Research Commons
      • Browse 
        • Communities & Collections
        • Titles
        • Authors
        • By Issue Date
        • Subjects
        • Types
        • Series
      • Help 
        • About
        • Collection Policy
        • OA Mandate Guidelines
        • Guidelines FAQ
        • Contact Us
      • My Account 
        • Sign In
        • Register
      View Item 
      •   Research Commons
      • University of Waikato Research
      • Computing and Mathematical Sciences
      • Computing and Mathematical Sciences Papers
      • View Item
      •   Research Commons
      • University of Waikato Research
      • Computing and Mathematical Sciences
      • Computing and Mathematical Sciences Papers
      • View Item
      JavaScript is disabled for your browser. Some features of this site may not work without it.

      Proximity assurances based on natural and artificial ambient environments

      Gurulian, Iakovos; Markantonakis, Konstantinos; Shepherd, Carlton; Frank, Eibe; Akram, Raja Naeem
      Thumbnail
      Files
      proximity_assurances.pdf
      Accepted version, 427.0Kb
      DOI
       10.1007/978-3-319-69284-5_7
      Find in your library  
      Citation
      Export citation
      Gurulian I., Markantonakis K., Shepherd C., Frank E., Akram R.N. (2017) Proximity Assurances Based on Natural and Artificial Ambient Environments. In: Farshim P., Simion E. (eds) Innovative Security Solutions for Information Technology and Communications. SecITC 2017. Lecture Notes in Computer Science, vol 10543. Springer, Cham
      Permanent Research Commons link: https://hdl.handle.net/10289/12269
      Abstract
      Relay attacks are passive man-in-the-middle attacks that aim to extend the physical distance of devices involved in a transaction beyond their operating environment. In the field of smart cards, distance bounding protocols have been proposed in order to counter relay attacks. For smartphones, meanwhile, the natural ambient environment surrounding the devices has been proposed as a potential Proximity and Relay-Attack Detection (PRAD) mechanism. These proposals, however, are not compliant with industry-imposed constraints that stipulate maximum transaction completion times, e.g. 500 ms for EMV contactless transactions. We evaluated the effectiveness of 17 ambient sensors that are widely-available in modern smartphones as a PRAD method for time-restricted contactless transactions. In our work, both similarity- and machine learning-based analyses demonstrated limited effectiveness of natural ambient sensing as a PRAD mechanism under the operating requirements for proximity and transaction duration specified by EMV and ITSO. To address this, we propose the generation of an Artificial Ambient Environment (AAE) as a robust alternative for an effective PRAD. The use of infrared light as a potential PRAD mechanism is evaluated, and our results indicate a high success rate while remaining compliant with industry requirements.
      Date
      2017
      Type
      Conference Contribution
      Publisher
      Spinger
      Rights
      © 2017 Springer, Cham. This is the author's accepted version. The final publication is available at Springer via dx.doi.org/10.1007/978-3-319-69284-5_7
      Collections
      • Computing and Mathematical Sciences Papers [1455]
      Show full item record  

      Usage

      Downloads, last 12 months
      69
       
       
       

      Usage Statistics

      For this itemFor all of Research Commons

      The University of Waikato - Te Whare Wānanga o WaikatoFeedback and RequestsCopyright and Legal Statement