CardioCam: Leveraging Camera on Mobile Devices to Verify Users While Their Heart is Pumping

With the increasing prevalence of mobile and IoT devices (e.g., smartphones, tablets, smart-home appliances), massive private and sensitive information are stored on these devices. To prevent unauthorized access on these devices, existing user verification solutions either rely on the complexity of user-defined secrets (e.g., password) or resort to specialized biometric sensors (e.g., fingerprint reader), but the users may still suffer from various attacks, such as password theft, shoulder surfing, smudge, and forged biometrics attacks. In this paper, we propose, CardioCam, a low-cost, general, hard-to-forge user verification system leveraging the unique cardiac biometrics extracted from the readily available built-in cameras in mobile and IoT devices. We demonstrate that the unique cardiac features can be extracted from the cardiac motion patterns in fingertips, by pressing on the built-in camera. To mitigate the impacts of various ambient lighting conditions and human movements under practical scenarios, CardioCam develops a gradient-based technique to optimize the camera configuration, and dynamically selects the most sensitive pixels in a camera frame to extract reliable cardiac motion patterns. Furthermore, the morphological characteristic analysis is deployed to derive user-specific cardiac features, and a feature transformation scheme grounded on Principle Component Analysis (PCA) is developed to enhance the robustness of cardiac biometrics for effective user verification. With the prototyped system, extensive experiments involving 25 subjects are conducted to demonstrate that CardioCam can achieve effective and reliable user verification with over 99% average true positive rate (TPR) while maintaining the false positive rate (FPR) as low as 4%

Secret key distribution leveraging color shift over visible light channel

Given the widely adoption of screen and camera in many electronic devices, the visible light communication (VLC) over screen-to-camera channel emerges as a novel short range communication technique in recent years. Active research explores various ways to convey messages over screen-camera channel, such as barcode and unobtrusive optical pattern. However, with the prevalence of LED screens of wide viewing angles and mobile devices equipped with high standard cameras, the threat of information leakage over screen-to-camera channel becomes in-negligible. Few studies have discussed how to ensure the security of data transmission over screen-to-camera channel. In this paper, we propose a secret key distribution system leveraging the unique color shift property over visible light channel. To facilitate such design, we develop a practical secret key matching based method to map the secret key into gridded optical patterns on screen, which can only be correctly recognized by the legitimate user through an accessible region and allow regular data stream transmission through valid grids. The proposed system is prototyped with off-the-shelf devices and validated under various experimental scenarios. The results show that our system can achieve high bit-decoding accuracy for the legitimate users while maintaining comparable data throughput as regular unobtrusive VLC systems with very low recovery accuracy of the encrypted data for the attackers

Postreconstruction filtering of 3D PET images by using weighted higher-order singular value decomposition

Additional file 1. Original 3D PET images data used in this work to generate the results