FlexPass: Symbiosis of Seamless User Authentication Schemes in IoT

This paper presents a new user authentication paradigm which is based on a flexible user authentication method, namely FlexPass. FlexPass relies on a single, user-selected secret that can be reflected in both textual and graphical authentication secrets. Such an approach facilitates adaptability in nowadays ubiquitous user interaction contexts within the Internet of Things (IoT), in which end-users authenticate multiple times per day through a variety of interaction device types. We present an initial evaluation of the new authentication method based on an in-lab experiment with 32 participants. Analysis of results reveal that the FlexPass paradigm is memorable and that users like the adaptable perspective of the new approach. Findings are expected to scaffold the design of more user-centric knowledge-based authentication mechanisms within nowadays ubiquitous computation realms

Twins:Device-free Object Tracking using Passive Tags

Without requiring objects to carry any transceiver, device-free based object tracking provides a promising solution for many localization and tracking systems to monitor non-cooperative objects such as intruders. However, existing device-free solutions mainly use sensors and active RFID tags, which are much more expensive compared to passive tags. In this paper, we propose a novel motion detection and tracking method using passive RFID tags, named Twins. The method leverages a newly observed phenomenon called critical state caused by interference among passive tags. We contribute to both theory and practice of such phenomenon by presenting a new interference model that perfectly explains this phenomenon and using extensive experiments to validate it. We design a practical Twins based intrusion detection scheme and implement a real prototype with commercial off-the-shelf reader and tags. The results show that Twins is effective in detecting the moving object, with low location error of 0.75m in average

Interactive Data Validation and Data Preprocessing of Contactless Medical Devices

Many current popular devices such as Fitbit and Apple Watch continuously monitor movement and activity, but they are primarily marketed towards individuals aiming for fitness improvements, and not those with chronic medical conditions. For people with chronic conditions, or elderly individuals, having to use a wearable can be obstructive and annoying. Furthermore, when trying to study patient motion or behavior, the use of the wearable can impact their actions due to the burden of having to wear the device. Thus, there is a need for a contactless medical device that does not apply this burden to its users. Given this, there is a related need to ensure appropriate validation and preprocessing of data collected from these devices. Using data from the Emerald Device of the Katabi Lab at MIT, this thesis aims to work on the issue of validation and preprocessing of this data.Bachelor of Scienc

The Interplay between Humans, Technology and User Authentication: A Cognitive Processing Perspective

This paper investigates the interplay among human cognitive processing differences (field dependence vs. field independence), alternative interaction device types (desktop vs. touch) and user authentication schemes (textual vs. graphical) towards task completion efficiency and effectiveness. A four-month user study (N=164) was performed under the light of the field dependence-independence theory which underpins human cognitive differences in visual perceptiveness as well as differences in handling contextual information in a holistic or analytic manner. Quantitative and qualitative analysis of results revealed that field independent (FI) users outperformed field dependent users (FD) in graphical authentication, FIs authenticated similarly well on desktop computers as on touch devices, while touch devices negatively affected textual password entry performance of FDs. Users’ feedback from a post-study survey further showed that FD users had memorability issues with graphical authentication and perceived the added difficulty when interacting with textual passwords on touch devices, in contrast to FI users that did not have significant usability and memorability issues on both authentication and interaction device types. Findings highlight the necessity to improve current approaches of knowledge-based user authentication research by incorporating human cognitive factors in both design and run-time. Such an approach is also proposed in this paper

Security and usability of a personalized user authentication paradigm : insights from a longitudinal study with three healthcare organizations

Funding information: This research has been partially supported by the EU Horizon 2020 Grant 826278 "Securing Medical Data in Smart Patient-Centric Healthcare Systems" (Serums) , and the Research and Innovation Foundation (Project DiversePass: COMPLEMENTARY/0916/0182).This paper proposes a user-adaptable and personalized authentication paradigm for healthcare organizations, which anticipates to seamlessly reflect patients’ episodic and autobiographical memories to graphical and textual passwords aiming to improve the security strength of user-selected passwords and provide a positive user experience. We report on a longitudinal study that spanned over three years in which three public European healthcare organizations participated in order to design and evaluate the aforementioned paradigm. Three studies were conducted (n=169) with different stakeholders: i) a verification study aiming to identify existing authentication practices of the three healthcare organizations with diverse stakeholders (n=9); ii) a patient-centric feasibility study during which users interacted with the proposed authentication system (n=68); and iii) a human guessing attack study focusing on vulnerabilities among people sharing common experiences within location-aware images used for graphical passwords (n=92). Results revealed that the suggested paradigm scored high with regards to users’ likeability, perceived security, usability and trust, but more importantly it assists the creation of more secure passwords. On the downside, the suggested paradigm introduces password guessing vulnerabilities by individuals sharing common experiences with the end-users. Findings are expected to scaffold the design of more patient-centric knowledge-based authentication mechanisms within nowadays dynamic computation realms.PostprintPeer reviewe

