Exploring Novel Device Authentication Techniques for General Computing Devices

Secure device authentication is one of the top challenges worldwide from a security and privacy point of view. For the provisioning of security services, cryptographic methods have traditionally relied on keys stored in the devices. These keys are vulnerable to attack since they are seldom protected.

This thesis investigates the feasibility to enhance device security. The recommended framework makes use of novel Integrated Circuit Metrics (ICMetrics) technology, which leverages measurable features and properties of a device. Low level device features are used to build an identity for the device through the use of the ICMetrics. This technology specialises in deriving strong device identity to prevent all forms of skimming and malware attacks.

Firstly, the research contribution is to examine the suitability of employing various low level behavioural characteristics or features derived from wearable and general computing devices. The novelty offered by this research enables the utilization of dynamic features instead of solely relying on static features. Additionally, the feature characteristics need not remain absolutely constant but are free to vary within deduced parameters, thus allowing the software to operate in several states and on a variety of platforms. To increase the complexity of the generated ICMetrics, the extracted feature values are subjected to statistical and mathematical analysis. Another fundamental problem solved by ICMetrics is the generation of stable and unique digital identities from features that are unstable. Potential features that might be used for device identification were the initial point of focus, which was followed by a study of the feature extraction strategy and multimodal properties. The modular dataset made it easier to assess how reliable the device identification was. The security system is analysed and tested during this phase in order to measure its efficacy. In other words, it is tested using a dataset that was captured directly from the computing devices. The accuracy rate and confusion matrix, are calculated in this phase. The investigation showed that the suggested model outperformed all other model for identifying devices. The accuracy results obtained for the second and third feature sets of the proposed model are 91.5%, 92%, and 80.3% respectively.

The thesis also investigates the effectiveness of employing measured hardware features mapped into the frequency domain for device identification. Discrete Wavelet Transform (DWT) coefficients are used as differentiating features in the approach. In this thesis, the proposed model of multivariate Gaussian distribution is used to describe the analysis process and its mathematical application. Hardware characteristics were investigated. Wavelet-based features were leveraged. The analysis and comparison of classifiers revealed that they behave differently on the same dataset. Overall, wavelet features outperform raw features, and Sym2 and DB2 are the two wavelets that perform the best.

Finally, because the sample data was stored on the device, an efficient technique for data security had to be implemented. A decision was taken to employ the homomorphic encryption (HE) algorithm. The method fulfils the requirements for data protection.