skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: A Situation-Aware Scheme for Efficient Device Authentication in Smart Grid-Enabled Home Area Networks
Home area networks (HANs) are the most vulnerable part of smart grids since they are not directly controlled by utilities. Device authentication is one of most important mechanisms to protect the security of smart grid-enabled HANs (SG-HANs). In this paper, we propose a situation-aware scheme for efficient device authentication in SG-HANs. The proposed scheme utilizes the security risk information assessed by the smart home system with a situational awareness feature. A suitable authentication protocol with adequate security protection and computational and communication complexity is then selected based on the assessed security risk level. A protocol design of the proposed scheme considering two security risk levels is presented in the paper. The security of the design is verified by using both formal verification and informal security analysis. Our performance analysis demonstrates that the proposed scheme is efficient in terms of computational and communication costs.  more » « less
Award ID(s):
1757207
PAR ID:
10187053
Author(s) / Creator(s):
;
Date Published:
Journal Name:
Electronics
Volume:
9
Issue:
6
ISSN:
2079-9292
Page Range / eLocation ID:
989
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; (, ACM International Symposium on Mobile Ad Hoc Networking and Computing)
    User authentication is a critical process in both corporate and home environments due to the ever-growing security and privacy concerns. With the advancement of smart cities and home environments, the concept of user authentication is evolved with a broader implication by not only preventing unauthorized users from accessing confidential information but also providing the opportunities for customized services corresponding to a specific user. Traditional approaches of user authentication either require specialized device installation or inconvenient wearable sensor attachment. This paper supports the extended concept of user authentication with a device-free approach by leveraging the prevalent WiFi signals made available by IoT devices, such as smart refrigerator, smart TV and thermostat, etc. The proposed system utilizes the WiFi signals to capture unique human physiological and behavioral characteristics inherited from their daily activities, including both walking and stationary ones. Particularly, we extract representative features from channel state information (CSI) measurements of WiFi signals, and develop a deep learning based user authentication scheme to accurately identify each individual user. Extensive experiments in two typical indoor environments, a university office and an apartment, are conducted to demonstrate the effectiveness of the proposed authentication system. In particular, our system can achieve over 94% and 91% authentication accuracy with 11 subjects through walking and stationary activities, respectively. 
    more » « less
  2. ; ; (, 2023 IEEE International Conference on Consumer Electronics (ICCE))
    Project Connected Home over IP, known as Matter, a unifying standard for the smart home, will begin formal device certification in late 2022. The standard will prioritize connectivity using short-range wireless communication protocols such as Wi-Fi, Thread, and Ethernet. The standard will also include emerging technologies such as Blockchain for device certification and security. In this paper, we rely on the Matter protocol to solve the long-standing heterogeneity problem in smart homes. This work presents a hardware Testbed built using development kits, as there is currently very few devices supporting Matter protocol. In addition, it presents a network architecture that automates smart homes to cloud services. The work is a simple and cheap way of developing a Testbed for automating smart homes that uses Matter protocol. The architecture lays the foundation for exploring security and privacy issues, data collection analysis, and data provenance in a smart home ecosystem built on Matter protocol. 
    more » « less
  3. ; (, 2024 International Wireless Communications and Mobile Computing (IWCMC))
    Structural Health Monitoring (SHM) uses wireless sensor network (WSN) to monitor a civil construction’s conditions remotely and constantly for its sustainable usage. Security in WSN for SHM is essential to safeguard critical transportation infrastructure such as bridges. While WSN offers cost-effective solutions for Bridge SHM, its wireless nature expands attack surfaces, making security a significant concern. Despite progress in addressing security issues in WSN for Bridge SHM, challenges persist in device authentication due to the unique placement of sensor nodes and their resource constraints, particularly in energy conservation requirements to extend the system’s lifetime. To overcome these limitations, this paper proposes an innovative authentication scheme with deep learning at the physical layer. Our approach steers away from conventional device authentication methods: no challenge-response protocol with heavy communication overhead and no cryptography of intensive computation. Instead, we use radio frequency (RF) fingerprinting to authenticate sensor nodes. Deep learning is chosen for its ability to discover patterns in large datasets without manual feature engineering. We model our scheme on IEEE 802.11ah, Wi-Fi HaLow of long-range communication and low-power consumption for machine-to-machine (M2M) applications. Simulations and experiments using universal software radio peripheral (USRP) demonstrate the effectiveness of the proposed scheme. By integrating security into Cyber-Physical System/the Internet-of-Things (CPS/IoT) design of WSN for Bridge SHM, our work contributes to critical infrastructure protection. 
    more » « less
  4. ; ; ; (, ACM Transactions on Internet of Things)
    null (Ed.)
    User authentication is a critical process in both corporate and home environments due to the ever-growing security and privacy concerns. With the advancement of smart cities and home environments, the concept of user authentication is evolved with a broader implication by not only preventing unauthorized users from accessing confidential information but also providing the opportunities for customized services corresponding to a specific user. Traditional approaches of user authentication either require specialized device installation or inconvenient wearable sensor attachment. This article supports the extended concept of user authentication with a device-free approach by leveraging the prevalent WiFi signals made available by IoT devices, such as smart refrigerator, smart TV, and smart thermostat, and so on. The proposed system utilizes the WiFi signals to capture unique human physiological and behavioral characteristics inherited from their daily activities, including both walking and stationary ones. Particularly, we extract representative features from channel state information (CSI) measurements of WiFi signals, and develop a deep-learning-based user authentication scheme to accurately identify each individual user. To mitigate the signal distortion caused by surrounding people’s movements, our deep learning model exploits a CNN-based architecture that constructively combines features from multiple receiving antennas and derives more reliable feature abstractions. Furthermore, a transfer-learning-based mechanism is developed to reduce the training cost for new users and environments. Extensive experiments in various indoor environments are conducted to demonstrate the effectiveness of the proposed authentication system. In particular, our system can achieve over 94% authentication accuracy with 11 subjects through different activities. 
    more » « less
  5. ; ; ; ; (, ACM Transactions on Privacy and Security)
    null (Ed.)
    We present a secure two-factor authentication (TFA) scheme based on the user’s possession of a password and a crypto-capable device. Security is “end-to-end” in the sense that the attacker can attack all parts of the system, including all communication links and any subset of parties (servers, devices, client terminals), can learn users’ passwords, and perform active and passive attacks, online and offline. In all cases the scheme provides the highest attainable security bounds given the set of compromised components. Our solution builds a TFA scheme using any Device-enhanced Password-authenticated Key Exchange (PAKE), defined by Jarecki et al., and any Short Authenticated String (SAS) Message Authentication, defined by Vaudenay. We show an efficient instantiation of this modular construction, which utilizes any password-based client-server authentication method, with or without reliance on public-key infrastructure. The security of the proposed scheme is proven in a formal model that we formulate as an extension of the traditional PAKE model. We also report on a prototype implementation of our schemes, including TLS-based and PKI-free variants, as well as several instantiations of the SAS mechanism, all demonstrating the practicality of our approach. Finally, we present a usability study evaluating the viability of our protocol contrasted with the traditional PIN-based TFA approach in terms of efficiency, potential for errors, user experience, and security perception of the underlying manual process. 1 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email