Abstract or Summary:
Authentication is widely considered a core challenge in usable security. We propose an implicit method for secondary (de-)authentication based on device presence. Our method does not require system modifications on the users' side, e.g., by installing an additional app, and is therefore cheap and easy to deploy. Having removed the burden of developing and maintaining apps in the fast proceeding field of mobile phone operating systems is a great advantage. Furthermore, our method solves the problem of accurate de-authentication as it automatically logs out the user if the device is not in reach of the WiFi network.

Our method works by monitoring WiFi activity of users' phones regardless if connected to a WiFi network or not. We facilitate passive monitoring on the radio layer (e.g., probing requests and power save mode keep-alive management packets) and the network layer (DHCP and ARP snooping). Additionally, we employ active probing using ARP ping and IPv6 Link Layer Neighbor Discovery. We describe how to implement a monitoring and probing device in a constant time and space manner (e.g., by using a Bloom filter ring) optimal for embedded systems.

PasswordResearch.com Note: Video of presentation: https://www.youtube.com/watch?v=6fC58E1XAAw