Table of Contents Author Guidelines Submit a Manuscript
Security and Communication Networks
Volume 2017, Article ID 4286903, 20 pages
https://doi.org/10.1155/2017/4286903
Research Article

CLAS: A Novel Communications Latency Based Authentication Scheme

1Department of Electrical and Computer Engineering, New Jersey Institute of Technology, Newark, NJ, USA
2Qatar Computing Research Institute, Hamad Bin Khalifa University, Doha, Qatar

Correspondence should be addressed to Zuochao Dou; ude.tijn@63dz

Received 2 January 2017; Revised 3 April 2017; Accepted 7 May 2017; Published 12 June 2017

Academic Editor: Emanuele Maiorana

Copyright © 2017 Zuochao Dou et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. “The Cyberwire: Breaking news from RSA, April 2015.,” http://thecyberwire.com/issues/issues2015/April/CyberWire_2015_04_21.html.
  2. L-F. Aaron Han, F. Derek Wong, and S. Lidia Chao, Password cracking and countermeasures in computer security: A survey, arXiv preprint arXiv:1411.7803, 2014.
  3. R. W. Reeder and S. Schechter, “When the password doesn't work: Secondary authentication for websites,” IEEE Security and Privacy, vol. 9, no. 2, pp. 43–49, 2011. View at Publisher · View at Google Scholar · View at Scopus
  4. H.-M. Sun, Y.-H. Chen, and Y.-H. Lin, “oPass: A user authentication protocol resistant to password stealing and password reuse attacks,” IEEE Transactions on Information Forensics and Security, vol. 7, no. 2, pp. 651–663, 2012. View at Publisher · View at Google Scholar · View at Scopus
  5. M. Adham, A. Azodi, Y. Desmedt, and I. Karaolis, “How to attack two-factor authentication internet banking,” Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 7859, pp. 322–328, 2013. View at Publisher · View at Google Scholar · View at Scopus
  6. S. Gastellier-Prevost, G. G. Granadillo, and M. Laurent, “A dual approach to detect pharming attacks at the client-side,” in Proceedings of 4th IFIP International Conference on New Technologies, Mobility and Security, NTMS 2011, fra, February 2011. View at Publisher · View at Google Scholar · View at Scopus
  7. “ConsumerReports: Smartphone thefts, May 2014,” http://www.consumerreports.org/cro/news/2014/04/smart-phone-thefts-rose-to-3-1-million-last-year/index.htm.
  8. “Internet Security Threat Report,” Symantec, April 2015.
  9. BitDefender finds exposed social media credentials often provide access to email accounts. 2010. http://www.bitdefender.com/news/bitdefender-finds-exposed-social-media-credentials-often-provide-access-to-email-accounts-1682.html.
  10. “Password security: A survey of australian attitudes toward password use and management, 2011,” https://www.paypal-media.com/assets/pdf/fact_sheet/cis_paypal_whitepaper_final.pdf.
  11. “Consumer survey: Password habits, 2012,” http://www.csid.com/wp-content/uploads/2012/09/CS_PasswordSurvey_FullReport_FINAL.pdf.
  12. “Ofcom’s adults media use and attitudes report, 2013,” http://stakeholders.ofcom.org.uk/market-data-research/media-literacy/media-lit-research/adults-2013/.
  13. A. Das, J. Bonneau, M. Caesar, N. Borisov, and X. Wang, “The tangled web of password reuse,” in Proceedings of the Network and Distributed System Security Symposium NDSS '14, San Diego, CA, USA, 2014. View at Publisher · View at Google Scholar
  14. N. Gunson, D. Marshall, H. Morton, and M. Jack, “User perceptions of security and usability of single-factor and two-factor authentication in automated telephone banking,” Computers and Security, vol. 30, no. 4, pp. 208–220, 2011. View at Publisher · View at Google Scholar · View at Scopus
  15. L. Zhang, S. Yu, D. Wu, and P. Watters, “A survey on latest botnet attack and defense,” in Proceedings of 10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. on Frontier of Computer Science and Technology, FCST 2011, pp. 53–60, chn, November 2011. View at Publisher · View at Google Scholar · View at Scopus
  16. K. Anup Ghosh, A. Schwartzbard, and M. Schatz, “Learning program behavior profiles for intrusion detection,” In Workshop on IDNM, 1999. View at Google Scholar
  17. M. H. Bhuyan, D. K. Bhattacharyya, and J. K. Kalita, “Network anomaly detection: methods, systems and tools,” Communications Surveys and Tutorials, 2014. View at Google Scholar · View at Scopus
  18. M. Kwon, Z. Dou, W. Heinzelman, T. Soyata, H. Ba, and J. Shi, “Use of network latency profiling and redundancy for cloud server selection,” in Proceedings of 7th IEEE International Conference on Cloud Computing, CLOUD 2014, pp. 826–832, usa, July 2014. View at Publisher · View at Google Scholar · View at Scopus
  19. I. Hababeh, I. Khalil, and A. Khreishah, “Designing high performance web-based computing services to promote telemedicine database management system,” IEEE Transactions on Services Computing, vol. 8, no. 1, pp. 47–64, 2015. View at Publisher · View at Google Scholar · View at Scopus
  20. I. M. Khalil, “ELMO: Energy aware local monitoring in sensor networks,” IEEE Transactions on Dependable and Secure Computing, vol. 8, no. 4, pp. 523–536, 2011. View at Publisher · View at Google Scholar · View at Scopus
