On the Effectiveness of Ambient Sensing for Detecting NFC Relay Attacks. / Gurulian, Iakovos; Shepherd, Carlton; Markantonakis, Konstantinos; Frank, Eibe; Akram, Raja; Mayes, Keith.

Trustcom/BigDataSE/ICESS, 2017 IEEE. 2017. p. 41-49.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Published

Standard

On the Effectiveness of Ambient Sensing for Detecting NFC Relay Attacks. / Gurulian, Iakovos; Shepherd, Carlton; Markantonakis, Konstantinos; Frank, Eibe; Akram, Raja; Mayes, Keith.

Trustcom/BigDataSE/ICESS, 2017 IEEE. 2017. p. 41-49.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Harvard

Gurulian, I, Shepherd, C, Markantonakis, K, Frank, E, Akram, R & Mayes, K 2017, On the Effectiveness of Ambient Sensing for Detecting NFC Relay Attacks. in Trustcom/BigDataSE/ICESS, 2017 IEEE. pp. 41-49, 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, Sydney, Australia, 1/08/17. https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.218

APA

Vancouver

Author

BibTeX

@inproceedings{cd929896f89849e8953791b5698c373a,
title = "On the Effectiveness of Ambient Sensing for Detecting NFC Relay Attacks",
abstract = "Smartphones with Near-Field Communication (NFC) may emulate contactless smart cards, which has resulted in the deployment of various access control, transportation and payment services, such as Google Pay and Apple Pay. Like contactless cards, however, NFC-based smartphone transactions are susceptible to relay attacks, and ambient sensing has been suggested as a potential countermeasure. In this study, we empirically evaluate the suitability of ambient sensors as a proximity detection mechanism for smartphone-based transactions under EMV constraints. We underpin our study using sensing data collected from 17 sensors from an emulated relay attack test-bed to assess whether they can thwart such attacks effectively. Each sensor, where feasible, was used to record 350-400 legitimate and relay (illegitimate) contactless transactions at two different physical locations. Our analysis provides an empirical foundation upon which to determine the efficacy of ambient sensing for providing a strong anti-relay mechanism in security-sensitive applications. We demonstrate that no single, evaluated mobile ambient sensor is suitable for such critical applications under realistic deployment constraints.",
author = "Iakovos Gurulian and Carlton Shepherd and Konstantinos Markantonakis and Eibe Frank and Raja Akram and Keith Mayes",
year = "2017",
doi = "10.1109/Trustcom/BigDataSE/ICESS.2017.218",
language = "English",
pages = "41--49",
booktitle = "Trustcom/BigDataSE/ICESS, 2017 IEEE",
note = "16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, IEEE TrustCom-17 ; Conference date: 01-08-2017 Through 04-08-2017",

}

RIS

TY - GEN

T1 - On the Effectiveness of Ambient Sensing for Detecting NFC Relay Attacks

AU - Gurulian, Iakovos

AU - Shepherd, Carlton

AU - Markantonakis, Konstantinos

AU - Frank, Eibe

AU - Akram, Raja

AU - Mayes, Keith

PY - 2017

Y1 - 2017

N2 - Smartphones with Near-Field Communication (NFC) may emulate contactless smart cards, which has resulted in the deployment of various access control, transportation and payment services, such as Google Pay and Apple Pay. Like contactless cards, however, NFC-based smartphone transactions are susceptible to relay attacks, and ambient sensing has been suggested as a potential countermeasure. In this study, we empirically evaluate the suitability of ambient sensors as a proximity detection mechanism for smartphone-based transactions under EMV constraints. We underpin our study using sensing data collected from 17 sensors from an emulated relay attack test-bed to assess whether they can thwart such attacks effectively. Each sensor, where feasible, was used to record 350-400 legitimate and relay (illegitimate) contactless transactions at two different physical locations. Our analysis provides an empirical foundation upon which to determine the efficacy of ambient sensing for providing a strong anti-relay mechanism in security-sensitive applications. We demonstrate that no single, evaluated mobile ambient sensor is suitable for such critical applications under realistic deployment constraints.

AB - Smartphones with Near-Field Communication (NFC) may emulate contactless smart cards, which has resulted in the deployment of various access control, transportation and payment services, such as Google Pay and Apple Pay. Like contactless cards, however, NFC-based smartphone transactions are susceptible to relay attacks, and ambient sensing has been suggested as a potential countermeasure. In this study, we empirically evaluate the suitability of ambient sensors as a proximity detection mechanism for smartphone-based transactions under EMV constraints. We underpin our study using sensing data collected from 17 sensors from an emulated relay attack test-bed to assess whether they can thwart such attacks effectively. Each sensor, where feasible, was used to record 350-400 legitimate and relay (illegitimate) contactless transactions at two different physical locations. Our analysis provides an empirical foundation upon which to determine the efficacy of ambient sensing for providing a strong anti-relay mechanism in security-sensitive applications. We demonstrate that no single, evaluated mobile ambient sensor is suitable for such critical applications under realistic deployment constraints.

U2 - 10.1109/Trustcom/BigDataSE/ICESS.2017.218

DO - 10.1109/Trustcom/BigDataSE/ICESS.2017.218

M3 - Conference contribution

SP - 41

EP - 49

BT - Trustcom/BigDataSE/ICESS, 2017 IEEE

T2 - 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications

Y2 - 1 August 2017 through 4 August 2017

ER -