474 research outputs found

    Continuous authentication based on data from smart devices

    Get PDF
    As technology moves forward to offer the user custom information, based on their activity, their habits, their hobbies… User authentication advances and provides them with ways to verify their identity with data that no one else possess, such as fingerprints, and it is becoming more popular. More devices are entering in the market, wearables, which provide an enhanced user experience by expanding the functionalities offered by a computer or a smartphone, and they are being incorporated to the user identification process. This thesis presents an approach to user authentication based on their movement, collecting data from an accelerometer placed on a smartwatch, to find out if it is a valid metric to distinguish among users when they are performing day to day activities. The recognition task is relied on artificial intelligence techniques, employing machine learning algorithms to generate a model that recognises a user and the activity that is being carried out, and a graphical user interface is provided so that users can try the system and incorporate new information. Using Waikato University developed software for machine learning algorithms, the system is developed using Python and Texas Instruments eZ430-Chronos smartwatch, and has been tested on a real environment, where several users were asked to perform different activities while wearing the watch.Según se mueve la tecnología hacia la personalización de la información basada en la actividad de los usuarios, sus hábitos y hobbies… La identificación de los usuarios avanza para proporcionar formas de verificación particulares para cada uno y que no posee nadie más, como es el caso del reconocimiento mediante la huella dactilar, y cada día gana más aceptación entre los usuarios. Los constantes lanzamientos de nuevos dispositivos weareables, que proporcionan una experiencia de usuario mejorada, ofrecen nuevas funcionalidades que extienden las que ya proporcionan los ordenadores o dispositivos móviles, y su uso se está incorporando a la verificación de usuarios. A lo largo de este trabajo se presenta un nuevo enfoque a la identificación de usuario basado en su movimiento, recolectando datos de un acelerómetro situado en un smartwatch, para averiguar si es una forma válida de diferenciar entre usuarios cuando están realizando actividades comunes del día a día. La tarea de identificación se confía a la inteligencia artificial, utilizando algoritmos de aprendizaje automático para generar modelos que sean capaces de reconocer a un usuario y la actividad que están realizando. Además, se proporciona una interfaz de usuario para que los usuarios puedan probar el sistema y ampliarlo con nuevos datos. Empleando el software de aprendizaje automático desarrollado por la Universidad de Waikato, el sistema está realizado en Python, usando el smartwatch Texas Instruments eZ460-Chronos, y ha sido probado en un entorno real donde se pidió a distintos usuarios que realizasen varias actividades mientras llevaban puesto el reloj.Ingeniería Informátic

    Towards a Low-Cost Mobile Subcutaneous Vein Detection Solution Using Near-Infrared Spectroscopy

    Get PDF
    Excessive venipunctures are both time- and resource-consuming events, which cause anxiety, pain, and distress in patients, or can lead to severe harmful injuries. We propose a low-cost mobile health solution for subcutaneous vein detection using near-infrared spectroscopy, along with an assessment of the current state of the art in this field. The first objective of this study was to get a deeper overview of the research topic, through the initial team discussions and a detailed literature review (using both academic and grey literature). The second objective, that is, identifying the commercial systems employing near-infrared spectroscopy, was conducted using the PubMed database. The goal of the third objective was to identify and evaluate (using the IEEE Xplore database) the research efforts in the field of low-cost near-infrared imaging in general, as a basis for the conceptual model of the upcoming prototype. Although the reviewed commercial devices have demonstrated usefulness and value for peripheral veins visualization, other evaluated clinical outcomes are less conclusive. Previous studies regarding low-cost near-infrared systems demonstrated the general feasibility of developing cost-effective vein detection systems; however, their limitations are restricting their applicability to clinical practice. Finally, based on the current findings, we outline the future research direction

    The impact of ear growth on identification rates using an ear biometric system in young infants

