Lightweight Information Security Methods for Indoor Wireless Body Area Networks: from Channel Modeling to Secret Key Extraction

A group of wirelessly communicating sensors that are placed inside, on or around a human body constitute a Wireless Body Area Network (WBAN). Continuous monitoring of vital signs through WBANs have a potential to revolutionize current health care services by reducing the cost, improving accessibility, and facilitating medical diagnosis. However, sensitive nature of personal health data requires WBANs to integrate appropriate security methods and practices. As limited hardware resources make conventional security measures inadequate in a WBAN context, this work is focused on alternative techniques based on Wireless Physical Layer Security (WPLS). More specifically, we introduce a symbiosis of WPLS and Compressed Sensing to achieve security at the time of sampling. We successfully show how the proposed framework can be applied to electrocardiography data saving significant computational and memory resources. In the scenario when a WBAN Access Point can make use of diversity methods in the form of Switch-and-Stay Combining, we demonstrate that output Signal-to-Noise Ratio (SNR) and WPLS key extraction rate are optimized at different switching thresholds. Thus, the highest key rate may result in significant loss of output SNR. In addition, we also show that the past WBAN off-body channel models are insufficient when the user exhibits dynamic behavior. We propose a novel Rician based off-body channel model that can naturally reflect body motion by randomizing Rician factor K and considering small and large scale fading to be related. Another part of our investigation provides implications of user\u27s dynamic behavior on shared secret generation. In particular, we reveal that body shadowing causes negative correlation of the channel exposing legitimate participants to a security threat. This threat is analyzed from a qualitative and quantitative perspective of a practical secret key extraction algorithm

An Electrocardiogram-Based Authentication Protocol In Wireless Body Area Network

In the past few years, the applications of Wireless Body Area Network (WBAN) have improved the ability of healthcare providers to deliver appropriate treatments to the patients either in hospitals or at homes. Precisely, biomedical sensors in a WBAN collect physiological signal from human’s body to enable remote, continuous and real-time network services. As the signal contains highly sensitive medical information about the patient and communicates through an open wireless environment, securing the information from unauthorized access and tampering are critically needed. One of the most crucial components to support security architecture in WBAN is its key management as it serves as the fundamental of authentication and encryption, but the overheads are enormous in dealing with key generation, exchange, storage and replacement. In response to such issue, the most promising solution for key management is the use of biometrics so that the involved parties can agree on a key to provide the authenticity of medical data in WBAN. However, the existing models are inappropriate to achieve optimal security performance and the required lightweight manners due to the sensor’s resource constraints in terms of power consumption and memory space. Therefore, this thesis presents a new authentication protocol model that utilizes Electrocardiogram (ECG) signal as biometric as well as cryptographic key to ensure that the transmitted data are originated from the required WBAN. The proposed model is developed and simulated on Matlab based on an improved fuzzy vault scheme with a lightweight error correction algorithm to reduce the computational complexity when compared to previous work. To validate the proposed ECG-based authentication protocol model, the FAR and FRR analysis is done and then followed by the complexity analysis. The result of FAR and FRR analysis demonstrates that choosing a definite degree and tolerance level can achieve optimal security performance required in WBAN communications. In complexity analysis, based on t-test, the result shows that there is a significant difference with 5% significant level in the computational complexity between the proposed authentication model and the previous protocol called ECG-IJS scheme and the proposed model requires fewer overheads in terms storage and communication overheads. To enhance the overall performance, this thesis also evaluates the uniqueness and the stability of ECG signal using Independent Component Analysis (ICA) and fast Fourier Transform (FFT) algorithm respectively as the signal is applied as inputs of the proposed ECG-based authentication protocol model. The experimental result of ICA algorithm exhibits that each ECG signal is unique to each other as each signal is composed strongly from each different independent component and approximately zero relative to other independent components. While the result of FFT algorithm summarizes that the number of the common FFT peak location index for sensors on the same subject is significantly higher compared to the number of common feature for sensors on different subjects

