Abstract
Relay attacks are passive man in the middle attacks, aiming to extend the physical distance of devices involved in a transaction beyond their operating environment, within the restricted time-frame. In the field of smartphones, proposals have been put forward suggesting sensing the natural ambient environment as an effective Proximity and Relay Attack Detection (PRAD) mechanism. However, these proposals are not in compliance with industry imposed constraints (e.g.\ EMV and ITSO) mandating that transactions should complete within a certain time-frame (e.g.\ 500ms for EMV contactless transactions). The generation of an artificial ambient environment (AAE) using peripherals of the transaction devices has shown positive results when using infrared light as an AAE actuator. In this paper we propose the use of vibration as an alternative AAE actuator. We empirically evaluated the effectiveness of the proposed solution as a PRAD mechanism on an experimental test-bed that we deployed. A total of 36,000 genuine and relay attack transaction pairs were analysed using well-known machine learning algorithms. The results of our analysis indicate that the proposed solution is highly effective.
Original language | English |
---|---|
Pages | 1-9 |
Number of pages | 9 |
DOIs | |
Publication status | Published - 2018 |
Event | The 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications: IEEE TrustCom-18 - New York, United States Duration: 31 Jul 2018 → 3 Aug 2018 http://www.cloud-conf.net/trustcom18/index.html |
Conference
Conference | The 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications |
---|---|
Country/Territory | United States |
City | New York |
Period | 31/07/18 → 3/08/18 |
Internet address |
Keywords
- Mobile Payments
- Mobile Ticketing
- Relay Attacks
- Ambient Environment Sensing
- Contactless
- Experimental Analysis