Wi-Access: Second Factor User Authentication leveraging WiFi Signals

Abstract

Two factor authentication offers significant benefits but has had limited uptake as users find the extra step required at each authentication attempt (e.g., to enter a verification code) to be onerous. In this paper, we present a novel twofactor authentication system called Wi-Access that requires no additional effort from the user beyond typing her credentials. The first factor is established by the knowledge of the password. Wi-Access uses the unique perturbations in the ambient WiFi signals caused by the hand and finger motions of the user during password entry as a way to confirm inherence (i.e., something that the user is) as the second factor for authentication. We show that the way in which Alice moves her hands and fingers while typing her password is uniquely manifested in the Channel State Information (CSI) of ubiquitous WiFi signals. We also show that if Bob types Alice's password, then the corresponding CSI signals are significantly distinct to Alice. Wi-Access uses Principle Component Analysis to reduce the dimensionality of the CSI data. A variance-based thresholding algorithm is used to extract the CSI signals that precisely correspond to the typing action. A one-class classifier based on an autoencoder that uses specific thresholds tailored to each user's training data is used to make the authentication decision. We implement Wi-Access using offthe-shelf 802.11n devices and evaluate its performance with 10 subjects. Our tests reveal that Wi-Access can on average achieve 92% authentication accuracy with 8% false positives. Moreover, Wi-Access is robust in preventing attacks with a 91.8% attack detection accuracy.