosti, ki jih ponuja avtentikacija z množico naprav, ki zajemajo zgolj neobčutljive podatke v pametnem okolju. S tem namenom zasnujemo in postavimo testno okolje, ki temelji na tehnologijah interneta stvari (IoT) in zbira najrazličnejše vedenjske vzorce uporabnika, na primer rokovanje z miško in tipkovnico, uporaba računalniških virov in vzorci premikanja po prostoru. Nato na podlagi zbranih podatkov s pomočjo strojnega učenja te vzorce izluščimo in pridobljeno znanje uporabimo za prepoznavanje in nenehno avtentikacijo uporabnikov. Pridobljeno znanje zatem uporabimo za različne naloge. V tem delu se osredotočimo na prepoznavo uporabnikov in nato le-to nadgradimo s sistemom nenehne avtentikacije, ki vsako sekundo preveri, ali je v prostoru še vedno ista oseba kot je bila pred tem. Za izgradnjo modelov prepoznave uporabnikov uporabimo vnaprej pridobljene podatke, nakar s pomočjo teh modelov poiskusimo napovedati kateri uporabnik je trenutno prisoten v prostoru. Pri takšni napovedi dosežemo točnost 68% pri 7% točnosti večinskega klasifikatorja. Na podlagi pridobljenih izkušenj naposled zasnujemo še sistem nenehne avtentikacije, ki uporabi podatke zadnjih n sekund in napove ali se je oseba, prisotna v prostoru, zamenjala. Z uporabo tega pristopa ujamemo 99,3% vseh izvedenih napadov, s povprečnim zamikom dvanajstih sekund in z manj kot 1% lažnih zaznav napada. Master Thesis sami Repository of the University of Ljubljana (RUL)

Similar Items