Papaioannou Maria, Zachos Georgios, Mantas Georgios, Panaousis Emmanouil, Rodriguez Jonathan
Instituto de Telecomunicações, 3810-193 Aveiro, Portugal.
Faculty of Engineering and Science, University of Greenwich, Chatham Maritime ME4 4TB, UK.
Sensors (Basel). 2024 Aug 11;24(16):5193. doi: 10.3390/s24165193.
As the number of European Union (EU) visitors grows, implementing novel border control solutions, such as mobile devices for passenger identification for land and sea border control, becomes paramount to ensure the convenience and safety of passengers and officers. However, these devices, handling sensitive personal data, become attractive targets for malicious actors seeking to misuse or steal such data. Therefore, to increase the level of security of such devices without interrupting border control activities, robust user authentication mechanisms are essential. Toward this direction, we propose a risk-based adaptive user authentication mechanism for mobile passenger identification devices for land and sea border control, aiming to enhance device security without hindering usability. In this work, we present a comprehensive assessment of novelty and outlier detection algorithms and discern OneClassSVM, Local Outlier Factor (LOF), and Bayesian_GaussianMixtureModel (B_GMM) novelty detection algorithms as the most effective ones for risk estimation in the proposed mechanism. Furthermore, in this work, we develop the proposed risk-based adaptive user authentication mechanism as an application on a Raspberry Pi 4 Model B device (i.e., playing the role of the mobile device for passenger identification), where we evaluate the detection performance of the three best performing novelty detection algorithms (i.e., OneClassSVM, LOF, and B_GMM), with B_GMM surpassing the others in performance when deployed on the Raspberry Pi 4 device. Finally, we evaluate the risk estimation overhead of the proposed mechanism when the best performing B_GMM novelty detection algorithm is used for risk estimation, indicating efficient operation with minimal additional latency.
随着欧盟(EU)游客数量的增加,实施新颖的边境管制解决方案,如用于陆地和海上边境管制的乘客身份识别移动设备,对于确保乘客和工作人员的便利与安全变得至关重要。然而,这些处理敏感个人数据的设备,成为了恶意行为者试图滥用或窃取此类数据的诱人目标。因此,为了在不中断边境管制活动的情况下提高此类设备的安全级别,强大的用户认证机制必不可少。朝着这个方向,我们为陆地和海上边境管制的移动乘客身份识别设备提出了一种基于风险的自适应用户认证机制,旨在增强设备安全性而不影响可用性。在这项工作中,我们对新颖性和异常值检测算法进行了全面评估,并识别出一类支持向量机(OneClassSVM)、局部异常因子(LOF)和贝叶斯高斯混合模型(B_GMM)新颖性检测算法是所提出机制中用于风险估计最有效的算法。此外,在这项工作中,我们将所提出的基于风险的自适应用户认证机制开发为在树莓派4 B型设备上运行的应用程序(即扮演用于乘客身份识别的移动设备的角色),在该设备上我们评估了三种性能最佳的新颖性检测算法(即OneClassSVM、LOF和B_GMM)的检测性能,其中B_GMM在部署到树莓派4设备时性能超过其他算法。最后,我们评估了在所提出的机制中使用性能最佳的B_GMM新颖性检测算法进行风险估计时的风险估计开销,结果表明该机制以最小的额外延迟实现了高效运行。