Security Issues of Mobile and Smart Wearable Devices

Mobile and smart devices (ranging from popular smartphones and tablets to wearable fitness trackers equipped with sensing, computing and networking capabilities) have proliferated lately and redefined the way users carry out their day-to-day activities. These devices bring immense benefits to society and boast improved quality of life for users. As mobile and smart technologies become increasingly ubiquitous, the security of these devices becomes more urgent, and users should take precautions to keep their personal information secure. Privacy has also been called into question as so many of mobile and smart devices collect, process huge quantities of data, and store them on the cloud as a matter of fact. Ensuring confidentiality, integrity, and authenticity of the information is a cybersecurity challenge with no easy solution. Unfortunately, current security controls have not kept pace with the risks posed by mobile and smart devices, and have proven patently insufficient so far. Thwarting attacks is also a thriving research area with a substantial amount of still unsolved problems. The pervasiveness of smart devices, the growing attack vectors, and the current lack of security call for an effective and efficient way of protecting mobile and smart devices. This thesis deals with the security problems of mobile and smart devices, providing specific methods for improving current security solutions. Our contributions are grouped into two related areas which present natural intersections and corresponds to the two central parts of this document: (1) Tackling Mobile Malware, and (2) Security Analysis on Wearable and Smart Devices. In the first part of this thesis, we study methods and techniques to assist security analysts to tackle mobile malware and automate the identification of malicious applications. We provide threefold contributions in tackling mobile malware: First, we introduce a Secure Message Delivery (SMD) protocol for Device-to-Device (D2D) networks, with primary objective of choosing the most secure path to deliver a message from a sender to a destination in a multi-hop D2D network. Second, we illustrate a survey to investigate concrete and relevant questions concerning Android code obfuscation and protection techniques, where the purpose is to review code obfuscation and code protection practices. We evaluate efficacy of existing code de-obfuscation tools to tackle obfuscated Android malware (which provide attackers with the ability to evade detection mechanisms). Finally, we propose a Machine Learning-based detection framework to hunt malicious Android apps by introducing a system to detect and classify newly-discovered malware through analyzing applications. The proposed system classifies different types of malware from each other and helps to better understanding how malware can infect devices, the threat level they pose and how to protect against them. Our designed system leverages more complete coverage of apps’ behavioral characteristics than the state-of-the-art, integrates the most performant classifier, and utilizes the robustness of extracted features. The second part of this dissertation conducts an in-depth security analysis of the most popular wearable fitness trackers on the market. Our contributions are grouped into four central parts in this domain: First, we analyze the primitives governing the communication between fitness tracker and cloud-based services. In addition, we investigate communication requirements in this setting such as: (i) Data Confidentiality, (ii) Data Integrity, and (iii) Data Authenticity. Second, we show real-world demos on how modern wearable devices are vulnerable to false data injection attacks. Also, we document successful injection of falsified data to cloud-based services that appears legitimate to the cloud to obtain personal benefits. Third, we circumvent End-to-End protocol encryption implemented in the most advanced and secure fitness trackers (e.g., Fitbit, as the market leader) through Hardware-based reverse engineering. Last but not least, we provide guidelines for avoiding similar vulnerabilities in future system designs

Understanding disease through remote monitoring technology:A mobile health perspective on disease and diagnosis in three conditions: stress, epilepsy, and COVID-19

Mobile systems and wearable technology have developed substantially over the last decade and provide a unique long-term and continuous insight and monitoring into medical condi- tions in health research. The opportunities afforded by mobile health in access, scale, and round-the-clock recording are counterbalanced by pronounced issues in areas like participant engagement, labelling, and dataset size. Throughout this thesis the different aspects of an mHealth study are addressed, from software development and study design to data collection and analysis. Three medically relevant fields are investigated: detection of stress from physiological signals, seizure detection in epilepsy and the characterisation and monitoring of COVID-19 through mobile health techniques.The first two analytical chapters of the thesis focus on models for acute stress and epileptic seizure detection, two conditions with autonomic and physiological manifestations. Firstly, a multi-modal machine learning pipeline is developed targetting focal and general motor seizures in patients with epilepsy. The heterogenity and inter-individual differences present in this study motivated the investigation of methods to personalise models with relatively little data. I subsequently consider meta-learning for few-shot model personalisation within acute stress classification, finding increased performance compared to standard methods.As the COVID-19 pandemic gripped the world the work of this thesis reoriented around using mHealth to understand the disease. Firstly, the study design and software development of Covid Collab, a crowdsourced, remote-enrollment COVID-19 study, are examined. Within these chapters, the patterns of participant enrolment and adherence in Covid Col- lab are also considered. Adherence could impact scientific interpretations if not properly accounted for. While basic drop-out and percent completion are often considered, a more dynamic view of a participant’s behaviour can also be important. A hidden Markov model approach is used to compare participant engagement over time.Secondly, the long-term effects of COVID are investigated through data collected in the Covid Collab study, giving insight into prevalence, risk factors, and symptom manifestation with respect to wearable-recorded physiological signals. Long-term and historical data accessed retrospectively facilitated the findings of significant correlations between development of long-COVID and mHealth-derived fitness and behaviour