    Get PDF
    BACKGROUND: Accurate patient identification is essential for delivering longitudinal care. Our team developed an ear biometric system (SEARCH) to improve patient identification. To address how ear growth affects matching rates longitudinally, we constructed an infant cohort, obtaining ear image sets monthly to map a 9-month span of observations. This analysis had three main objectives: 1) map trajectory of ear growth during the first 9 months of life; 2) determine the impact of ear growth on matching accuracy; and 3) explore computer vision techniques to counter a loss of accuracy.   METHODOLOGY: Infants were enrolled from an urban clinic in Lusaka, Zambia. Roughly half were enrolled at their first vaccination visit and ~half at their last vaccination. Follow-up visits for each patient occurred monthly for 6 months. At each visit, we collected four images of the infant’s ears, and the child’s weight. We analyze ear area versus age and change in ear area versus age. We conduct pair-wise comparisons for all age intervals. RESULTS: From 227 enrolled infants we acquired age-specific datasets for 6 days through 9 months. Maximal ear growth occurred between 6 days and 14 weeks. Growth was significant until 6 months of age, after which further growth appeared minimal. Examining look-back performance to the 6-month visit, baseline pair-wise comparisons yielded identification rates that ranged 46.9–75%. Concatenating left and right ears per participant improved identification rates to 61.5–100%. Concatenating images captured on adjacent visits further improved identification rates to 90.3–100%. Lastly, combining these two approaches improved identification to 100%. All matching strategies showed the weakest matching rates during periods of maximal growth (i.e., <6 months). CONCLUSION: By quantifying the effect that ear growth has on performance of the SEARCH platform, we show that ear identification is a feasible solution for patient identification in an infant population 6 months and above.Published versio

    Transparent User Authentication For Mobile Applications

    Get PDF
    The use of smartphones in our daily lives has grown steadily, due to the combination of mobility and round-the-clock multi-connectivity. In particular, smartphones are used to perform activities, such as sending emails, transferring money via mobile Internet banking, making calls, texting, surfing the Internet, viewing documents, storing medical, confidential and personal information, shopping online and playing games. Some active applications are considered sensitive and confidential and the risks are high in the event of the loss of any sensitive data or privacy breaches. In addition, after the point of entry, using techniques such as a PIN or password, the user of the device can perform almost all tasks, of different risk levels, without having to re-authenticate periodically to re-validate the user’s identity. Furthermore, the current point-of-entry authentication mechanisms consider all the applications on a mobile device to have the same level of importance and so do not apply any further access control rules. As a result, with the rapid growth of smartphones for use in daily life, securing the sensitive data stored upon them makes authentication of paramount importance. In this research, it is argued that within a single mobile application there are different processes operating on the same data but with differing risks attached. The unauthorised disclosure or modification of mobile data has the potential to lead to a number of undesirable consequences for the user. Thus, there is no single level of risk associated with a given application and the risk level changes during use. In this context, a novel mobile applications data risk assessment model is proposed to appreciate the risk involved within an application (intra-process security). Accordingly, there is a need to suggest a method to be applied continuously and transparently (i.e., without obstructing the user’s activities) to authenticate legitimate users, which is maintained beyond point of entry, without the explicit involvement of the user. To this end, a transparent and continuous authentication mechanism provides a basis for convenient and secure re-authentication of the user. The mechanism is used to gather user data in the background without requiring any dedicated activity, by regularly and periodically checking user behaviour to provide continuous monitoring for the protection of the smartphone. In order to investigate the feasibility of the proposed system, a study involving data collected from 76 participants over a one-month period using 12 mobile applications was undertaken. A series of four experiments were conducted based upon data from one month of normal device usage. The first experiment sought to explore the intra-process (i.e., within-app) and inter-process (i.e., access-only app) access levels across different time windows. The experimental results show that this approach achieved desirable outcomes for applying a transparent authentication system at an intra-process level, with an average of 6% intrusive authentication requests. Having achieved promising experimental results, it was identified that there were some users who undertook an insufficient number of activities on the device and, therefore, achieved a high level of intrusive authentication requests. As a result, there was a need to investigate whether a specific combination of time windows would perform better with a specific type of user. To do this, the numbers of intrusive authentication requests were computed based on three usage levels (high, medium and low) at both the intra- and inter-process access levels. This approach achieved better results when compared with the first set of results: the average percentage of intrusive authentication requests was 3%, which indicates a clear enhancement. The second and third experiments investigated only the intra-process and inter-process, respectively, to examine the effect of the access level. Finally, the fourth experiment investigated the impact of specific biometric modalities on overall system performance. In this research study, a Non-Intrusive Continuous Authentication (NICA) framework was applied by utilising two security mechanisms: Alert Level (AL) and Integrity Level (IL). During specific time windows, the AL process is used to seek valid samples. If there are no samples, the identity confidence is periodically reduced by a degradation function, which is 10% of current confidence in order to save power while the mobile device is inactive. In the case of the mobile user requesting to perform a task, the IL is applied to check the legitimacy of that user. If the identity confidence level is equal to or greater than the specified risk action level, transparent access is allowed. Otherwise, an intrusive authentication request is required in order to proceed with the service. In summary, the experimental results show that this approach achieved sufficiently high results to fulfil the security obligations. The shortest time window of AL= 2 min / IL = 5 min produced an average intrusive authentication request rate of 18%, whereas the largest time window (AL= 20 min / IL = 20 min) provided 6%. Interestingly, when the participants were divided into three levels of usage, the average intrusive authentication request rate was 12% and 3% for the shortest time window (AL = 2 min / IL = 5 min) and the largest time window (AL= 20 min / IL = 20), respectively. Therefore, this approach has been demonstrated to provide transparent and continuous protection to ensure the validity of the current user by understanding the risk involved within a given application.Royal Embassy of Saudi Arabia Cultural Bureau in U

