Abstract
Ideally, secure user sessions should start and end with authentication and de-Authentication phases, respectively. While the user must pass the former to start a secure session, the latter's importance is often ignored or underestimated. Dangling or unattended sessions expose users to well-known Lunchtime Attacks. To mitigate this threat, the research community focused on automated de-Authentication systems. Unfortunately, no single approach offers security, privacy, and usability. For instance, although facial recognition-based methods might be a good fit for security and usability, they violate user privacy by constantly recording the user and the surrounding environment.In this work, we propose BLUFADE, a fast, secure, and transparent de-Authentication system that takes advantage of blurred faces to preserve user privacy. We obfuscate a webcam with a physical blur layer and use deep learning algorithms to perform face detection continuously. To assess BLUFADE's practicality, we collected two datasets formed by 30 recruited subjects (users) and thousands of physically blurred celebrity photos. The former was used to train and evaluate the deauthentication system performances, the latter to assess the privacy and to increase variance in training data. We show that our approach outperforms state-of-The-Art methods in detecting blurred faces, achieving up to 95% accuracy. Furthermore, we demonstrate that BLUFADE effectively de-Authenticates users up to 100% accuracy in under 3 seconds, while satisfying security, privacy, and usability requirements.
Original language | English |
---|---|
Title of host publication | 2022 IEEE International Conference on Pervasive Computing and Communications, PerCom 2022 |
Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
Pages | 197-206 |
Number of pages | 10 |
ISBN (Electronic) | 978-1-6654-1643-6 |
DOIs | |
Publication status | Published - 2022 |
Event | 20th IEEE International Conference on Pervasive Computing and Communications, PerCom 2022 - Pisa, Italy Duration: 21 Mar 2022 → 25 Mar 2022 |
Publication series
Name | 2022 IEEE International Conference on Pervasive Computing and Communications, PerCom 2022 |
---|
Conference
Conference | 20th IEEE International Conference on Pervasive Computing and Communications, PerCom 2022 |
---|---|
Country/Territory | Italy |
City | Pisa |
Period | 21/03/22 → 25/03/22 |
Bibliographical note
Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-careOtherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.
Keywords
- Blurred Face Detection
- De-Authentication
- Deep Learning
- Lunchtime Attacks
- Privacy
- Usability