Modern Authentication Schemes in Smartphones and IoT Devices

An Empirical Survey

Journal article (2022)

Authors

Milad Taleby Ahvanooey Nanjing University
Mark Xuefang Zhu Nanjing University
Qianmu Li Nanjing University of Science and Technology, Wuyi University
Wojciech Mazurczyk Warsaw University of Technology
Kim Kwang Raymond Choo The University of Texas at San Antonio
Brij B. Gupta National Institute of Technology Kurukshetra, Asia University
M. Conti Cyber Security - EEMCS , Università degli Studi di Padova
Research Group
Cyber Security (EEMCS) (TU Delft)
Copyright: © 2022 Milad Taleby Ahvanooey, Mark Xuefang Zhu, Qianmu Li, Wojciech Mazurczyk, Kim Kwang Raymond Choo, Brij B. Gupta, M. Conti
DOI
help_outline
https://doi.org/10.1109/JIOT.2021.3138073
Biometrics Authentication schemes Password security , In- ternet of Things (IoT) Cracking attacks Graphical passwords
More Info
expand_more

Published Date

2022

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Electrical Engineering, Mathematics and Computer Science

Department

Intelligent Systems

Research Group

Cyber Security

Abstract

User authentication remains a challenging issue, despite the existence of a large number of proposed solutions, such as traditional text-based, graphical-based, biometrics-based, Web-based, and hardware-based schemes. For example, some of these schemes are not suitable for deployment in an Internet of Things (IoT) setting, partly due to the hardware and/or software constraints of IoT devices. The increasing popularity and pervasiveness of IoT equipment in a broad range of settings reinforces the importance of ensuring the security and privacy of IoT devices. Therefore, in this article, we conduct a comprehensive literature review and an empirical study to gain an in-depth understanding of the different authentication schemes as well as their vulnerabilities and deficits against various types of cyberattacks when applied in IoT-based systems. Based on the identified limitations, we recommend several mitigation strategies and discuss the practical implications of our findings.