Toward privacy in IoT mobile devices for activity recognition

Recent advances in wireless sensors for personal healthcare allow to recognise human real-time activities with mobile devices. While the analysis of those datastream can have many benefits from a health point of view, it can also lead to privacy threats by exposing highly sensitive information. In this paper, we propose a privacy-preserving framework for activity recognition. This framework relies on a machine learning technique to efficiently recognise the user activity pattern, useful for personal healthcare monitoring, while limiting the risk of re-identification of users from biometric patterns that characterizes each individual. To achieve that, we first deeply analysed different features extraction schemes in both temporal and frequency domain. We show that features in temporal domain are useful to discriminate user activity while features in frequency domain lead to distinguish the user identity. On the basis of this observation, we second design a novel protection mechanism that processes the raw signal on the user's smartphone and transfers to the application server only the relevant features unlinked to the identity of users. In addition, a generalisation-based approach is also applied on features in frequency domain before to be transmitted to the server in order to limit the risk of re-identification. We extensively evaluate our framework with a reference dataset: results show an accurate activity recognition (87%) while limiting the re-identifation rate (33%). This represents a slightly decrease of utility (9%) against a large privacy improvement (53%) compared to state-of-the-art baselines.

[1]  Kenneth Meijer,et al.  Activity identification using body-mounted sensors—a review of classification techniques , 2009, Physiological measurement.

[2]  David Rousseau,et al.  A Secured Smartphone-Based Architecture for Prolonged Monitoring of Neurological Gait , 2017, HealthyIoT.

[3]  Colleen Swanson,et al.  SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks , 2014, 2014 IEEE Symposium on Security and Privacy.

[4]  Saikat Guha,et al.  Koi: A Location-Privacy Platform for Smartphone Apps , 2012, NSDI.

[5]  Antoine Boutet,et al.  Uniqueness Assessment of Human Mobility on Multi-Sensor Datasets , 2016, ARES.

[6]  Yujin Tang,et al.  Detecting Activities of Daily Living from Low Frequency Power Consumption Data , 2016, MobiQuitous.

[7]  Thomas Seidl,et al.  Differential Private Trajectory Obfuscation , 2012, MobiQuitous.

[8]  Bertrand Michel,et al.  Correlation and variable importance in random forests , 2013, Statistics and Computing.

[9]  Peter Eckersley,et al.  How Unique Is Your Web Browser? , 2010, Privacy Enhancing Technologies.

[10]  Larry S. Davis,et al.  Stride and cadence as a biometric in automatic person identification and verification , 2002, Proceedings of Fifth IEEE International Conference on Automatic Face Gesture Recognition.

[11]  Ilkka Korhonen,et al.  An Activity Recognition Framework Deploying the Random Forest Classifier and A Single Optical Heart Rate Monitoring and Triaxial Accelerometer Wrist-Band † , 2018, Sensors.

[12]  Tsutomu Terada,et al.  Gesture Recognition Method Based on Ultrasound Propagation in Body , 2016, MobiQuitous.

[13]  Hassan Jameel Asghar,et al.  Touch and You’re Trapp(ck)ed: Quantifying the Uniqueness of Touch Gestures for Tracking , 2018, Proc. Priv. Enhancing Technol..

[14]  Jian Lu,et al.  Recognizing Multiuser Activities Using Wireless Body Sensor Networks , 2011, IEEE Transactions on Mobile Computing.

[15]  M. Haghi,et al.  Wearable Devices in Medical Internet of Things: Scientific Research and Commercially Available Devices , 2017, Healthcare informatics research.

[16]  Nick Feamster,et al.  Cleartext Data Transmissions in Consumer IoT Medical Devices , 2017, IoT S&P@CCS.

[17]  Oded Goldreich,et al.  Cryptography and cryptographic protocols , 2003, Distributed Computing.

[18]  Erman Ayday,et al.  Inference Attacks against Kin Genomic Privacy , 2017, IEEE Security & Privacy.

[19]  Matjaz B. Juric,et al.  Inertial Sensor-Based Gait Recognition: A Review , 2015, Sensors.

[20]  Zhicong Huang,et al.  Differential Privacy with Bounded Priors: Reconciling Utility and Privacy in Genome-Wide Association Studies , 2015, CCS.

[21]  Petra Perner,et al.  Data Mining - Concepts and Techniques , 2002, Künstliche Intell..

[22]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.

[23]  Ruzena Bajcsy,et al.  Private Disclosure of Information in Health Tele-monitoring , 2015, ArXiv.

[24]  Lionel Brunie,et al.  PEAS: Private, Efficient and Accurate Web Search , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[25]  Lina Yao,et al.  Learning from less for better: semi-supervised activity recognition via shared structure discovery , 2016, UbiComp.

[26]  David Rousseau,et al.  How Accurate Are Smartphone Accelerometers to Identify Intermittent Claudication? , 2017, HealthyIoT.

[27]  Lynne Lamberg Confidentiality and Privacy of Electronic Medical Records , 2001 .

[28]  Chong Kuan Chen,et al.  IoT Security: Ongoing Challenges and Research Opportunities , 2014, 2014 IEEE 7th International Conference on Service-Oriented Computing and Applications.

[29]  Nigel H. Lovell,et al.  Implementation of a real-time human movement classifier using a triaxial accelerometer for ambulatory monitoring , 2006, IEEE Transactions on Information Technology in Biomedicine.

[30]  Davide Anguita,et al.  A Public Domain Dataset for Human Activity Recognition using Smartphones , 2013, ESANN.

[31]  Trevor Hastie,et al.  An Introduction to Statistical Learning , 2013, Springer Texts in Statistics.

[32]  Anne-Marie Kermarrec,et al.  HyRec: leveraging browsers for scalable recommenders , 2014, Middleware.

[33]  Gaël Varoquaux,et al.  Scikit-learn: Machine Learning in Python , 2011, J. Mach. Learn. Res..

[34]  L Lamberg Confidentiality and privacy of electronic medical records: psychiatrists explore risks of the "information age". , 2001, JAMA.

[35]  Claude Castelluccia,et al.  Study : Privacy Preserving Release of Spatio-temporal Density in Paris , 2014 .

[36]  Marco Fiore,et al.  Hiding mobile traffic fingerprints with GLOVE , 2015, CoNEXT.

[37]  Simonetta Scalvini,et al.  Information and communication technology in chronic diseases: a patient’s opportunity , 2014 .

[38]  Jorge Luis Reyes Ortiz Smartphone-Based Human Activity Recognition , 2015 .

[39]  Erkan Bostanci,et al.  Opportunities, Threats and Future Directions in Big Data for Medical Wearables , 2016, BDAW '16.

[40]  Nuno M. Garcia,et al.  From Data Acquisition to Data Fusion: A Comprehensive Review and a Roadmap for the Identification of Activities of Daily Living Using Mobile Devices , 2016, Sensors.

[41]  Ifeyinwa E. Achumba,et al.  Sensor Data Acquisition and Processing Parameters for Human Activity Classification , 2014, Sensors.

[42]  Nikhil Sharma,et al.  Quantifying Privacy Loss of Human Mobility Graph Topology , 2018, Proc. Priv. Enhancing Technol..