Secure Wireless Communications Based on Compressive Sensing: A Survey

IEEE Compressive sensing (CS) has become a popular signal processing technique and has extensive applications in numerous fields such as wireless communications, image processing, magnetic resonance imaging, remote sensing imaging, and anology to information conversion, since it can realize simultaneous sampling and compression. In the information security field, secure CS has received much attention due to the fact that CS can be regarded as a cryptosystem to attain simultaneous sampling, compression and encryption when maintaining the secret measurement matrix. Considering that there are increasing works focusing on secure wireless communications based on CS in recent years, we produce a detailed review for the state-of-the-art in this paper. To be specific, the survey proceeds with two phases. The first phase reviews the security aspects of CS according to different types of random measurement matrices such as Gaussian matrix, circulant matrix, and other special random matrices, which establishes theoretical foundations for applications in secure wireless communications. The second phase reviews the applications of secure CS depending on communication scenarios such as wireless wiretap channel, wireless sensor network, internet of things, crowdsensing, smart grid, and wireless body area networks. Finally, some concluding remarks are given

e-SAFE: Secure, Efficient and Forensics-Enabled Access to Implantable Medical Devices

To facilitate monitoring and management, modern Implantable Medical Devices (IMDs) are often equipped with wireless capabilities, which raise the risk of malicious access to IMDs. Although schemes are proposed to secure the IMD access, some issues are still open. First, pre-sharing a long-term key between a patient's IMD and a doctor's programmer is vulnerable since once the doctor's programmer is compromised, all of her patients suffer; establishing a temporary key by leveraging proximity gets rid of pre-shared keys, but as the approach lacks real authentication, it can be exploited by nearby adversaries or through man-in-the-middle attacks. Second, while prolonging the lifetime of IMDs is one of the most important design goals, few schemes explore to lower the communication and computation overhead all at once. Finally, how to safely record the commands issued by doctors for the purpose of forensics, which can be the last measure to protect the patients' rights, is commonly omitted in the existing literature. Motivated by these important yet open problems, we propose an innovative scheme e-SAFE, which significantly improves security and safety, reduces the communication overhead and enables IMD-access forensics. We present a novel lightweight compressive sensing based encryption algorithm to encrypt and compress the IMD data simultaneously, reducing the data transmission overhead by over 50% while ensuring high data confidentiality and usability. Furthermore, we provide a suite of protocols regarding device pairing, dual-factor authentication, and accountability-enabled access. The security analysis and performance evaluation show the validity and efficiency of the proposed scheme

Biometric behavior authentication exploiting propagation characteristics of wireless channel

Massive expansion of wireless body area networks (WBANs) in the field of health monitoring applications has given rise to the generation of huge amount of biomedical data. Ensuring privacy and security of this very personal data serves as a major hurdle in the development of these systems. An effective and energy friendly authentication algorithm is, therefore, a necessary requirement for current WBANs. Conventional authentication algorithms are often implemented on higher levels of the Open System Interconnection model and require advanced software or major hardware upgradation. This paper investigates the implementation of a physical layer security algorithm as an alternative. The algorithm is based on the behavior fingerprint developed using the wireless channel characteristics. The usability of the algorithm is established through experimental results, which show that this authentication method is not only effective, but also very suitable for the energy-, resource-, and interface-limited WBAN medical applications

Experimental investigation into novel methods of reliable and secure on-body communications with low system overheads

Until recently the concept of wearable biosensors for purposes of medical monitoring was restricted to wired sensor applications. Recent advances in electronics and wireless communications have made the possibility of removing the wire from sensor applications a possibility. These advances have led to the development of small scale, wearable, sensing and communication platforms that can be placed on the human body creating the foundation for a Body Sensor Network (BSN). Body Sensor Networks aim to remove the restrictions that traditional wired sensors impose. The anticipation is that BSNs will permit the monitoring of physiological signals in any environment without limitation, giving Physicians the ability to monitor patients more closely and in environments that they cannot monitor today. Even with the recent advancements of electronics and wireless communications there are still many unanswered questions for practical solutions of BSNs that prevent BSNs from replacing traditional wired systems altogether. There is a great need for research into BSN architectures to set the standard for wireless sensor monitoring. In this work a development platform has been created for the investigation into the design and implementation of practical BSN solutions. The platform is used to compare BSN architectures and provide quantifiable results. From this work BSN architecture components that provide optimizations in system performance, energy, network lifetime and security are recommended. In Chapter 3 BSN network architectures employing the use of relaying of creeping waves is investigated. The investigation includes experimental analysis of various test environments. Experimentation demonstrates that the relaying of creeping waves offers considerable performance gains when compared to non-relay networks. For example, relaying is shown to increase network-lifetime by a factor of 13, decrease energy-per-bit requirements by 13 dB and provide the ability for the network to compensate for considerably wider fade margins. In Chapter 4 utilizing the randomness of the wireless channel for securing on-body communications with low overheads is considered. A low-complexity algorithm for establishing symmetric encryption keys is presented and validated. The algorithm relies on readily available RSSI measurements obtained from existing packets being sent and received in the network. The generated bit sequences from the algorithm are evaluated for matching between two communicating parties and mismatching with a malicious eavesdropper. It is shown that the algorithm produces long sequences of highly random bits that are perfectly matched between legitimate parties and highly mismatched with the eavesdropper