An Investigation of Indoor Positioning Systems and their Applications

PhDActivities of Daily Living (ADL) are important indicators of both cognitive and physical well-being in healthy and ill humans. There is a range of methods to recognise ADLs, each with its own limitations. The focus of this research was on sensing location-driven activities, in which ADLs are derived from location sensed using Radio Frequency (RF, e.g., WiFi or BLE), Magnetic Field (MF) and light (e.g., Lidar) measurements in three different environments. This research discovered that different environments can have different constraints and requirements. It investigated how to improve the positioning accuracy and hence how to improve the ADL recognition accuracy. There are several challenges that need to be addressed in order to do this. First, RF location fingerprinting is affected by the heterogeneity smartphones and their orientation with respect to transmitters, increasing the location determination error. To solve this, a novel Received Signal Strength Indication (RSSI) ranking based location fingerprinting methods that use Kendall Tau Correlation Coefficient (KTCC) and Convolutional Neural Networks (CNN) are proposed to correlate a signal position to pre-defined Reference Points (RPs) or fingerprints, more accurately, The accuracy has increased by up to 25.8% when compared to using Euclidean Distance (ED) based Weighted K-Nearest Neighbours Algorithm (WKNN). Second, the use of MF measurements as fingerprints can overcome some additional RF fingerprinting challenges, as MF measurements are far more invariant to static and dynamic physical objects that affect RF transmissions. Hence, a novel fast path matching data algorithm for an MF sensor combined with an Inertial Measurement Unit (IMU) to determine direction was researched and developed. It can achieve an average of 1.72 m positioning accuracy when the user walks far fewer (5) steps. Third, a device-free or off-body novel location-driven ADL method based upon 2D Lidar was investigated. An innovative method for recognising daily activities using a Seq2Seq model to analyse location data from a low-cost rotating 2D Lidar is proposed. It provides an accuracy of 88% when recognising 17 targeted ADLs. These proposed methods in this thesis have been validated in real environments.Chinese Scholarship Counci

Software-hardware systems for the Internet-of-Things

Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2018.Cataloged from PDF version of thesis.Includes bibliographical references (pages [187]-201).Although interest in connected devices has surged in recent years, barriers still remain in realizing the dream of the Internet of Things (IoT). The main challenge in delivering IoT systems stems from a huge diversity in their demands and constraints. Some applications work with small sensors and operate using minimal energy and bandwidth. Others use high-data-rate multimedia and virtual reality systems, which require multiple-gigabits-per-second throughput and substantial computing power. While both extremes stress the computation, communications, and energy resources available to the underlying devices, each intrinsically requires different solutions to satisfy its needs. This thesis addresses both bandwidth and energy constraints by developing custom software-hardware systems. To tackle the bandwidth constraint, this thesis introduces three systems. First, it presents AirShare, a synchronized abstraction to the physical layer, which enables the direct implementation of diverse kinds of distributed protocols for loT sensors. This capability results in a much higher throughput in today's IoT networks. Then, it presents Agile-Link and MoVR, new millimeter wave devices and protocols which address two main problems that prevent the adoption of millimeter wave frequencies in today's networks: signal blockage and beam alignment. Lastly, this thesis shows how these systems enable new IoT applications, such as untethered high-quality virtual reality. To tackle the energy constraint, this thesis introduces a VLSI chip, which is capable of performing a million-point Fourier transform in real-time, while consuming 40 times less power than prior fast Fourier transforms. Then, it presents Caraoke, a small, low-cost and low-power sensor, which harvests its energy from solar and enables new smart city applications, such as traffic management and smart parking.by Omid Salehi-Abari.Ph. D