CLAS: A Novel Communications Latency Based Authentication Scheme
<p dir="ltr">We design and implement a novel communications latency based authentication scheme, dubbed CLAS, that strengthens the security of state-of-the-art web authentication approaches by leveraging the round trip network communications latency (RTL) between clients and authenti...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | , |
| Published: |
2017
|
| Subjects: | |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1864513557212692480 |
|---|---|
| author | Zuochao Dou (16855443) |
| author2 | Issa Khalil (16855449) Abdallah Khreishah (16855455) |
| author2_role | author author |
| author_facet | Zuochao Dou (16855443) Issa Khalil (16855449) Abdallah Khreishah (16855455) |
| author_role | author |
| dc.creator.none.fl_str_mv | Zuochao Dou (16855443) Issa Khalil (16855449) Abdallah Khreishah (16855455) |
| dc.date.none.fl_str_mv | 2017-06-12T06:00:00Z |
| dc.identifier.none.fl_str_mv | 10.1155/2017/4286903 |
| dc.relation.none.fl_str_mv | https://figshare.com/articles/journal_contribution/CLAS_A_Novel_Communications_Latency_Based_Authentication_Scheme/27050710 |
| dc.rights.none.fl_str_mv | CC BY 4.0 info:eu-repo/semantics/openAccess |
| dc.subject.none.fl_str_mv | Information and computing sciences Cybersecurity and privacy Communications latency CLAS (Communications Latency-based Authentication Scheme) Web authentication Round trip latency (RTL) Password compromise Network security RTL manipulation |
| dc.title.none.fl_str_mv | CLAS: A Novel Communications Latency Based Authentication Scheme |
| dc.type.none.fl_str_mv | Text Journal contribution info:eu-repo/semantics/publishedVersion text contribution to journal |
| description | <p dir="ltr">We design and implement a novel communications latency based authentication scheme, dubbed CLAS, that strengthens the security of state-of-the-art web authentication approaches by leveraging the round trip network communications latency (RTL) between clients and authenticators. In addition to the traditional credentials, CLAS profiles RTL values of clients and uses them to defend against password compromise. The key challenges are (i) to prevent RTL manipulation, (ii) to alleviate network instabilities, and (iii) to address mobile clients. CLAS addresses the first challenge by introducing a novel network architecture, which makes it extremely difficult for attackers to simulate legitimate RTL values. The second challenge is addressed by outlier removal and multiple temporal profiling, while the last challenge is addressed by augmenting CLAS with out-of-band-channels or other authentication schemes. CLAS restricts login to profiled locations while demanding additional information for nonprofiled ones, which highly reduces the attack surface even when the legitimate credentials are compromised. Additionally, unlike many state-of-the-art authentication mechanisms, CLAS is resilient to phishing, pharming, man-in-the-middle, and social engineering attacks. Furthermore, CLAS is transparent to users and incurs negligible overhead. The experimental results show that CLAS can achieve very low false positive and false negative rates.</p><h2>Other Information</h2><p dir="ltr">Published in: Security and Communication Networks<br>License: <a href="http://creativecommons.org/licenses/by/4.0/" target="_blank">http://creativecommons.org/licenses/by/4.0/</a><br>See article on publisher's website: <a href="https://dx.doi.org/10.1155/2017/4286903" target="_blank">https://dx.doi.org/10.1155/2017/4286903</a></p> |
| eu_rights_str_mv | openAccess |
| id | Manara2_baee8f33d15b085f69c9ecd7dca95490 |
| identifier_str_mv | 10.1155/2017/4286903 |
| network_acronym_str | Manara2 |
| network_name_str | Manara2 |
| oai_identifier_str | oai:figshare.com:article/27050710 |
| publishDate | 2017 |
| repository.mail.fl_str_mv | |
| repository.name.fl_str_mv | |
| repository_id_str | |
| rights_invalid_str_mv | CC BY 4.0 |
| spelling | CLAS: A Novel Communications Latency Based Authentication SchemeZuochao Dou (16855443)Issa Khalil (16855449)Abdallah Khreishah (16855455)Information and computing sciencesCybersecurity and privacyCommunications latencyCLAS (Communications Latency-based Authentication Scheme)Web authenticationRound trip latency (RTL)Password compromiseNetwork securityRTL manipulation<p dir="ltr">We design and implement a novel communications latency based authentication scheme, dubbed CLAS, that strengthens the security of state-of-the-art web authentication approaches by leveraging the round trip network communications latency (RTL) between clients and authenticators. In addition to the traditional credentials, CLAS profiles RTL values of clients and uses them to defend against password compromise. The key challenges are (i) to prevent RTL manipulation, (ii) to alleviate network instabilities, and (iii) to address mobile clients. CLAS addresses the first challenge by introducing a novel network architecture, which makes it extremely difficult for attackers to simulate legitimate RTL values. The second challenge is addressed by outlier removal and multiple temporal profiling, while the last challenge is addressed by augmenting CLAS with out-of-band-channels or other authentication schemes. CLAS restricts login to profiled locations while demanding additional information for nonprofiled ones, which highly reduces the attack surface even when the legitimate credentials are compromised. Additionally, unlike many state-of-the-art authentication mechanisms, CLAS is resilient to phishing, pharming, man-in-the-middle, and social engineering attacks. Furthermore, CLAS is transparent to users and incurs negligible overhead. The experimental results show that CLAS can achieve very low false positive and false negative rates.</p><h2>Other Information</h2><p dir="ltr">Published in: Security and Communication Networks<br>License: <a href="http://creativecommons.org/licenses/by/4.0/" target="_blank">http://creativecommons.org/licenses/by/4.0/</a><br>See article on publisher's website: <a href="https://dx.doi.org/10.1155/2017/4286903" target="_blank">https://dx.doi.org/10.1155/2017/4286903</a></p>2017-06-12T06:00:00ZTextJournal contributioninfo:eu-repo/semantics/publishedVersiontextcontribution to journal10.1155/2017/4286903https://figshare.com/articles/journal_contribution/CLAS_A_Novel_Communications_Latency_Based_Authentication_Scheme/27050710CC BY 4.0info:eu-repo/semantics/openAccessoai:figshare.com:article/270507102017-06-12T06:00:00Z |
| spellingShingle | CLAS: A Novel Communications Latency Based Authentication Scheme Zuochao Dou (16855443) Information and computing sciences Cybersecurity and privacy Communications latency CLAS (Communications Latency-based Authentication Scheme) Web authentication Round trip latency (RTL) Password compromise Network security RTL manipulation |
| status_str | publishedVersion |
| title | CLAS: A Novel Communications Latency Based Authentication Scheme |
| title_full | CLAS: A Novel Communications Latency Based Authentication Scheme |
| title_fullStr | CLAS: A Novel Communications Latency Based Authentication Scheme |
| title_full_unstemmed | CLAS: A Novel Communications Latency Based Authentication Scheme |
| title_short | CLAS: A Novel Communications Latency Based Authentication Scheme |
| title_sort | CLAS: A Novel Communications Latency Based Authentication Scheme |
| topic | Information and computing sciences Cybersecurity and privacy Communications latency CLAS (Communications Latency-based Authentication Scheme) Web authentication Round trip latency (RTL) Password compromise Network security RTL manipulation |