Paper Info
Title
Towards identifying and preventing behavioral side channel attack on recording attack resilient unaided authentication services
Abstract
Side channel attacks, based on the human behavior, have not received much attention in the domain of recording attack resilient unaided authentication services (RARUAS) that purely rely on human visual perception but not on hidden auxiliary channels. In this paper, for the first time, we have made an extensive analysis to show - how human behavior during the login can weaken the claimed security standard of RARUAS. We identify this threat as behavioral side channel attack. To make situation more alarming, our investigation revealed that the identified threat model is capable of reducing the claimed session resiliency of any RARUAS by a significant extent. For dealing with this threat model, the latter part of our proposal introduces a novel defense strategy that reduces attackers’ efficiency and improves the session resiliency. The subsequent study indicates that by nature of its design, the proposed defense strategy does not make any significant impact on the usability standard. To validate our claims, we have made a thorough experimental study to show that the proposed defense strategy is truly deployable in practice for improving the situation against the behavioral side channel attack.
Year
DOI
Venue
2019
10.1016/j.cose.2019.03.019
Computers & Security
Keywords
Field
DocType
Authentication,Password,Recording attack,Human behaviour,Side channel attack,Defense
Psychological resilience,Internet privacy,Authentication,Human visual perception,Computer science,Threat model,Computer security,Usability,Login,Communication channel,Side channel attack
Journal
Volume
ISSN
Citations 
84
0167-4048
1
PageRank 
References 
Authors
0.35
0
3
Name
Order
Citations
PageRank
Nilesh Chakraborty1228.33
Vijay S. Anand210.35
Samrat Mondal310018.02