Securing On-Body IoT Devices By Exploiting Creeping Wave Propagation

On-body devices are an intrinsic part of the Internet-of-Things (IoT) vision to provide human-centric services. These on-body IoT devices are largely embedded devices that lack a sophisticated user interface to facilitate traditional pre-shared key-based security protocols. Motivated by this real-world security vulnerability, this paper proposes SecureTag, a system designed to add defense in depth against active attacks by integrating physical layer (PHY) information with upper-layer protocols. The underpinning of SecureTag is a signal processing technique that extracts the peculiar propagation characteristics of creeping waves to discern on-body devices. Upon overhearing a suspicious transmission, SecureTag initiates a PHY-based challenge-response protocol to mitigate attacks. We implement our system on different commercial off-the-shelf wearables and a smartphone. Extensive experiments are conducted in a lab, apartments, malls, and outdoor areas, involving 12 volunteer subjects of different age groups, to demonstrate the robustness of our system. Results show that our system can mitigate 96.13 % of active attack attempts while triggering false alarms on merely 5.64 % of legitimate traffic.

[1]  Ryan J. Halter,et al.  A wearable system that knows who wears it , 2014, MobiSys.

[2]  Prabhakar H. Pathak,et al.  Uniform Geometrical Theory Of Diffraction , 1982, Optics & Photonics.

[3]  Qian Zhang,et al.  Privacy Preservation for Context Sensing on Smartphone , 2016, IEEE/ACM Transactions on Networking.

[4]  Jie Xiong,et al.  SecureArray: improving wifi security with fine-grained physical-layer information , 2013, MobiCom.

[5]  Stephan Sigg,et al.  Secure Communication Based on Ambient Audio , 2013, IEEE Transactions on Mobile Computing.

[6]  Peter J. Rousseeuw,et al.  Finding Groups in Data: An Introduction to Cluster Analysis , 1990 .

[7]  Tuomas Aura,et al.  Commitment-based device pairing with synchronized drawing , 2014, 2014 IEEE International Conference on Pervasive Computing and Communications (PerCom).

[8]  Nick F. Timmons,et al.  On-body to on-body channel characterization , 2011, 2011 IEEE SENSORS Proceedings.

[9]  Yan Shi,et al.  Energy Efficiency and Delay Tradeoff in Device-to-Device Communications Underlaying Cellular Networks , 2016, IEEE Journal on Selected Areas in Communications.

[10]  Mary Baker,et al.  Step-by-step Detection of Personally Collocated Mobile Devices , 2015, HotMobile.

[11]  Richard P. Martin,et al.  Tracking human queues using single-point signal monitoring , 2014, MobiSys.

[12]  Shwetak N. Patel,et al.  Whole-home gesture recognition using wireless signals , 2013, MobiCom.

[13]  Kannan Srinivasan,et al.  Shape matters, not the size: a new approach to extract secrets from channel , 2014, HotWireless@MobiCom.

[14]  Yina Ye,et al.  Checksum gestures: continuous gestures as an out-of-band channel for secure pairing , 2015, UbiComp.

[15]  Pei Zhang,et al.  Spartacus: Spatially-Aware Interaction for Mobile Devices Through Energy-Efficient Audio Sensing , 2015, GETMBL.

[16]  Ahmad-Reza Sadeghi,et al.  Context-Based Zero-Interaction Pairing and Key Evolution for Advanced Personal Devices , 2014, CCS.

[17]  Athanasios V. Vasilakos,et al.  Accelerometer and Fuzzy Vault-Based Secure Group Key Generation and Sharing Protocol for Smart Wearables , 2017, IEEE Transactions on Information Forensics and Security.

[18]  Neil W. Bergmann,et al.  Walkie-Talkie: Motion-Assisted Automatic Key Generation for Secure On-Body Device Communication , 2016, 2016 15th ACM/IEEE International Conference on Information Processing in Sensor Networks (IPSN).

[19]  Qian Zhang,et al.  Proximity based IoT device authentication , 2017, IEEE INFOCOM 2017 - IEEE Conference on Computer Communications.

[20]  Andrew L. Rukhin,et al.  Analysis of Time Series Structure SSA and Related Techniques , 2002, Technometrics.

