May the Force Be with You: Force-Based Relay Attack Detection

Iakovos Gurulian, Gerhard Hancke, Konstantinos Markantonakis, Raja Naeem Akram

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Relay attacks pose a significant threat against communicating devices that are required to operate within a short-distance from each other and a restricted time frame. In the field of smart cards, distance bounding protocols have been proposed as an effective countermeasure, whereas, in the field of smartphones, many proposals suggest the use of (natural) ambient sensing as an effective alternative. However, empirical evaluation of the proposals carried out in existing literature has reported negative results in using natural ambient sensing in distance- and time-restricted scenarios, like EMV contactless payments that require the proximity to be less than 3cm and the transaction duration to be under 500ms. In this paper, we propose a novel approach for Proximity and Relay Attack Detection (PRAD), using bidirectional sensing and comparing button presses and releases behaviour (duration of press and gap between presses and releases), performed by a genuine user during the transaction. We implemented a test-bed environment to collect training and analysis data from a set of users, for both the genuine and attacker-involved transactions. Analysis of the collection-data indicates a high effectiveness of the proposed solution, as it was successful in distinguishing between proximity and relay-attack transactions, using thresholds set after analysis of genuine training transaction data. Furthermore, perfect classification of genuine and relay-attack transactions was achieved by using well-known machine learning classifiers.
Original languageEnglish
Title of host publicationInternational Conference on Smart Card Research and Advanced Applications
EditorsT Eisenbarth, Y Teglia
PublisherSpringer
Pages142-159
Number of pages18
ISBN (Electronic)978-3-319-75208-2
ISBN (Print)978-3-319-75207-5
DOIs
Publication statusPublished - 26 Jan 2018
Event17th Smart Card Research and Advanced Application Conference -
Duration: 12 Nov 2018 → …
Conference number: 17

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Volume10728
ISSN (Print)0302-9743

Conference

Conference17th Smart Card Research and Advanced Application Conference
Abbreviated titleCARDIS
Period12/11/18 → …

Keywords

  • Mobile Payments
  • Relay Attacks
  • Contactless
  • Experimental Analysis

Fingerprint Dive into the research topics of 'May the Force Be with You: Force-Based Relay Attack Detection'. Together they form a unique fingerprint.

  • Cite this

    Gurulian, I., Hancke, G., Markantonakis, K., & Akram, R. N. (2018). May the Force Be with You: Force-Based Relay Attack Detection . In T. Eisenbarth, & Y. Teglia (Eds.), International Conference on Smart Card Research and Advanced Applications (pp. 142-159). (Lecture Notes in Computer Science ; Vol. 10728). Springer . https://doi.org/10.1007/978-3-319-75208-2_9