Secure Data Collection and Analysis in Smart Health Monitoring

Smart health monitoring uses real-time monitored data to support diagnosis, treatment, and health decision-making in modern smart healthcare systems and benefit our daily life. The accurate health monitoring and prompt transmission of health data are facilitated by the ever-evolving on-body sensors, wireless communication technologies, and wireless sensing techniques. Although the users have witnessed the convenience of smart health monitoring, severe privacy and security concerns on the valuable and sensitive collected data come along with the merit. The data collection, transmission, and analysis are vulnerable to various attacks, e.g., eavesdropping, due to the open nature of wireless media, the resource constraints of sensing devices, and the lack of security protocols. These deficiencies not only make conventional cryptographic methods not applicable in smart health monitoring but also put many obstacles in the path of designing privacy protection mechanisms. In this dissertation, we design dedicated schemes to achieve secure data collection and analysis in smart health monitoring. The first two works propose two robust and secure authentication schemes based on Electrocardiogram (ECG), which outperform traditional user identity authentication schemes in health monitoring, to restrict the access to collected data to legitimate users. To improve the practicality of ECG-based authentication, we address the nonuniformity and sensitivity of ECG signals, as well as the noise contamination issue. The next work investigates an extended authentication goal, denoted as wearable-user pair authentication. It simultaneously authenticates the user identity and device identity to provide further protection. We exploit the uniqueness of the interference between different wireless protocols, which is common in health monitoring due to devices\u27 varying sensing and transmission demands, and design a wearable-user pair authentication scheme based on the interference. However, the harm of this interference is also outstanding. Thus, in the fourth work, we use wireless human activity recognition in health monitoring as an example and analyze how this interference may jeopardize it. We identify a new attack that can produce false recognition result and discuss potential countermeasures against this attack. In the end, we move to a broader scenario and protect the statistics of distributed data reported in mobile crowd sensing, a common practice used in public health monitoring for data collection. We deploy differential privacy to enable the indistinguishability of workers\u27 locations and sensing data without the help of a trusted entity while meeting the accuracy demands of crowd sensing tasks

A Holistic Analysis of Internet of Things (IoT) Security : Principles, Practices, and New Perspectives

Peer reviewedPublisher PD

Cybersecurity and the Digital Health: An Investigation on the State of the Art and the Position of the Actors

Cybercrime is increasingly exposing the health domain to growing risk. The push towards a strong connection of citizens to health services, through digitalization, has undisputed advantages. Digital health allows remote care, the use of medical devices with a high mechatronic and IT content with strong automation, and a large interconnection of hospital networks with an increasingly effective exchange of data. However, all this requires a great cybersecurity commitment—a commitment that must start with scholars in research and then reach the stakeholders. New devices and technological solutions are increasingly breaking into healthcare, and are able to change the processes of interaction in the health domain. This requires cybersecurity to become a vital part of patient safety through changes in human behaviour, technology, and processes, as part of a complete solution. All professionals involved in cybersecurity in the health domain were invited to contribute with their experiences. This book contains contributions from various experts and different fields. Aspects of cybersecurity in healthcare relating to technological advance and emerging risks were addressed. The new boundaries of this field and the impact of COVID-19 on some sectors, such as mhealth, have also been addressed. We dedicate the book to all those with different roles involved in cybersecurity in the health domain

Secure and Privacy-Preserving Vehicular Communications

Road safety has been drawing increasing attention in the public, and has been subject to extensive efforts from both industry and academia in mitigating the impact of traffic accidents. Recent advances in wireless technology promise new approaches to facilitating road safety and traffic management, where each vehicle (or referred to as On-board unit (OBU)) is allowed to communicate with each other as well as with Roadside units (RSUs), which are located in some critical sections of the road, such as a traffic light, an intersection, and a stop sign. With the OBUs and RSUs, a self-organized network, called Vehicular Ad Hoc Network (VANET), can thus be formed. Unfortunately, VANETs have faced various security threats and privacy concerns, which would jeopardize the public safety and become the main barrier to the acceptance of such a new technology. Hence, addressing security and privacy issues is a prerequisite for a market-ready VANET. Although many studies have recently addressed a significant amount of efforts in solving the related problems, few of the studies has taken the scalability issues into consideration. When the traffic density is getting large, a vehicle may become unable to verify the authenticity of the messages sent by its neighbors in a timely manner, which may result in message loss so that public safety may be at risk. Communication overhead is another issue that has not been well addressed in previously reported studies. Many efforts have been made in recent years in achieving efficient broadcast source authentication and data integrity by using fast symmetric cryptography. However, the dynamic nature of VANETs makes it very challenging in the applicability of these symmetric cryptography-based protocols. In this research, we propose a novel Secure and Efficient RSU-aided Privacy Preservation Protocol, called SERP^3, in order to achieve efficient secure and privacy-preserving Inter-Vehicle Communications (IVCs). With the commitments of one-way key chains distributed to vehicles by RSUs, a vehicle can effectively authenticate any received message from vehicles nearby even in the presence of frequent change of its neighborship. Compared with previously reported public key infrastructure (PKI)-based packet authentication protocols for security and privacy, the proposed protocol not only retains the security and privacy preservation properties, but also has less packet loss ratio and lower communication overhead, especially when the road traffic is heavy. Therefore, the protocol solves the scalability and communication overhead issues, while maintaining acceptable packet latency. However, RSU may not exist in some situations, for example, in the early stage deployment phase of VANET, where unfortunately, SERP^3 is not suitable. Thus, we propose a complementary Efficient and Cooperative Message Validation Protocol, called ECMVP, where each vehicle probabilistically validates a certain percentage of its received messages based on its own computing capacity and then reports any invalid messages detected by it. Since the ultimate goal of designing VANET is to develop vehicle safety/non-safety related applications to improve road safety and facilitate traffic management, two vehicle applications are further proposed in the research to exploit the advantages of vehicular communications. First, a novel vehicle safety application for achieving a secure road traffic control system in VANETs is developed. The proposed application helps circumvent vehicles safely and securely through the areas in any abnormal situation, such as a car crash scene, while ensuring the security and privacy of the drivers from various threats. It not only enhances traveler safety but also minimizes capacity restrictions due to any unusual situation. Second, the dissertation investigates a novel mobile payment system for highway toll collection by way of vehicular communications, which addresses all the issues in the currently existing toll collection technologies