    Transparent User Authentication For Mobile Applications

    Get PDF
    The use of smartphones in our daily lives has grown steadily, due to the combination of mobility and round-the-clock multi-connectivity. In particular, smartphones are used to perform activities, such as sending emails, transferring money via mobile Internet banking, making calls, texting, surfing the Internet, viewing documents, storing medical, confidential and personal information, shopping online and playing games. Some active applications are considered sensitive and confidential and the risks are high in the event of the loss of any sensitive data or privacy breaches. In addition, after the point of entry, using techniques such as a PIN or password, the user of the device can perform almost all tasks, of different risk levels, without having to re-authenticate periodically to re-validate the user’s identity. Furthermore, the current point-of-entry authentication mechanisms consider all the applications on a mobile device to have the same level of importance and so do not apply any further access control rules. As a result, with the rapid growth of smartphones for use in daily life, securing the sensitive data stored upon them makes authentication of paramount importance. In this research, it is argued that within a single mobile application there are different processes operating on the same data but with differing risks attached. The unauthorised disclosure or modification of mobile data has the potential to lead to a number of undesirable consequences for the user. Thus, there is no single level of risk associated with a given application and the risk level changes during use. In this context, a novel mobile applications data risk assessment model is proposed to appreciate the risk involved within an application (intra-process security). Accordingly, there is a need to suggest a method to be applied continuously and transparently (i.e., without obstructing the user’s activities) to authenticate legitimate users, which is maintained beyond point of entry, without the explicit involvement of the user. To this end, a transparent and continuous authentication mechanism provides a basis for convenient and secure re-authentication of the user. The mechanism is used to gather user data in the background without requiring any dedicated activity, by regularly and periodically checking user behaviour to provide continuous monitoring for the protection of the smartphone. In order to investigate the feasibility of the proposed system, a study involving data collected from 76 participants over a one-month period using 12 mobile applications was undertaken. A series of four experiments were conducted based upon data from one month of normal device usage. The first experiment sought to explore the intra-process (i.e., within-app) and inter-process (i.e., access-only app) access levels across different time windows. The experimental results show that this approach achieved desirable outcomes for applying a transparent authentication system at an intra-process level, with an average of 6% intrusive authentication requests. Having achieved promising experimental results, it was identified that there were some users who undertook an insufficient number of activities on the device and, therefore, achieved a high level of intrusive authentication requests. As a result, there was a need to investigate whether a specific combination of time windows would perform better with a specific type of user. To do this, the numbers of intrusive authentication requests were computed based on three usage levels (high, medium and low) at both the intra- and inter-process access levels. This approach achieved better results when compared with the first set of results: the average percentage of intrusive authentication requests was 3%, which indicates a clear enhancement. The second and third experiments investigated only the intra-process and inter-process, respectively, to examine the effect of the access level. Finally, the fourth experiment investigated the impact of specific biometric modalities on overall system performance. In this research study, a Non-Intrusive Continuous Authentication (NICA) framework was applied by utilising two security mechanisms: Alert Level (AL) and Integrity Level (IL). During specific time windows, the AL process is used to seek valid samples. If there are no samples, the identity confidence is periodically reduced by a degradation function, which is 10% of current confidence in order to save power while the mobile device is inactive. In the case of the mobile user requesting to perform a task, the IL is applied to check the legitimacy of that user. If the identity confidence level is equal to or greater than the specified risk action level, transparent access is allowed. Otherwise, an intrusive authentication request is required in order to proceed with the service. In summary, the experimental results show that this approach achieved sufficiently high results to fulfil the security obligations. The shortest time window of AL= 2 min / IL = 5 min produced an average intrusive authentication request rate of 18%, whereas the largest time window (AL= 20 min / IL = 20 min) provided 6%. Interestingly, when the participants were divided into three levels of usage, the average intrusive authentication request rate was 12% and 3% for the shortest time window (AL = 2 min / IL = 5 min) and the largest time window (AL= 20 min / IL = 20), respectively. Therefore, this approach has been demonstrated to provide transparent and continuous protection to ensure the validity of the current user by understanding the risk involved within a given application.Royal Embassy of Saudi Arabia Cultural Bureau in U

