论文信息 - Deploying Data-Driven Security Solutions on Resource-Constrained Wearable IoT Systems

Deploying Data-Driven Security Solutions on Resource-Constrained Wearable IoT Systems

Wearable Internet-of-Things (WIoT) environments have demonstrated great potential in a broad range of applications in healthcare and well-being. Security is essential for WIoT environments. Lack of security in WIoTs not only harms user privacy, but may also harm the user's safety. Though devices in the WIoT can be attacked in many ways, in this paper we focus on adversaries who mount what we call sensor-hijacking attacks, which prevent the constituent medical devices from accurately collecting and reporting the user's health state (e.g., reporting old or wrong physiological measurements). In this paper we outline some of our experiences in implementing a data-driven security solution for detecting sensor-hijacking attack on a secure wearable internet-of-things (WIoT) base station called the Amulet. Given the limited capabilities (computation, memory, battery power) of the Amulet platform, implementing such a security solution is quite challenging and presents several trade-offs with respect to detection accuracy and resources requirements. We conclude the paper with a list of insights into what capabilities constrained WIoT platforms should provide developers so as to make the inclusion of data-driven security primitives in such systems.

[1] Thomas S. Heydt-Benjamin,et al. s ecurity and p rivacy for Implantable medical Devices Protecting implantable medical devices against attack without compromising patient health requires balancing security and privacy goals with traditional goals such as safety and utility. , 2008 .

[2] Wenyuan Xu,et al. Ghost Talk: Mitigating EMI Signal Injection Attacks against Analog Sensors , 2013, 2013 IEEE Symposium on Security and Privacy.

[3] Krishna K. Venkatasubramanian,et al. Detecting Signal Injection Attack-Based Morphological Alterations of ECG Measurements , 2016, 2016 International Conference on Distributed Computing in Sensor Systems (DCOSS).

[4] Jeffrey M. Hausdorff,et al. Physionet: Components of a New Research Resource for Complex Physiologic Signals". Circu-lation Vol , 2000 .

[5] Shyamal Patel,et al. Mercury: a wearable sensor network platform for high-fidelity motion analysis , 2009, SenSys '09.

[6] Ryan J. Halter,et al. Amulet: An Energy-Efficient, Multi-Application Wearable Platform , 2016, SenSys.

[7] Nicholas Francis Brown,et al. SCREAM: Sensory Channel Remote Execution Attack Methods , 2016 .