Biometric behavior authentication exploiting propagation characteristics of wireless channel

Massive expansion of wireless body area networks (WBANs) in the field of health monitoring applications has given rise to the generation of huge amount of biomedical data. Ensuring privacy and security of this very personal data serves as a major hurdle in the development of these systems. An effective and energy friendly authentication algorithm is, therefore, a necessary requirement for current WBANs. Conventional authentication algorithms are often implemented on higher levels of the Open System Interconnection model and require advanced software or major hardware upgradation. This paper investigates the implementation of a physical layer security algorithm as an alternative. The algorithm is based on the behavior fingerprint developed using the wireless channel characteristics. The usability of the algorithm is established through experimental results, which show that this authentication method is not only effective, but also very suitable for the energy-, resource-, and interface-limited WBAN medical applications

Authentication in Millimeter-Wave Body-Centric Networks Through Wireless Channel Characterization

Advent of 5G technologies has ensued in massive growth of body-centric communications (BCCs), especially at millimeter-wave (mm-wave) frequencies. As a result, the portable/handheld terminals are becoming more and more “intelligent” but not without the cost of being less secure. Improved authentication measures need to be explored, as effective identity authentication is the first level of security in these devices. This paper presents a novel keyless authentication method exploiting wireless channel characteristics. Human palm has distinct transmission coefficient (S21) for each of the users and is used for in vivo fingerprint identification in this paper. A detailed channel modeling using data acquisition from real environment and empirical approach is adopted to evaluate the usability of this method. The results show that this method can provide a secure operation for the mm-wave 5G BCCs

A survey on wireless body area networks: architecture, security challenges and research opportunities.

In the era of communication technologies, wireless healthcare networks enable innovative applications to enhance the quality of patients’ lives, provide useful monitoring tools for caregivers, and allows timely intervention. However, due to the sensitive information within the Wireless Body Area Networks (WBANs), insecure data violates the patients’ privacy and may consequently lead to improper medical diagnosis and/or treatment. Achieving a high level of security and privacy in WBAN involves various challenges due to its resource limitations and critical applications. In this paper, a comprehensive survey of the WBAN technology is provided, with a particular focus on the security and privacy concerns along with their countermeasures, followed by proposed research directions and open issues

A Survey on Modality Characteristics, Performance Evaluation Metrics, and Security for Traditional and Wearable Biometric Systems

Biometric research is directed increasingly towards Wearable Biometric Systems (WBS) for user authentication and identification. However, prior to engaging in WBS research, how their operational dynamics and design considerations differ from those of Traditional Biometric Systems (TBS) must be understood. While the current literature is cognizant of those differences, there is no effective work that summarizes the factors where TBS and WBS differ, namely, their modality characteristics, performance, security and privacy. To bridge the gap, this paper accordingly reviews and compares the key characteristics of modalities, contrasts the metrics used to evaluate system performance, and highlights the divergence in critical vulnerabilities, attacks and defenses for TBS and WBS. It further discusses how these factors affect the design considerations for WBS, the open challenges and future directions of research in these areas. In doing so, the paper provides a big-picture overview of the important avenues of challenges and potential solutions that researchers entering the field should be aware of. Hence, this survey aims to be a starting point for researchers in comprehending the fundamental differences between TBS and WBS before understanding the core challenges associated with WBS and its design

Recent Application in Biometrics

In the recent years, a number of recognition and authentication systems based on biometric measurements have been proposed. Algorithms and sensors have been developed to acquire and process many different biometric traits. Moreover, the biometric technology is being used in novel ways, with potential commercial and practical implications to our daily activities. The key objective of the book is to provide a collection of comprehensive references on some recent theoretical development as well as novel applications in biometrics. The topics covered in this book reflect well both aspects of development. They include biometric sample quality, privacy preserving and cancellable biometrics, contactless biometrics, novel and unconventional biometrics, and the technical challenges in implementing the technology in portable devices. The book consists of 15 chapters. It is divided into four sections, namely, biometric applications on mobile platforms, cancelable biometrics, biometric encryption, and other applications. The book was reviewed by editors Dr. Jucheng Yang and Dr. Norman Poh. We deeply appreciate the efforts of our guest editors: Dr. Girija Chetty, Dr. Loris Nanni, Dr. Jianjiang Feng, Dr. Dongsun Park and Dr. Sook Yoon, as well as a number of anonymous reviewers

A Context-Aware System to Secure Enterprise Content: Incorporating Reliability Specifiers

The sensors of a context-aware system extract contextual information from the environment and relay that information to higher-level processes of the system so to influence the system\u2019s control decisions. However, an adversary can maliciously influence such controls indirectly by manipulating the environment in which the sensors are monitoring, thereby granting privileges the adversary would otherwise not normally have. To address such context monitoring issues, we extend CASSEC by incorporating sentience-like constructs, which enable the emulation of \u201dconfidence\u201d, into our proximity-based access control model to grant the system the ability to make more inferable decisions based on the degree of reliability of extracted contextual information. In CASSEC 2.0, we evaluate our confidence constructs by implementing two new authentication mechanisms. Co-proximity authentication employs our time-based challenge-response protocol, which leverages Bluetooth Low Energy beacons as its underlying occupancy detection technology. Biometric authentication relies on the accelerometer and fingerprint sensors to measure behavioral and physiological user features to prevent unauthorized users from using an authorized user\u2019s device. We provide a feasibility study demonstrating how confidence constructs can improve the decision engine of context-aware access control systems

