LightDefender: Protecting PIN Input using Ambient Light Sensor

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Nowadays, personal identification number (PIN) is one of the most popular methods for identity verification. However, recent researches show that attackers can easily recover victims' PINs in spite of the large number of combinations PIN provides. Existing protection approaches require alteration of the original interaction between the user and PIN-based authentication systems, or still fail if the attacker can observe and mimic the victim's input behavior. Considering these limitations, we propose a defense system called LightDefender to protect current PIN-based systems from PIN replay attacks using a single ambient light sensor. Specifically, we protect the PIN input by leveraging the biometrics in the received light intensity that is influenced by input behaviors and biological features. To our best knowledge, our work is the first one to protect PIN input using the light intensity. Different from existing approaches, LightDefender does not change the original interaction methods between the user and PIN-based authentication systems, and the extra hardware cost is low. In addition, by leveraging biological differences (e.g. finger length) among different users, LightDefender still claims high-security protection against strong attackers who can mimic the victim's input behaviors. Experiments with 10 volunteers show that LightDefender can achieve an average true acceptance rate of 95% for normal users. More importantly, LightDefender can correctly reject two types attackers with an average true rejection rate of at least 93.6% without data of new attackers.

Original languageEnglish
Title of host publication18th Annual IEEE International Conference on Pervasive Computing and Communications, PerCom 2020
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781728146577
DOIs
StatePublished - Mar 2020
Event18th Annual IEEE International Conference on Pervasive Computing and Communications, PerCom 2020 - Austin, United States
Duration: 23 Mar 202027 Mar 2020

Publication series

Name18th Annual IEEE International Conference on Pervasive Computing and Communications, PerCom 2020

Conference

Conference18th Annual IEEE International Conference on Pervasive Computing and Communications, PerCom 2020
Country/TerritoryUnited States
CityAustin
Period23/03/2027/03/20

Keywords

  • ambient light
  • Personal identification number
  • PIN input protection

Fingerprint

Dive into the research topics of 'LightDefender: Protecting PIN Input using Ambient Light Sensor'. Together they form a unique fingerprint.

Cite this