The main project’s aim is to study and develop a methodology to identify mobile devices through the analysis and combination of signals coming from the various on-board sensors, aiming to extract a smartphone fingerprint which is univocal and distinctive of one specific device.
The unambiguous identification of a mobile is useful to enforce the classic authentication procedure (username-password pair), in a way that is transparent to the user connected to on-line services in mobility. The same identification is also useful to guarantee the automatic continuous authentication needed for very specific transactions and/or time consuming processing.
The basic idea is to exploit sensors which are more and more present on board of the modern smartphones to provide information to several applications; common sensors are accelerometer, camera, microphone, gyroscope, magnetometer, light and proximity and so on.
This identification is based on the assumption that the manufacturing process leaves some imperfections on the physical structure of each sensor, thus the output signals suffer from a systematic distortion, which is irrelevant for its use but can distinguish each particular sensor on its own. The extraction and combination of the several features concerning each one of the sensors will contribute to define the smartphone identification service.
In the following, the activities foreseen to be performed are detailed:
– Analysis of sensors on board of the commonly marketed smartphones, with particular attention to the characteristic defects shown in the output signal;
– Once individual features have been identified, they will be composed together to improve their singular distinctiveness capacity;
– Training of ad-hoc classifiers to discriminate various smartphones, both among different brands/models and among similar devices (same brand and model);
– Design and execution of a testing stage to demonstrate the results of the performed study.
Through the development of the project actions, the following goals will be achieved:
– Extraction of a featuring and unambiguous smartphones’ fingerprint, able to discriminate among devices of different or identical brand and model; the fingerprint will be a distinctive feature of the device itself;
– Definition of the principal characteristics of a trusted communication infrastructure, where device fingerprints are exploited to guarantee a strong user authentication and to be able to perform within a continuous authentication paradigm.