    Mobile phone-based evaluation of talent tuberculosis infection

    Get PDF
    The tuberculin skin test (TST) is the most widely used method for detecting latent tuberculosis (TB) infection (LTBI) in adults and active TB disease in children. This work presents the development of a screening tool to detect LTBI's, which works in conjunction with the TST and serves as an alternative for measuring the TST induration. The screening tool makes use of a mobile application developed on the Android platform to capture images of an induration, and photogrammetric reconstruction using Agisoft PhotoScan to reconstruct the induration in 3D, followed by 3D measurement of the induration with the aid of Python functions. The screening accuracy of the developed process was tested using a 3D printed induration and an HTC One smartphone to capture images. In this accuracy test, the developed screening tool was found to measure indurations more accurately than current measurement methods, as indicated by the lower standard deviation produced. An experiment to simulate real-world conditions was conducted by using the developed screening tool on a set of mock skin indurations, created by a make-up artist, and evaluating its performance. It was found that the height of the skin induration and definition of its margins are the most significant factors that influence the accuracy of the screening tool under simulated real-world conditions. Future work should explore possible improvements to the developed image capture protocol and the bimodal segmentation methods employed in this project

    Integrating passive ubiquitous surfaces into human-computer interaction

    Get PDF
    Mobile technologies enable people to interact with computers ubiquitously. This dissertation investigates how ordinary, ubiquitous surfaces can be integrated into human-computer interaction to extend the interaction space beyond the edge of the display. It turns out that acoustic and tactile features generated during an interaction can be combined to identify input events, the user, and the surface. In addition, it is shown that a heterogeneous distribution of different surfaces is particularly suitable for realizing versatile interaction modalities. However, privacy concerns must be considered when selecting sensors, and context can be crucial in determining whether and what interaction to perform.Mobile Technologien ermöglichen den Menschen eine allgegenwärtige Interaktion mit Computern. Diese Dissertation untersucht, wie gewöhnliche, allgegenwärtige Oberflächen in die Mensch-Computer-Interaktion integriert werden können, um den Interaktionsraum über den Rand des Displays hinaus zu erweitern. Es stellt sich heraus, dass akustische und taktile Merkmale, die während einer Interaktion erzeugt werden, kombiniert werden können, um Eingabeereignisse, den Benutzer und die Oberfläche zu identifizieren. Darüber hinaus wird gezeigt, dass eine heterogene Verteilung verschiedener Oberflächen besonders geeignet ist, um vielfältige Interaktionsmodalitäten zu realisieren. Bei der Auswahl der Sensoren müssen jedoch Datenschutzaspekte berücksichtigt werden, und der Kontext kann entscheidend dafür sein, ob und welche Interaktion durchgeführt werden soll

    The Age of Artificial Intelligence: Use of Digital Technology in Clinical Nutrition

    Get PDF
    Purpose of review Computing advances over the decades have catalyzed the pervasive integration of digital technology in the medical industry, now followed by similar applications for clinical nutrition. This review discusses the implementation of such technologies for nutrition, ranging from the use of mobile apps and wearable technologies to the development of decision support tools for parenteral nutrition and use of telehealth for remote assessment of nutrition. Recent findings Mobile applications and wearable technologies have provided opportunities for real-time collection of granular nutrition-related data. Machine learning has allowed for more complex analyses of the increasing volume of data collected. The combination of these tools has also translated into practical clinical applications, such as decision support tools, risk prediction, and diet optimization. Summary The state of digital technology for clinical nutrition is still young, although there is much promise for growth and disruption in the future