  21. R. K. Panta, S. Bagchi, and I. M. Khalil, “Efficient wireless reprogramming through reduced bandwidth usage and opportunistic sleeping,” Ad Hoc Networks, vol. 7, no. 1, pp. 42–62, 2009. View at Publisher · View at Google Scholar · View at Scopus
  22. V. Vallivaara, M. Sailio, and K. Halunen, “Detecting man-in-the-middle attacks on non-mobile systems,” in Proceedings of 4th ACM Conference on Data and Application Security and Privacy, CODASPY 2014, pp. 131–133, usa, March 2014. View at Publisher · View at Google Scholar · View at Scopus
  23. Gmail: Detecting suspicious account activity, http://googleonlinesecurity.blogspot.com//03/detecting-suspicious-account-activity.html.
  24. R. Dingledine, N. Mathewson, and P. Syverson, Tor: The second-generation onion router. Technical report, DTIC Document, 2004.
  25. “Dell secure work: Bgp hijacking for cryptocurrency profit, August 2014,” http://www.secureworks.com/cyber-threat-intelligence/threats/bgp-hijacking-for-cryptocurrency-profit/.
  26. P. Vervier, O. Thonnard, and M. Dacier, “Mind Your Blocks: On the Stealthiness of Malicious BGP Hijacks,” in Proceedings of the Network and Distributed System Security Symposium, San Diego, CA, USA, 2015. View at Publisher · View at Google Scholar
  27. A. Gavrichenkov, Breaking Https with Bgp Hijacking, Black Hat, Briefings, 2015.
  28. S. Hogg, “Address authenticaion,” The Internet Protocol Journal, 2013. View at Publisher · View at Google Scholar
  29. I. Khalil, Z. Dou, and A. Khreishah, “Your credentials are compromised, do not panic: You can be well protected,” in Proceedings of 11th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2016, pp. 925–930, chn, June 2016. View at Publisher · View at Google Scholar · View at Scopus
  30. K. O. Bailey, J. S. Okolica, and G. L. Peterson, “User identification and authentication using multi-modal behavioral biometrics,” Computers & Security, vol. 43, pp. 77–89, 2014. View at Publisher · View at Google Scholar · View at Scopus
  31. K. Moritz, S. S. Aultman, J. J. A. Campbell et al., Behavioral profiling method and system to authenticate a user, November 10 2015. US Patent 9,185,095.
  32. NIST, e-Handbook of statistical methods. http://www.itl.nist.gov/div898/handbook/.
  33. Stat 300 materials 7-3a. http://flc.losrios.edu/eitel/Stat%20300/S-300%20Main%20Web%20Page.htm.
  34. C. Labovitz, G. R. Malan, and F. Jahanian, “Internet routing instability,” IEEE/ACM Transactions on Networking, vol. 6, no. 5, pp. 515–528, 1998. View at Publisher · View at Google Scholar · View at Scopus
  35. J. Rexford, J. Wang, Z. Xiao, and Y. Zhang, “BGP Routing Stability of Popular Destinations,” in Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment, pp. 197–202, fra, 2002. View at Scopus
  36. M. Lad, J. H. Park, T. Refice, and L. Zhang, “A study of internet routing stability using link weight,” Tech. Rep. UCLA/CSD-080003, 2008. View at Google Scholar
  37. A. Shaikh, A. Varma, L. Kalampoukas, and R. Dube, “Routing stability in congested networks: experimentation and analysis,” in Proceedings of the ACM SIGCOMM Computer Communication Review, vol. 30, pp. 163–174, September 2000. View at Scopus
  38. G. Comarela, G. Gürsun, and M. Crovella, “Studying interdomain routing over long timescales,” in Proceedings of 13th ACM Internet Measurement Conference, IMC 2013, pp. 227–233, esp, October 2013. View at Publisher · View at Google Scholar · View at Scopus
  39. P. Eckersley, “How unique is your web browser?” in Privacy Enhancing Technologies: 10th International Symposium, PETS 2010, Berlin, Germany, July 21–23, 2010. Proceedings, vol. 6205 of Lecture Notes in Computer Science, pp. 1–18, Springer, Berlin, Germany, 2010. View at Publisher · View at Google Scholar
  40. Z. Dou, I. Khalil, A. Khreishah, and A. Al-Fuqaha, “Robust Insider Attacks Countermeasure for Hadoop: Design and Implementation,” IEEE Systems Journal, pp. 1–12, 2017. View at Publisher · View at Google Scholar
  41. I. Khalil, Z. Dou, and A. Khreishah, “TPM-based authentication mechanism for apache hadoop,” Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST, vol. 152, pp. 105–122, 2015. View at Publisher · View at Google Scholar · View at Scopus
  42. F. Monrose and A. D. Rubin, “Keystroke dynamics as a biometric for authentication,” Future Generation Computer Systems, vol. 16, no. 4, pp. 351–359, 2000. View at Publisher · View at Google Scholar · View at Scopus
  43. “Apache HTTP Server Version 2.4, 2015,” http://httpd.apache.org/docs/2.4/en/.
  44. C. Leys, C. Ley, O. Klein, P. Bernard, and L. Licata, “Detecting outliers: Do not use standard deviation around the mean, use absolute deviation around the median,” Journal of Experimental Social Psychology, vol. 49, no. 4, pp. 764–766, 2013. View at Publisher · View at Google Scholar · View at Scopus
  45. F. Ahmed, S. Bouktif, A. Serhani, and I. Khalil, “Integrating function point project information for improving the accuracy of effort estimation,” in Proceedings of 2nd International Conference on Advanced Engineering Computing and Applications in Sciences, ADVCOMP 2008, pp. 193–198, esp, October 2008. View at Publisher · View at Google Scholar · View at Scopus
  46. GENI, http://www.geni.net/.