[21]  Min Sheng,et al.  Energy-Efficient Subcarrier Assignment and Power Allocation in OFDMA Systems With Max-Min Fairness Guarantees , 2015, IEEE Transactions on Communications.

[22]  Marco Gruteser,et al.  Distinguishing users with capacitive touch communication , 2012, Mobicom '12.

[23]  Kevin Fu,et al.  They can hear your heartbeats: non-invasive security for implantable medical devices , 2011, SIGCOMM.

[24]  Prabhakar H. Pathak,et al.  Uniform Geometrical Theory of Diffraction , 1987 .

[25]  Ming Li,et al.  BANA: Body Area Network Authentication Exploiting Channel Characteristics , 2012, IEEE Journal on Selected Areas in Communications.

[26]  Claudio Soriente,et al.  Sound-Proof: Usable Two-Factor Authentication Based on Ambient Sound , 2015, USENIX Security Symposium.

[27]  E. Oja,et al.  Independent Component Analysis , 2013 .

[28]  Francis K. H. Quek,et al.  Hand Motion Gesture Frequency Properties and Multimodal Discourse Analysis , 2006, International Journal of Computer Vision.

[29]  Yunhao Liu,et al.  It starts with iGaze: visual attention driven networking with smart glasses , 2014, MobiCom.

[30]  Kaishun Wu,et al.  We Can Hear You with Wi-Fi! , 2014, IEEE Transactions on Mobile Computing.

[31]  Julien Ryckaert,et al.  Channel model for wireless communication around human body , 2004 .

[32]  Hui Ding,et al.  Querying and mining of time series data: experimental comparison of representations and distance measures , 2008, Proc. VLDB Endow..

[33]  Qian Zhang,et al.  Detecting on-body devices through creeping wave propagation , 2017, IEEE INFOCOM 2017 - IEEE Conference on Computer Communications.

[34]  Jie Yang,et al.  E-eyes: device-free location-oriented activity identification using fine-grained WiFi signatures , 2014, MobiCom.

[35]  Songwu Lu,et al.  Point&Connect: intention-based device pairing for mobile phone users , 2009, MobiSys '09.

[36]  Stephan Sigg,et al.  BANDANA — Body area network device-to-device authentication using natural gAit , 2016, 2017 IEEE International Conference on Pervasive Computing and Communications (PerCom).

[37]  M.E. Davies,et al.  Source separation using single channel ICA , 2007, Signal Process..

[38]  Fadel Adib,et al.  See through walls with WiFi! , 2013, SIGCOMM.

[39]  Ali S. Hadi,et al.  Finding Groups in Data: An Introduction to Chster Analysis , 1991 .

[40]  Qian Zhang,et al.  Touch-and-guard: secure pairing through hand resonance , 2016, UbiComp.

[41]  Jie Yang,et al.  Group Secret Key Generation via Received Signal Strength: Protocols, Achievable Rates, and Implementation , 2014, IEEE Transactions on Mobile Computing.

[42]  René Mayrhofer,et al.  Shake Well Before Use: Intuitive and Secure Pairing of Mobile Devices , 2009, IEEE Transactions on Mobile Computing.

[43]  Wenyuan Xu,et al.  KinWrite: Handwriting-Based Authentication Using Kinect , 2013, NDSS.

[44]  R. Pethig,et al.  Dielectric properties of body tissues. , 1987, Clinical physics and physiological measurement : an official journal of the Hospital Physicists' Association, Deutsche Gesellschaft fur Medizinische Physik and the European Federation of Organisations for Medical Physics.

[45]  Minseok Kim,et al.  Statistical Model for 4.5-GHz Narrowband On-Body Propagation Channel With Specific Actions , 2009, IEEE Antennas and Wireless Propagation Letters.

[46]  Jie Yang,et al.  Smartphone based user verification leveraging gait recognition for mobile healthcare systems , 2013, 2013 IEEE International Conference on Sensing, Communications and Networking (SECON).

[47]  Rob Miller,et al.  3D Tracking via Body Radio Reflections , 2014, NSDI.

[48]  Z. H. Hu,et al.  Measurements and Statistical Analysis of On-Body Channel Fading at 2.45 GHz , 2007, IEEE Antennas and Wireless Propagation Letters.