Browsing by Author "Gao, Xiang"

Designing systems that balance security and usability is a desirable but challenging goal. Zero-Interaction Authentication (ZIA) is one example of an effort for making security easy to use. It attempts to improve usability by avoiding explicit user interaction for the authentication process, but instead resorting to automatically determining if the principals are co-present. Nevertheless, current ZIA models, which detect co-presence by measuring observed signal strengths in some form of local wireless communication, suffer from relay attacks, where attackers fool the principals by relaying the authentication messages even if the messages exchanged in the authentication protocols are cryptographically secured. Contextual Co-presence Detection is an alternative technique to detect co-presence. The main idea is that co-present principals should observe similar ambient context. Although prior work has studied the use of single sensor modalities (audio, Bluetooth, GPS and WiFi) for perceiving ambient context, there were (a) no fair comparisons of how different sensor modalities perform and (b) no studies about whether fusing multiple sensor modalities would increase performance. In this thesis, we built a data collection framework that allowed an individual user to easily collect ground truth data about co-presence of a pair of devices. We applied standard classification techniques to this data. Our results demonstrate WiFi (the set of visible WiFi access points and their respective signal strengths) and that fusing multiple sensor modalities improves performance in terms of security and usability. We then extended a real ZIA application (BlueProximity) with support for contextual co-presence detection, and conducted a small-scale user study to evaluate the usability of contextual co-presence detection as compared to co-presence detection using signal strength only. Our study did not find evidence that the addition of contextual co-presence may harm usability.