Usable Security for Wireless Body-Area Networks

We expect wireless body-area networks of pervasive wearable devices will enable in situ health monitoring, personal assistance, entertainment personalization, and home automation. As these devices become ubiquitous, we also expect them to interoperate. That is, instead of closed, end-to-end body-worn sensing systems, we envision standardized sensors that wirelessly communicate their data to a device many people already carry today, the smart phone. However, this ubiquity of wireless sensors combined with the characteristics they sense present many security and privacy problems. In this thesis we describe solutions to two of these problems. First, we evaluate the use of bioimpedance for recognizing who is wearing these wireless sensors and show that bioimpedance is a feasible biometric. Second, we investigate the use of accelerometers for verifying whether two of these wireless sensors are on the same person and show that our method is successful as distinguishing between sensors on the same body and on different bodies. We stress that any solution to these problems must be usable, meaning the user should not have to do anything but attach the sensor to their body and have them just work. These methods solve interesting problems in their own right, but it is the combination of these methods that shows their true power. Combined together they allow a network of wireless sensors to cooperate and determine whom they are sensing even though only one of the wireless sensors might be able to determine this fact. If all the wireless sensors know they are on the same body as each other and one of them knows which person it is on, then they can each exploit the transitive relationship to know that they must all be on that person’s body. We show how these methods can work together in a prototype system. This ability to operate unobtrusively, collecting in situ data and labeling it properly without interrupting the wearer’s activities of daily life, will be vital to the success of these wireless sensors

Individual identification via electrocardiogram analysis

Background: During last decade the use of ECG recordings in biometric recognition studies has increased. ECG characteristics made it suitable for subject identification: it is unique, present in all living individuals, and hard to forge. However, in spite of the great number of approaches found in literature, no agreement exists on the most appropriate methodology. This study aimed at providing a survey of the techniques used so far in ECG-based human identification. Specifically, a pattern recognition perspective is here proposed providing a unifying framework to appreciate previous studies and, hopefully, guide future research. Methods: We searched for papers on the subject from the earliest available date using relevant electronic databases (Medline, IEEEXplore, Scopus, and Web of Knowledge). The following terms were used in different combinations: electrocardiogram, ECG, human identification, biometric, authentication and individual variability. The electronic sources were last searched on 1st March 2015. In our selection we included published research on peer-reviewed journals, books chapters and conferences proceedings. The search was performed for English language documents. Results: 100 pertinent papers were found. Number of subjects involved in the journal studies ranges from 10 to 502, age from 16 to 86, male and female subjects are generally present. Number of analysed leads varies as well as the recording conditions. Identification performance differs widely as well as verification rate. Many studies refer to publicly available databases (Physionet ECG databases repository) while others rely on proprietary recordings making difficult them to compare. As a measure of overall accuracy we computed a weighted average of the identification rate and equal error rate in authentication scenarios. Identification rate resulted equal to 94.95 % while the equal error rate equal to 0.92 %. Conclusions: Biometric recognition is a mature field of research. Nevertheless, the use of physiological signals features, such as the ECG traits, needs further improvements. ECG features have the potential to be used in daily activities such as access control and patient handling as well as in wearable electronics applications. However, some barriers still limit its growth. Further analysis should be addressed on the use of single lead recordings and the study of features which are not dependent on the recording sites (e.g. fingers, hand palms). Moreover, it is expected that new techniques will be developed using fiducials and non-fiducial based features in order to catch the best of both approaches. ECG recognition in pathological subjects is also worth of additional investigations