    Privacy-aware Security Applications in the Era of Internet of Things

    Get PDF
    In this dissertation, we introduce several novel privacy-aware security applications. We split these contributions into three main categories: First, to strengthen the current authentication mechanisms, we designed two novel privacy-aware alternative complementary authentication mechanisms, Continuous Authentication (CA) and Multi-factor Authentication (MFA). Our first system is Wearable-assisted Continuous Authentication (WACA), where we used the sensor data collected from a wrist-worn device to authenticate users continuously. Then, we improved WACA by integrating a noise-tolerant template matching technique called NTT-Sec to make it privacy-aware as the collected data can be sensitive. We also designed a novel, lightweight, Privacy-aware Continuous Authentication (PACA) protocol. PACA is easily applicable to other biometric authentication mechanisms when feature vectors are represented as fixed-length real-valued vectors. In addition to CA, we also introduced a privacy-aware multi-factor authentication method, called PINTA. In PINTA, we used fuzzy hashing and homomorphic encryption mechanisms to protect the users\u27 sensitive profiles while providing privacy-preserving authentication. For the second privacy-aware contribution, we designed a multi-stage privacy attack to smart home users using the wireless network traffic generated during the communication of the devices. The attack works even on the encrypted data as it is only using the metadata of the network traffic. Moreover, we also designed a novel solution based on the generation of spoofed traffic. Finally, we introduced two privacy-aware secure data exchange mechanisms, which allow sharing the data between multiple parties (e.g., companies, hospitals) while preserving the privacy of the individual in the dataset. These mechanisms were realized with the combination of Secure Multiparty Computation (SMC) and Differential Privacy (DP) techniques. In addition, we designed a policy language, called Curie Policy Language (CPL), to handle the conflicting relationships among parties. The novel methods, attacks, and countermeasures in this dissertation were verified with theoretical analysis and extensive experiments with real devices and users. We believe that the research in this dissertation has far-reaching implications on privacy-aware alternative complementary authentication methods, smart home user privacy research, as well as the privacy-aware and secure data exchange methods

    Human-Computer Interaction: Security Aspects

    Get PDF
    Along with the rapid development of intelligent information age, users are having a growing interaction with smart devices. Such smart devices are interconnected together in the Internet of Things (IoT). The sensors of IoT devices collect information about users' behaviors from the interaction between users and devices. Since users interact with IoT smart devices for the daily communication and social network activities, such interaction generates a huge amount of network traffic. Hence, users' behaviors are playing an important role in the security of IoT smart devices, and the security aspects of Human-Computer Interaction are becoming significant. In this dissertation, we provide a threefold contribution: (1) we review security challenges of HCI-based authentication, and design a tool to detect deceitful users via keystroke dynamics; (2) we present the impact of users' behaviors on network traffic, and propose a framework to manage such network traffic; (3) we illustrate a proposal for energy-constrained IoT smart devices to be resilient against energy attack and efficient in network communication. More in detail, in the first part of this thesis, we investigate how users' behaviors impact on the way they interact with a device. Then we review the work related to security challenges of HCI-based authentication on smartphones, and Brain-Computer Interfaces (BCI). Moreover, we design a tool to assess the truthfulness of the information that users input using a computer keyboard. This tool is based on keystroke dynamics and it relies on machine learning technique to achieve this goal. To the best of our knowledge, this is the first work that associates the typing users' behaviors with the production of deceptive personal information. We reached an overall accuracy of 76% in the classification of a single answer as truthful or deceptive. In the second part of this thesis, we review the analysis of network traffic, especially related to the interaction between mobile devices and users. Since the interaction generates a huge amount of network traffic, we propose an innovative framework, GolfEngine, to manage and control the impact of users behavior on the network relying on Software Defined Networking (SDN) techniques. GolfEngine provides users a tool to build their security applications and offers Graphical User Interface (GUI) for managing and monitoring the network. In particular, GolfEngine provides the function of checking policy conflicts when users design security applications and the mechanism to check data storage redundancy. GolfEngine not only prevents the malicious inputting policies but also it enforces the security about network management of network traffic. The results of our simulation underline that GolfEngine provides an efficient, secure, and robust performance for managing network traffic via SDN. In the third and last part of this dissertation, we analyze the security aspects of battery-equipped IoT devices from the energy consumption perspective. Although most of the energy consumption of IoT devices is due to user interaction, there is still a significant amount of energy consumed by point-to-point communication and IoT network management. In this scenario, an adversary may hijack an IoT device and conduct a Denial of Service attack (DoS) that aims to run out batteries of other devices. Therefore, we propose EnergIoT, a novel method based on energetic policies that prevent such attacks and, at the same time, optimizes the communication between users and IoT devices, and extends the lifetime of the network. EnergIoT relies on a hierarchical clustering approach, based on different duty cycle ratios, to maximize network lifetime of energy-constrained smart devices. The results show that EnergIoT enhances the security and improves the network lifetime by 32%, compared to the earlier used approach, without sacrificing the network performance (i.e., end-to-end delay)
    • …
    corecore