• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Home
  • Research
  • Publications
  • People
  • Teaching
  • Media Outreach
  • News
  • AI Spies News

SPIES Lab, Computer Science and Engineering

Texas A&M University College of Engineering

Contextual Security

Zero-Interaction Authentication (ZIA) refers to approaches that authenticate a user to a verifier (terminal) without any user interaction. Currently deployed ZIA solutions are predominantly based on the terminal detecting the proximity of the user’s personal device, or a security token, by running an authentication protocol over a short-range wireless communication channel. Unfortunately, this simple approach is highly vulnerable to low-cost and practical relay attacks which completely offset the usability benefits of ZIA. The use of contextual information, gathered via on-board sensors, to detect the co-presence of the user and the verifier is a recently proposed mechanism to resist relay attacks.

Zero Interaction Authentication (Benign Scenario)

Figure 1: Zero Interaction Authentication (Benign Scenario)

As a case in point, we systematically investigate the performance of different sensor modalities for co-presence detection with respect to a standard Dolev-Yao adversary. We compare the performance of four commonly available sensor modalities (Wi-Fi, Bluetooth, GPS, and Audio) in resisting ZIA relay attacks. Further, we compare four new ambient environment sensor modalities, ambient temperature, precision gas, humidity, and altitude utilizing an off-the-shelf device called Sensordrone. Then, we show that, compared to any single modality, fusing multiple modalities improves resilience against ZIA relay attacks while retaining a high level of usability. Finally, we motivate the need for a stronger adversarial model to characterize an attacker who can compromise the integrity of context sensing itself. We show that in the presence of such a powerful attacker, each individual sensor modality offers very low security. Positively, the use of multiple sensor modalities improves security against such an attacker if the attacker cannot compromise multiple modalities simultaneously.

Zero Interaction Authentication (Attack Scenario)

Figure 2: Zero Interaction Authentication (Attack Scenario)

People

Faculty

  • Nitesh Saxena

Student

  • Babins Shrestha (PhD student; Now Sr. Information Security Analyst at VISA Inc.)

External Collaborators:

  • Xiang Gao (MS student; University of Helsinki; Now Software Engineer at LiveRing)
  • Hien Thi Thu Truong (Postdoctoral Researcher; University of Helsinki; Now Research Scientist at NEC Laboratories Europe GmbH)
  • Petteri Nurmi (Senior Researcher; University of Helsinki; Now Lecturer at Lancaster University)
  • N. Asokan (Professor; Aalto University and University of Helsinki)

Publication

  • Sensor-based Proximity Detection in the Face of Active Adversaries
    Babins Shrestha, Nitesh Saxena, Hien Truong and N. Asokan.
    In IEEE Transactions on Mobile Computing (TMC),
    [pdf]
  • Drone to the rescue: Relay-resilient authentication using ambient multi-sensing
    Babins Shrestha, Nitesh Saxena, Hien Thi Thu Truong, N Asokan
    International Conference on Financial Cryptography and Data Security (FC), March 2014
    [pdf]
  • Comparing and fusing different sensor modalities for relay attack resistance in zero-interaction authentication
    Hien Thi Thu Truong, Xiang Gao, Babins Shrestha, Nitesh Saxena, N Asokan, Petteri Nurmi
    IEEE International Conference on Pervasive Computing and Communications (PerCom), March 2014
    [pdf]
  • Using contextual co-presence to strengthen Zero-Interaction Authentication: Design, integration and usability
    Hien Thi Thu Truong, Xiang Gao, Babins Shrestha, Nitesh Saxena, N Asokan, Petteri Nurmi
    Pervasive and Mobile Computing (PMC), Vol: 16, 2015
    [doi]

Recent News

  • Paper accepted to ACM CCS 2025 July 2, 2025
  • News: Security and Accessibility Gaps in Web Authentication for Blind and Visually Impaired Users June 30, 2025
  • Paper accepted to ICME 2025 June 24, 2025
  • SPIES Lab’s Browser Fingerprinting Work in the News June 23, 2025
  • Journal paper accepted to IEEE TIFS June 19, 2025
  • SPIES Lab’s Browser Fingerprinting Work Features in News June 18, 2025
  • Paper Accepted to USENIX Security 2025 June 6, 2025
  • 2 Papers Accepted to PST 2025 June 6, 2025
  • AI Spies News — BPSniff (IEEE S&P 2025) Paper News Story May 12, 2025
  • Launching the AI Spies News Channel May 12, 2025
  • Paper accepted to WiSec 2025 May 11, 2025
  • SPIES Lab’s Secure Messaging Work Features in News May 3, 2025
  • SPIES Lab Student to Start as an Assistant Professor April 18, 2025
  • Dr. Saxena’s Primer on Secure Communications in News Media March 31, 2025
  • Dr. Saxena recognized with the Dean’s Excellence Award! February 14, 2025
  • Dr. Saxena appointed as the Senior Area Editor, IEEE TIFS February 6, 2025
  • 2 Full Papers Accepted to WWW 2025 January 20, 2025
  • Journal paper accepted to IEEE TMC December 18, 2024
  • New post-doctoral researcher joins the lab December 11, 2024
  • Paper Accepted to ACM Computing Surveys 2024 November 30, 2024

© 2016–2025 SPIES Lab, Computer Science and Engineering Log in

Texas A&M Engineering Experiment Station Logo
  • College of Engineering
  • Facebook
  • Twitter
  • State of Texas
  • Open Records
  • Risk, Fraud & Misconduct Hotline
  • Statewide Search
  • Site Links & Policies
  • Accommodations
  • Environmental Health, Safety & Security
  • Employment