Technological Change in the Retirement Transition and the Implications for Cybersecurity Vulnerability in Older Adults

Retirement is a major life transition, which leads to substantial changes across almost all aspects of day-to-day life. Although this transition has previously been seen as the normative marker for entry into older adulthood, its influence on later life has remained relatively unstudied in terms of technology use and cybersecurity behaviours. This is problematic as older adults are at particular risk of becoming victims of cyber-crime. This study aimed to investigate which factors associated with the retirement transition were likely to increase vulnerability to cyber-attack in a sample of 12 United Kingdom based older adults, all of whom had retired within the past 5 years. Semi-structured, one to one interviews were conducted and subsequently analysed using thematic analysis. Six themes were identified referring to areas of loss in: social interaction, finances, day-to-day routine, feelings of competence, sense of purpose, and technology support structures. We discuss the implications of these losses for building cyber-resilience in retirees, with suggestions for future research

Poisoning Attacks on Learning-Based Keystroke Authentication and a Residue Feature Based Defense

Behavioral biometrics, such as keystroke dynamics, are characterized by relatively large variation in the input samples as compared to physiological biometrics such as fingerprints and iris. Recent advances in machine learning have resulted in behaviorbased pattern learning methods that obviate the effects of variation by mapping the variable behavior patterns to a unique identity with high accuracy. However, it has also exposed the learning systems to attacks that use updating mechanisms in learning by injecting imposter samples to deliberately drift the data to impostors’ patterns. Using the principles of adversarial drift, we develop a class of poisoning attacks, named Frog-Boiling attacks. The update samples are crafted with slow changes and random perturbations so that they can bypass the classifiers detection. Taking the case of keystroke dynamics which includes motoric and neurological learning, we demonstrate the success of our attack mechanism. We also present a detection mechanism for the frog-boiling attack that uses correlation between successive training samples to detect spurious input patterns. To measure the effect of adversarial drift in frog-boiling attack and the effectiveness of the proposed defense mechanism, we use traditional error rates such as FAR, FRR, and EER and the metric in terms of shifts in biometric menagerie

CardioCam: Leveraging Camera on Mobile Devices to Verify Users While Their Heart is Pumping

With the increasing prevalence of mobile and IoT devices (e.g., smartphones, tablets, smart-home appliances), massive private and sensitive information are stored on these devices. To prevent unauthorized access on these devices, existing user verification solutions either rely on the complexity of user-defined secrets (e.g., password) or resort to specialized biometric sensors (e.g., fingerprint reader), but the users may still suffer from various attacks, such as password theft, shoulder surfing, smudge, and forged biometrics attacks. In this paper, we propose, CardioCam, a low-cost, general, hard-to-forge user verification system leveraging the unique cardiac biometrics extracted from the readily available built-in cameras in mobile and IoT devices. We demonstrate that the unique cardiac features can be extracted from the cardiac motion patterns in fingertips, by pressing on the built-in camera. To mitigate the impacts of various ambient lighting conditions and human movements under practical scenarios, CardioCam develops a gradient-based technique to optimize the camera configuration, and dynamically selects the most sensitive pixels in a camera frame to extract reliable cardiac motion patterns. Furthermore, the morphological characteristic analysis is deployed to derive user-specific cardiac features, and a feature transformation scheme grounded on Principle Component Analysis (PCA) is developed to enhance the robustness of cardiac biometrics for effective user verification. With the prototyped system, extensive experiments involving 25 subjects are conducted to demonstrate that CardioCam can achieve effective and reliable user verification with over 99% average true positive rate (TPR) while maintaining the false positive rate (FPR) as low as 4%

Gait-based identification for elderly users in wearable healthcare systems

Abstract The increasing scope of sensitive personal information that is collected and stored in wearable healthcare devices includes physical, physiological, and daily activities, which makes the security of these devices very essential. Gait-based identity recognition is an emerging technology, which is increasingly used for the access control of wearable devices, due to its outstanding performance. However, gait-based identity recognition of elderly users is more challenging than that of young adults, due to significant intra-subject gait fluctuation, which becomes more pronounced with user age. This study introduces a gait-based identity recognition method used for the access control of elderly people-centred wearable healthcare devices, which alleviates the intra-subject gait fluctuation problem and provides a significant recognition rate improvement, as compared to available methods. Firstly, a gait template synthesis method is proposed to reduce the intra-subject gait fluctuation of elderly users. Then, an arbitration-based score level fusion method is defined to improve the recognition accuracy. Finally, the proposed method feasibility is verified using a public dataset containing acceleration signals from three IMUs worn by 64 elderly users with the age range from 50 to 79 years. The experimental results obtained prove that the average recognition rate of the proposed method reaches 96.7%. This makes the proposed method quite lucrative for the robust gait-based identification of elderly users of wearable healthcare devices

Recognising diversity in older adults' cybersecurity needs

Older adults continue to be targeted by cybersecurity attacks: a trend which shows no signs of slowing, and one that has become even more problematic given that many older adults adopted new digital technologies during the Covid-19 lockdowns. Yet there remains a scarcity of solutions designed to help older adults protect themselves online. In part, this is due to a lack of understanding of the specific needs of older adults, who are the fastest growing, and arguably most technologically diverse population on the internet. This study draws upon recent qualitative research to identify key dimensions which are likely to influence older adult cybersecurity behaviour and subsequent vulnerability. We show how these dimensions can be used, for example, to develop a wide range of personas that help illustrate the range of abilities and attitudes in the older adult population. The dimensions outlined here can be used to help researchers, designers, and developers better understand the diverse needs of older adult users when developing digital or security solutions for this population