State of the art of audio- and video based solutions for AAL

Working Group 3. Audio- and Video-based AAL ApplicationsIt is a matter of fact that Europe is facing more and more crucial challenges regarding health and social care due to the demographic change and the current economic context. The recent COVID-19 pandemic has stressed this situation even further, thus highlighting the need for taking action. Active and Assisted Living (AAL) technologies come as a viable approach to help facing these challenges, thanks to the high potential they have in enabling remote care and support. Broadly speaking, AAL can be referred to as the use of innovative and advanced Information and Communication Technologies to create supportive, inclusive and empowering applications and environments that enable older, impaired or frail people to live independently and stay active longer in society. AAL capitalizes on the growing pervasiveness and effectiveness of sensing and computing facilities to supply the persons in need with smart assistance, by responding to their necessities of autonomy, independence, comfort, security and safety. The application scenarios addressed by AAL are complex, due to the inherent heterogeneity of the end-user population, their living arrangements, and their physical conditions or impairment. Despite aiming at diverse goals, AAL systems should share some common characteristics. They are designed to provide support in daily life in an invisible, unobtrusive and user-friendly manner. Moreover, they are conceived to be intelligent, to be able to learn and adapt to the requirements and requests of the assisted people, and to synchronise with their specific needs. Nevertheless, to ensure the uptake of AAL in society, potential users must be willing to use AAL applications and to integrate them in their daily environments and lives. In this respect, video- and audio-based AAL applications have several advantages, in terms of unobtrusiveness and information richness. Indeed, cameras and microphones are far less obtrusive with respect to the hindrance other wearable sensors may cause to one’s activities. In addition, a single camera placed in a room can record most of the activities performed in the room, thus replacing many other non-visual sensors. Currently, video-based applications are effective in recognising and monitoring the activities, the movements, and the overall conditions of the assisted individuals as well as to assess their vital parameters (e.g., heart rate, respiratory rate). Similarly, audio sensors have the potential to become one of the most important modalities for interaction with AAL systems, as they can have a large range of sensing, do not require physical presence at a particular location and are physically intangible. Moreover, relevant information about individuals’ activities and health status can derive from processing audio signals (e.g., speech recordings). Nevertheless, as the other side of the coin, cameras and microphones are often perceived as the most intrusive technologies from the viewpoint of the privacy of the monitored individuals. This is due to the richness of the information these technologies convey and the intimate setting where they may be deployed. Solutions able to ensure privacy preservation by context and by design, as well as to ensure high legal and ethical standards are in high demand. After the review of the current state of play and the discussion in GoodBrother, we may claim that the first solutions in this direction are starting to appear in the literature. A multidisciplinary 4 debate among experts and stakeholders is paving the way towards AAL ensuring ergonomics, usability, acceptance and privacy preservation. The DIANA, PAAL, and VisuAAL projects are examples of this fresh approach. This report provides the reader with a review of the most recent advances in audio- and video-based monitoring technologies for AAL. It has been drafted as a collective effort of WG3 to supply an introduction to AAL, its evolution over time and its main functional and technological underpinnings. In this respect, the report contributes to the field with the outline of a new generation of ethical-aware AAL technologies and a proposal for a novel comprehensive taxonomy of AAL systems and applications. Moreover, the report allows non-technical readers to gather an overview of the main components of an AAL system and how these function and interact with the end-users. The report illustrates the state of the art of the most successful AAL applications and functions based on audio and video data, namely (i) lifelogging and self-monitoring, (ii) remote monitoring of vital signs, (iii) emotional state recognition, (iv) food intake monitoring, activity and behaviour recognition, (v) activity and personal assistance, (vi) gesture recognition, (vii) fall detection and prevention, (viii) mobility assessment and frailty recognition, and (ix) cognitive and motor rehabilitation. For these application scenarios, the report illustrates the state of play in terms of scientific advances, available products and research project. The open challenges are also highlighted. The report ends with an overview of the challenges, the hindrances and the opportunities posed by the uptake in real world settings of AAL technologies. In this respect, the report illustrates the current procedural and technological approaches to cope with acceptability, usability and trust in the AAL technology, by surveying strategies and approaches to co-design, to privacy preservation in video and audio data, to transparency and explainability in data processing, and to data transmission and communication. User acceptance and ethical considerations are also debated. Finally, the potentials coming from the silver economy are overviewed.publishedVersio

