Abstract: “A robust authentication strategy requires a user to provide not only a password but also something the user has. Generally, “what you have” authentication methods require additional hardware to strengthen security. However, such devices are not widely used today. This paper proposes another “what you have” authentication approach, in which a user machine is identified by analyzing video traffic flowing from an authentication server to the user machine. This scheme is inexpensive and resistant to machine and credential theft. Experimental results demonstrate that the traffic signature used in this paper is responsive to a small difference between two user machines.”

Keywords: traffic signature, user authentication, two-factor authentication, video stream