A processing system may detect a physical location of a user via at least one mobile computing device of the user, where the user is to be authenticated for a network-based transaction, identify at least one network-connected sensor device at the physical location, and determine, from the at least one network-connected sensor device, a set of environmental conditions of an environment of the physical location. The processing system may next identify at least one action for the user to perform to interact with at least one aspect of the environment in accordance with the set of environmental conditions and transmit an instruction to the user to perform the at least one action. The processing system may then obtain sensor data from the at least one network-connected sensor device, determine, from the sensor data, that the user performed the at least one action, and authenticate the user for the network-based transaction.

A processing system may detect a physical location of a user via at least one mobile computing device of the user, where the user is to be authenticated for a network-based transaction, identify at least one network-connected sensor device at the physical location, and determine, from the at least one network-connected sensor device, a set of environmental conditions of an environment of the physical location. The processing system may next identify at least one action for the user to perform to interact with at least one aspect of the environment in accordance with the set of environmental conditions and transmit an instruction to the user to perform the at least one action. The processing system may then obtain sensor data from the at least one network-connected sensor device, determine, from the sensor data, that the user performed the at least one action, and authenticate the user for the network-based transaction.

Secure pairing is key to trustworthy deployment and application of Internet of Things (IoT) devices. However, IoT devices lack conventional user interfaces, such as keyboards and displays, which make many traditional pairing approaches inapplicable. Proximity-based pairing approaches are very usable, but can be exploited by co-located malicious devices. Approaches based on a user's physical operations on IoT devices are more secure, but typically require inertial sensors, while many devices do not satisfy this requirement. A secure and usable pairing approach that can be applied to heterogeneous IoT devices still does not exist. We develop a technique, Universal Operation Sensing, which allows an IoT device to sense the user's physical operations on it without requiring inertial sensors. With this technique, a user holding a smartphone or wearing a wristband can finish pairing in seconds through some very simple operations, e.g., pressing a button or twisting a knob. Moreover, we reveal an inaccuracy issue in original fuzzy commitment and propose faithful fuzzy commitment to resolve it. We design a pairing protocol using faithful fuzzy commitment, and build a prototype system named Touch-to-Pair (T2Pair, for short). The comprehensive evaluation shows that it is secure and usable.

Systems, methods, and computer-readable storage media for automatic port identification. The present technology can involve determining that a wireless device has connected to a network device on a network, and determining which of the ports on the network device the wireless device has connected to. The determining the port connected to the wireless device can involve determining respective traffic patterns to be provided to selected ports on the network device, determining a traffic pattern transmitted by the wireless device, determining that the traffic pattern transmitted by the wireless device has a similarity to a traffic pattern from the respective traffic patterns, and based on the similarity, determining that a port associated with the traffic pattern is connected to the wireless device. The present technology can also involve selecting a port policy for the port.

A method includes identifying a plurality of local tracklets from a plurality of targets, creating a plurality of global tracklets from the plurality of local tracklets, wherein each global tracklet comprises a set of local tracklet of the plurality of local tracklets, wherein the set of local tracklet corresponds to a target of the plurality of targets; extracting motion features of the target from the each global tracklet of the plurality of global tracklets, wherein the motion features of each target of the plurality of targets from each global tracklet of the plurality of global tracklets are distinguishable from the motion features of remaining targets of the plurality of targets from remaining global tracklets; transforming the motion features into an address code by using a hashing process; and transmitting a plurality of address codes and a transformation parameter of the hashing process to a communication device.

A method includes identifying a plurality of local tracklets from a plurality of targets, creating a plurality of global tracklets from the plurality of local tracklets, wherein each global tracklet comprises a set of local tracklet of the plurality of local tracklets, wherein the set of local tracklet corresponds to a target of the plurality of targets; extracting motion features of the target from the each global tracklet of the plurality of global tracklets, wherein the motion features of each target of the plurality of targets from each global tracklet of the plurality of global tracklets are distinguishable from the motion features of remaining targets of the plurality of targets from remaining global tracklets; transforming the motion features into an address code by using a hashing process; and transmitting a plurality of address codes and a transformation parameter of the hashing process to a communication device.

A computer-implemented method includes identifying behavioral characteristics of a user related to operation of a computing device prior to an online account session. The method includes comparing the behavioral characteristics to a behavioral profile previously developed based on prior behavioral characteristics of the user, and determining an appropriate mark difficulty level based on a variation between the behavioral characteristics and the behavioral profile. The method includes selecting, from a plurality of prompts stored in a prompt database, a prompt that comprises instructions to draw a mark having the appropriate mark difficulty level, where other prompts of the plurality of prompts comprise instructions to draw other marks different from the mark, and providing the prompt to the user as part of a logon process for the online account session.

A method includes detecting proximity between a mobile device and a remote device associated with a transaction reserved by a user of the mobile device and a mode of the electronic device. A verification password is sent to the remote device responsive to detecting the proximity and the mode. A device includes a module to detect proximity between the device and a remote device associated with a transaction reserved by a user of the device occurring within a predefined distance threshold and a processor coupled to the module. A device includes another module to detect a stationary mode of the electronic device occurring for at least a predefined duration threshold. The processor is sends a verification password to the remote device responsive to detecting the proximity and the mode.

The instant disclosure is directed to an attack/unwanted activity detecting firewall for use in protecting authentication-based network resources. The instant system is adapted for installation inline or in sniffer mode. In various embodiments, defined rules are applied to network traffic to determine whether certain types of attacks are occurring on the network resources. If one such attack is detected, the system provides for several potential responses, including for example disconnecting the attacking remote machine, requiring the user at that machine to re-authenticate, and/or requiring a second factor of authentication from the user at that machine. In some example embodiments, regardless of any activity required of a user at the remote machine suspected of malicious behavior, the disclosed system generates an alarm or other alert for presentation as appropriate, such as via a graphical user interface or a third-party system using an API.

In accordance with one or more embodiments, aspects of the disclosure provide efficient, effective, and convenient ways of uploading and authenticating content. In particular, a user device may receive validating information from a wireless networking device. The user or client device may record a content item, and may insert a validation tag based on the validating information. The user or client device may then send the content item to the wireless networking device. The wireless networking device may receive the content item at a first location and may determine the validity of the content item based on the validating information. The user device may continually interact with wireless networking devices as it travels to continually upload content items while establishing the validity of the time and location of the content items.