State of the Art of Audio- and Video-Based Solutions for AAL

It is a matter of fact that Europe is facing more and more crucial challenges regarding health and social care due to the demographic change and the current economic context. The recent COVID-19 pandemic has stressed this situation even further, thus highlighting the need for taking action. Active and Assisted Living technologies come as a viable approach to help facing these challenges, thanks to the high potential they have in enabling remote care and support. Broadly speaking, AAL can be referred to as the use of innovative and advanced Information and Communication Technologies to create supportive, inclusive and empowering applications and environments that enable older, impaired or frail people to live independently and stay active longer in society. AAL capitalizes on the growing pervasiveness and effectiveness of sensing and computing facilities to supply the persons in need with smart assistance, by responding to their necessities of autonomy, independence, comfort, security and safety. The application scenarios addressed by AAL are complex, due to the inherent heterogeneity of the end-user population, their living arrangements, and their physical conditions or impairment. Despite aiming at diverse goals, AAL systems should share some common characteristics. They are designed to provide support in daily life in an invisible, unobtrusive and user-friendly manner. Moreover, they are conceived to be intelligent, to be able to learn and adapt to the requirements and requests of the assisted people, and to synchronise with their specific needs. Nevertheless, to ensure the uptake of AAL in society, potential users must be willing to use AAL applications and to integrate them in their daily environments and lives. In this respect, video- and audio-based AAL applications have several advantages, in terms of unobtrusiveness and information richness. Indeed, cameras and microphones are far less obtrusive with respect to the hindrance other wearable sensors may cause to one’s activities. In addition, a single camera placed in a room can record most of the activities performed in the room, thus replacing many other non-visual sensors. Currently, video-based applications are effective in recognising and monitoring the activities, the movements, and the overall conditions of the assisted individuals as well as to assess their vital parameters. Similarly, audio sensors have the potential to become one of the most important modalities for interaction with AAL systems, as they can have a large range of sensing, do not require physical presence at a particular location and are physically intangible. Moreover, relevant information about individuals’ activities and health status can derive from processing audio signals. Nevertheless, as the other side of the coin, cameras and microphones are often perceived as the most intrusive technologies from the viewpoint of the privacy of the monitored individuals. This is due to the richness of the information these technologies convey and the intimate setting where they may be deployed. Solutions able to ensure privacy preservation by context and by design, as well as to ensure high legal and ethical standards are in high demand. After the review of the current state of play and the discussion in GoodBrother, we may claim that the first solutions in this direction are starting to appear in the literature. A multidisciplinary debate among experts and stakeholders is paving the way towards AAL ensuring ergonomics, usability, acceptance and privacy preservation. The DIANA, PAAL, and VisuAAL projects are examples of this fresh approach. This report provides the reader with a review of the most recent advances in audio- and video-based monitoring technologies for AAL. It has been drafted as a collective effort of WG3 to supply an introduction to AAL, its evolution over time and its main functional and technological underpinnings. In this respect, the report contributes to the field with the outline of a new generation of ethical-aware AAL technologies and a proposal for a novel comprehensive taxonomy of AAL systems and applications. Moreover, the report allows non-technical readers to gather an overview of the main components of an AAL system and how these function and interact with the end-users. The report illustrates the state of the art of the most successful AAL applications and functions based on audio and video data, namely lifelogging and self-monitoring, remote monitoring of vital signs, emotional state recognition, food intake monitoring, activity and behaviour recognition, activity and personal assistance, gesture recognition, fall detection and prevention, mobility assessment and frailty recognition, and cognitive and motor rehabilitation. For these application scenarios, the report illustrates the state of play in terms of scientific advances, available products and research project. The open challenges are also highlighted. The report ends with an overview of the challenges, the hindrances and the opportunities posed by the uptake in real world settings of AAL technologies. In this respect, the report illustrates the current procedural and technological approaches to cope with acceptability, usability and trust in the AAL technology, by surveying strategies and approaches to co-design, to privacy preservation in video and audio data, to transparency and explainability in data processing, and to data transmission and communication. User acceptance and ethical considerations are also debated. Finally, the potentials coming from the silver economy are overviewed

Libro de actas. XXXV Congreso Anual de la Sociedad Española de Ingeniería Biomédica

596 p.CASEIB2017 vuelve a ser el foro de referencia a nivel nacional para el intercambio científico de conocimiento, experiencias y promoción de la I D i en Ingeniería Biomédica. Un punto de encuentro de científicos, profesionales de la industria, ingenieros biomédicos y profesionales clínicos interesados en las últimas novedades en investigación, educación y aplicación industrial y clínica de la ingeniería biomédica. En la presente edición, más de 160 trabajos de alto nivel científico serán presentados en áreas relevantes de la ingeniería biomédica, tales como: procesado de señal e imagen, instrumentación biomédica, telemedicina, modelado de sistemas biomédicos, sistemas inteligentes y sensores, robótica, planificación y simulación quirúrgica, biofotónica y biomateriales. Cabe destacar las sesiones dedicadas a la competición por el Premio José María Ferrero Corral, y la sesión de competición de alumnos de Grado en Ingeniería biomédica, que persiguen fomentar la participación de jóvenes estudiantes e investigadores