On the security of mobile sensors

PhD ThesisThe age of sensor technology is upon us. Sensor-rich mobile devices are ubiquitous. Smart-phones, tablets, and wearables are increasingly equipped with sensors such as GPS, accelerometer, Near Field Communication (NFC), and ambient sensors. Data provided by such sensors, combined with the fast-growing computational capabilities on mobile platforms, offer richer and more personalised apps. However, these sensors introduce new security challenges to the users, and make sensor management more complicated. In this PhD thesis, we contribute to the field of mobile sensor security by investigating a wide spectrum of open problems in this field covering attacks and defences, standardisation and industrial approaches, and human dimensions. We study the problems in detail and propose solutions. First, we propose “Tap-Tap and Pay” (TTP), a sensor-based protocol to prevent the Mafia attack in NFC payment. The Mafia attack is a special type of Man-In-The-Middle attack which charges the user for something more expensive than what she intends to pay by relaying transactions to a remote payment terminal. In TTP, a user initiates the payment by physically tapping her mobile phone against the reader. We observe that this tapping causes transient vibrations at both devices which are measurable by the embedded accelerometers. Our observations indicate that these sensor measurements are closely correlated within the same tapping, and different if obtained from different tapping events. By comparing the similarity between the two measurements, the bank can distinguish the Mafia fraud apart from a legitimate NFC transaction. The experimental results and the user feedback suggest the practical feasibility of TTP. As compared with previous sensor-based solutions, ours is the only one that works even when the attacker and the user are in nearby locations or share similar ambient environments. Second, we demonstrate an in-app attack based on a real world problem in contactless payment known as the card collision or card clash. A card collision happens when more than one card (or NFC-enabled device) are presented to the payment terminal’s field, and the terminal does not know which card to choose. By performing experiments, we observe that the implementation of contactless terminals in practice matches neither EMV nor ISO standards (the two primary standards for smart card payment) on card collision. Based on this inconsistency, we propose “NFC Payment Spy”, a malicious app that tracks the user’s contactless payment transactions. This app, running on a smart phone, simulates a card which requests the payment information (amount, time, etc.) from the terminal. When the phone and the card are both presented to a contactless terminal (given that many people use mobile case wallets to travel light and keep wallet essentials close to hand), our app can effectively win the race condition over the card. This attack is the first privacy attack on contactless payments based on the problem of card collision. By showing the feasibility of this attack, we raise awareness of privacy and security issues in contactless payment protocols and implementation, specifically in the presence of new technologies for payment such as mobile platforms. Third, we show that, apart from attacking mobile devices by having access to the sensors through native apps, we can also perform sensor-based attacks via mobile browsers. We examine multiple browsers on Android and iOS platforms and study their policies in granting permissions to JavaScript code with respect to access to motion and orientation sensor data. Based on our observations, we identify multiple vulnerabilities, and propose “TouchSignatures” and “PINLogger.js”, two novel attacks in which malicious JavaScript code listens to such sensor data measurements. We demonstrate that, despite the much lower sampling rate (comparing to a native app), a remote attacker is able to learn sensitive user information such as physical activities, phone call timing, touch actions (tap, scroll, hold, zoom), and PINs based on these sensor data. This is the first report of such a JavaScript-based attack. We disclosed the above vulnerability to the community and major mobile browser vendors classified the problem as high-risk and fixed it accordingly. Finally, we investigate human dimensions in the problem of sensor management. Although different types of attacks via sensors have been known for many years, the problem of data leakage caused by sensors has remained unsolved. While working with W3C and browser vendors to fix the identified problem, we came to appreciate the complexity of this problem in practice and the challenge of balancing security, usability, and functionality. We believe a major reason for this is that users are not fully aware of these sensors and the associated risks to their privacy and security. Therefore, we study user understanding of mobile sensors, specifically their risk perceptions. This is the only research to date that studies risk perceptions for a comprehensive list of mobile sensors (25 in total). We interview multiple participants from a range of backgrounds by providing them with multiple self-declared questionnaires. The results indicate that people in general do not have a good understanding of the complexities of these sensors; hence making security judgements about these sensors is not easy for them. We discuss how this observation, along with other factors, renders many academic and industry solutions ineffective. This makes the security and privacy issues of mobile sensors and other sensorenabled technologies an important topic to be investigated further