Leveraging the heterogeneity of the internet of things devices to improve the security of smart environments

The growing number of devices that are being incorporated into the Internet of Things (IoT) environments leads to a wider presence of a variety of sensors, making these environments heterogeneous. However, the lack of standard input interfaces in such ecosystems poses a challenge in securing them. Among other existing vulnerabilities, the most prevalent are the lack of adequate access control mechanisms and the exploitation of cross-channel interactions between smart devices. In order to tackle the first challenge, I propose a novel behavioral biometric system based on naturally occurring interactions with objects in smart environments. This system is designed to reduce the reliance on existing app-based authentication mechanisms of current smart home platforms and it leverages existing heterogeneous IoT devices to both identify and authenticate users without requiring any hardware modifications of existing smart home devices. To be able to collect the data and evaluate this system, I introduce an end-to-end framework for remote experiments. Such experiments play an important role across multiple fields of studies, from medical science to engineering, as they allow for better representation of human participants and more realistic experimental environments, and ensure research continuity in exceptional circumstances, such as nationwide lockdowns. Yet cyber security has few standards for conducting experiments with human participants, let alone in a remote setting. This framework systematizes design and deployment practices while preserving realistic, reproducible data collection and the safety and privacy of participants. Using this methodology, I conduct two experiments. The first one is a multi-user study taking place in six households composed of 25 participants. The second experiment involves 13 participants in a company environment and is used to study mimicry attacks on the biometric system proposed in this thesis. I demonstrate that this system can identify users in multi-user environments with an accuracy of at least 98% for a single object interaction without requiring any sensors on the object itself. I also show that it can provide seamless and unobtrusive authentication while remaining highly resistant to zero-effort, video, and in-person observation-based mimicry attacks. Even when at most 1% of the strongest type of mimicry attacks are successful, this system does not require the user to take out their phone to approve legitimate transactions in more than 80% of cases for a single interaction. This increases to 92% of transactions when interactions with more objects are considered. To mitigate the second vulnerability, where an attacker exploits multiple heterogeneous devices in a chain such that each one triggers the next, I propose a novel approach that uses only dynamic analysis to examine such interactions in smart ecosystems. I use real-time device data to generate a knowledge graph that models the interactions between devices and enables the system to identify attack chains and vulnerable automations. I evaluate this approach in a smart home environment with 8 devices and 10 automations, with and without the presence of an active user. I demonstrate that such a system can accurately detect 10 cross-channel interactions that lead to 30 different cross-channel interaction chains in the unoccupied environment and 6 such interactions that result in 13 interaction chains in the occupied environment

Channel-based key generation for encrypted body-worn wireless sensor networks

Body-worn sensor networks are important for rescue-workers, medical and many other applications. Sensitive data are often transmitted over such a network, motivating the need for encryption. Body-worn sensor networks are deployed in conditions where the wireless communication channel varies dramatically due to fading and shadowing, which is considered a disadvantage for communication. Interestingly, these channel variations can be employed to extract a common encryption key at both sides of the link. Legitimate users share a unique physical channel and the variations thereof provide data series on both sides of the link, with highly correlated values. An eavesdropper, however, does not share this physical channel and cannot extract the same information when intercepting the signals. This paper documents a practical wearable communication system implementing channel-based key generation, including an implementation and a measurement campaign comprising indoor as well as outdoor measurements. The results provide insight into the performance of channel-based key generation in realistic practical conditions. Employing a process known as key reconciliation, error free keys are generated in all tested scenarios. The key-generation system is computationally simple and therefore compatible with the low-power micro controllers and low-data rate transmissions commonly used in wireless sensor networks

Applications of Context-Aware Systems in Enterprise Environments

In bring-your-own-device (BYOD) and corporate-owned, personally enabled (COPE) scenarios, employees’ devices store both enterprise and personal data, and have the ability to remotely access a secure enterprise network. While mobile devices enable users to access such resources in a pervasive manner, it also increases the risk of breaches for sensitive enterprise data as users may access the resources under insecure circumstances. That is, access authorizations may depend on the context in which the resources are accessed. In both scenarios, it is vital that the security of accessible enterprise content is preserved. In this work, we explore the use of contextual information to influence access control decisions within context-aware systems to ensure the security of sensitive enterprise data. We propose several context-aware systems that rely on a system of sensors in order to automatically adapt access to resources based on the security of users’ contexts. We investigate various types of mobile devices with varying embedded sensors, and leverage these technologies to extract contextual information from the environment. As a direct consequence, the technologies utilized determine the types of contextual access control policies that the context-aware systems are able to support and enforce. Specifically, the work proposes the use of devices pervaded in enterprise environments such as smartphones or WiFi access points to authenticate user positional information within indoor environments as well as user identities