Securing Cyber-Physical Social Interactions on Wrist-worn Devices

Since ancient Greece, handshaking has been commonly practiced between two people as a friendly gesture to express trust and respect, or form a mutual agreement. In this article, we show that such physical contact can be used to bootstrap secure cyber contact between the smart devices worn by users. The key observation is that during handshaking, although belonged to two different users, the two hands involved in the shaking events are often rigidly connected, and therefore exhibit very similar motion patterns. We propose a novel key generation system, which harvests motion data during user handshaking from the wrist-worn smart devices such as smartwatches or fitness bands, and exploits the matching motion patterns to generate symmetric keys on both parties. The generated keys can be then used to establish a secure communication channel for exchanging data between devices. This provides a much more natural and user-friendly alternative for many applications, e.g., exchanging/sharing contact details, friending on social networks, or even making payments, since it doesn’t involve extra bespoke hardware, nor require the users to perform pre-defined gestures. We implement the proposed key generation system on off-the-shelf smartwatches, and extensive evaluation shows that it can reliably generate 128-bit symmetric keys just after around 1s of handshaking (with success rate >99%), and is resilient to different types of attacks including impersonate mimicking attacks, impersonate passive attacks, or eavesdropping attacks. Specifically, for real-time impersonate mimicking attacks, in our experiments, the Equal Error Rate (EER) is only 1.6% on average. We also show that the proposed key generation system can be extremely lightweight and is able to run in-situ on the resource-constrained smartwatches without incurring excessive resource consumption

Proceedings of Abstracts Engineering and Computer Science Research Conference 2019

© 2019 The Author(s). This is an open-access work distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited. For further details please see https://creativecommons.org/licenses/by/4.0/. Note: Keynote: Fluorescence visualisation to evaluate effectiveness of personal protective equipment for infection control is © 2019 Crown copyright and so is licensed under the Open Government Licence v3.0. Under this licence users are permitted to copy, publish, distribute and transmit the Information; adapt the Information; exploit the Information commercially and non-commercially for example, by combining it with other Information, or by including it in your own product or application. Where you do any of the above you must acknowledge the source of the Information in your product or application by including or linking to any attribution statement specified by the Information Provider(s) and, where possible, provide a link to this licence: http://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/This book is the record of abstracts submitted and accepted for presentation at the Inaugural Engineering and Computer Science Research Conference held 17th April 2019 at the University of Hertfordshire, Hatfield, UK. This conference is a local event aiming at bringing together the research students, staff and eminent external guests to celebrate Engineering and Computer Science Research at the University of Hertfordshire. The ECS Research Conference aims to showcase the broad landscape of research taking place in the School of Engineering and Computer Science. The 2019 conference was articulated around three topical cross-disciplinary themes: Make and Preserve the Future; Connect the People and Cities; and Protect and Care

Blockchain for Healthcare: Securing Patient Data and Enabling Trusted Artificial Intelligence

Advances in information technology are digitizing the healthcare domain with the aim of improved medical services, diagnostics, continuous monitoring using wearables, etc., at reduced costs. This digitization improves the ease of computation, storage and access of medical records which enables better treatment experiences for patients. However, it comes with a risk of cyber attacks and security and privacy concerns on this digital data. In this work, we propose a Blockchain based solution for healthcare records to address the security and privacy concerns which are currently not present in existing e-Health systems. This work also explores the potential of building trusted Artificial Intelligence models over Blockchain in e-Health, where a transparent platform for consent-based data sharing is designed. Provenance of the consent of individuals and traceability of data sources used for building and training the AI model is captured in an immutable distributed data store. The audit trail of the data access captured using Blockchain provides the data owner to understand the exposure of the data. It also helps the user to understand the revenue models that could be built on top of this framework for commercial data sharing to build trusted AI models

A novel Big Data analytics and intelligent technique to predict driver's intent

Modern age offers a great potential for automatically predicting the driver's intent through the increasing miniaturization of computing technologies, rapid advancements in communication technologies and continuous connectivity of heterogeneous smart objects. Inside the cabin and engine of modern cars, dedicated computer systems need to possess the ability to exploit the wealth of information generated by heterogeneous data sources with different contextual and conceptual representations. Processing and utilizing this diverse and voluminous data, involves many challenges concerning the design of the computational technique used to perform this task. In this paper, we investigate the various data sources available in the car and the surrounding environment, which can be utilized as inputs in order to predict driver's intent and behavior. As part of investigating these potential data sources, we conducted experiments on e-calendars for a large number of employees, and have reviewed a number of available geo referencing systems. Through the results of a statistical analysis and by computing location recognition accuracy results, we explored in detail the potential utilization of calendar location data to detect the driver's intentions. In order to exploit the numerous diverse data inputs available in modern vehicles, we investigate the suitability of different Computational Intelligence (CI) techniques, and propose a novel fuzzy computational modelling methodology. Finally, we outline the impact of applying advanced CI and Big Data analytics techniques in modern vehicles on the driver and society in general, and discuss ethical and legal issues arising from the deployment of intelligent self-learning cars

FRAMH: A Federated Learning Risk-Based Authorization Middleware for Healthcare

Modern healthcare systems operate in highly dy- namic environments requiring adaptable access control mecha- nisms. Access to sensitive data and medical equipment should be granted or denied according to the current health situation of the patient. To handle the need for adaptable access control of healthcare scenarios, we propose a novel model that allows dynamic access control decisions based on the context character- izing the source, type of access request, patient, and estimated risk corresponding to the conditions of the patient. Estimating patient status risk requires analyzing vital physiological data whose availability is growing thanks to the widespread diffusion of the Internet of Medical Things (IoMT) devices. Inferring the patient health status risk through Machine Learning (ML) techniques is possible, but to achieve better accuracy, the training phase requires the aggregation of vast amounts of data from different sources. This aggregation could be difficult or even impossible due to organization regulations and privacy laws. To address these issues, this paper proposes a novel Federated Learning Risk-based Authorization Middleware for Healthcare (FRAMH) that supports risk-based access control to deal with changing and unforeseen medical situations. Our solution infers the risk of health status through a federated learning (FL) approach enriched with blockchain to avoid the weaknesses of centralized servers. The implemented prototype and a large set of experimental results demonstrate the advantages of FL in estimating the risk in healthcare scenarios. Through this approach, even a medical institution with a limited dataset can achieve a satisfying risk estimation and efficient access control enforcement