Housing quality and lost (public) space in Croatia

IN ENGLISH: In the post-socialist period and within the current social transition context, urban and rural Croatia has, just like other transition countries, experienced many changes in the social structure and space. One example is the housing quality which is a replica of the situation in the Croatian society and has also undergone some major changes. Socially oriented housing construction co-financed by the state and the cities is in an unfavourable position compared to private housing construction. In the last twenty years the amount of the social housing construction has been only a minor part of the total contruction work in the country. For instance, out of nine newly planned residential housing developments in Zagreb, the capital city, only three have been completed and the work on the rest of them has stopped and is unlikely to continue. Private construction work prevails especially on the edge of the city and is characterised by high density housing. This type of housing construction doesn't benefit the majority of citizens in search of accommodation (price per square meter is too high, low-quality building). There is also a big problem of the community facilities (primary and secondary infrastructure, schools, kindergartens, playgrounds, green areas, sidewalks, public transport etc.). The existing globalisation-transition circumstances of the Croatian society corroborate the fact which experts of various profiles often point out: ignoring the process of (urban) planning will irreparably damage the space. The city transformation shows the absence of comprehensive urban planning which results in an ever increasing number of random buildings which do not fit in the surroundings. This leads up to yet another important issue – the shrinking and, in some cases, disappearance of public space which becomes the “lost space“. In recent years there has been a lot of building in the city core and on the edge which does not quite fit in the existing urban structure, image or the skyline of the city. The current situation in the process of planning can be characterized as a conflict and imbalance between the powerful actors (mostly political and economic) and less powerful actors (mostly professional and civil). The actors who have the political power and influence and the ones who possess the capital are forming an “alliance” between two important layers of the social structure. The lack of civil and professional actors, “lost spatial actors”, and therefore of civic aggregation is also present and that is also the cause of public space “disappearance” and undermined process of public participation. --------------- IN CROATIAN: U postsocijalističkom razdoblju i trenutnom tranzicijskom kontekstu urbana i ruralna Hrvatska su, kao i ostale tranzicijske zemlje, doživjele mnoge promjene u društvenoj strukturi i samom prostoru. Na primjeru kvalitete stanovanja kao replike stanja u hrvatskom društvu mogu se vidjeti značajne promjene. Društveno usmjerena stambena izgradnja sufinancirana od strane države i gradova je stoga rjeđa i u nepovoljnijoj je situaciji prema privatnoj stanogradnji. Zadnjih dvadeset godina udjel socijalne stambene gradnje je zanemariv u ukupnoj izgradnji na razini zemlje. Primjerice, od devet planiranih stambenih naselja izgrađenih po modelu POS-a u Zagrebu samo su tri i završena. Na ostalima je proces gradnje zastao i ne čini se da će se privesti kraju. Privatna je gradnje prisutnija, posebno na rubovima grada, a obilježava je visoka gustoća gradnje. Ovakav tip gradnje ne odgovara većini stanovnika koji su u procesu potražnje stambene nekretnine (visoka cijena kvadratnog metra, a slaba kvaliteta gradnje). Postoji također i problem nedostatne opremljenosti susjedstva (primarna i sekundarna infrastruktura, škole, vrtići, igrališta, zelene površine, pješačke staze, javni transport itd.). Navedene globalizacijsko-tranzicijske okolnosti hrvatskog društva potvrđuju ono što eksperti različitih profila ističu, a to je da će ignoriranje procesa (urbanog) planiranja nepovratno uništiti prostor gradova. Ovakve transformacije pokazuju nedostatak sustavnog urbanog planiranja što rezultira sve većim brojem zgrada koje se ne uklapaju u neposrednu okolinu. To nadalje dovodi do drugog važnog aspekta – smanjivanja i u nekim slučajevima, nestanka javnog prostora koji postaje „izgubljeni prostor“. Posljednjih je godina izgrađen velik broj zgrada, i u središtu i na rubovima grada, koje se ne uklapaju u postojeću urbanu strukturu, izgled ili vizuru grada. Ovakvu situaciju obilježavaju sukob i neravnoteža između moćnijih društvenih aktera (većinom političkih i ekonomskih) i onih manje moćnih (većinom profesionalnih i civilnih). Politički i ekonomski akteri se često povezuju u „savez“ dvaju najjačih u društvenoj strukturi. S druge strane nedostatak utjecaja civilnih i profesionalnih aktera kao „izgubljenih prostornih aktera“ dovodi do „nestanka“ javnih prostora te smanjenja važnosti procesa participacije (sudjelovanja javnosti)