Consumer Internet of Things

AMULET: Computational Jewelry For mhealth

David Kotz (Dartmouth) with Kelly Caine (Clemson), Josiah Hester (Northwestern), Sarah Lord, Jacob Sorber (Clemson), Students & Staff

Objectives

  • A bracelet ‘hub’ for a body-area mHealth network.
  • Secure, multi-application mHealth platform.
  • Always on – and always with you.
  • Battery life of one week to one month.
  • Communicates discreetly with its wearer.
  • Supports apps that monitor stress, physical activity,
  • and exercise in free-living conditions.

Key Science Methods & Advances

  • Secure memory isolation across multiple apps
  •  – on a low power embedded microcontroller.
  • Interactive graphical visualization of battery-lifetime
  • forecast, allowing developers to optimize apps.
  • Methods to measure stress in free-living activities.
  • Novel sensing devices:
  • Ultra-low-power EDA (GSR) sensor wristband.
  • Theraband force-measurement handle.

Results & Impact

  • Open-hardware, open-source platform.
  • Battery lifetime lasting weeks or months.
  • Interactive resource-profiling tool predicts battery lifetime within 6-10% of the measured lifetime.
  • Stress-measurement app with F1 score > 70%
  • See amulet-project.org for more info and papers.

Auracle: Wearable Sensor To Detect Eating

David Kotz (Dartmouth) with Kelly Caine (Clemson), Ryan Halter, Kofi Odama, Jacob Sorber (Clemson), Xing-Dong Yang, Students & Staff

Objectives

  • Measure eating behavior in free-living conditions.
  • Comfortable, unobtrusive, ear-worn sensor.
  • Support eating-behavior research.
  • Stretch goal: measure stress, speech, coughing, sneezing, smoking, etc.

Key Science Methods & Advances

  • Novel audio-based approach for eating detection
  • Novel physical design for mounting sensors on ear
  • Ultra-low-power design

Results & Impact

  • Detects eating with for more an accuracy exceeding 90.9% (in the lab; field tests underway now)
  • See auracle-project.org info and papers

Bioimpedance: A Novel Bioimpedence

David Kotz (Dartmouth) with Cory Cornelius, Ryan Halter, Rob Peterson and Joseph Skinner

Objectives

  • Allow wearable devices to automatically recognize who is wearing them,
  • No action by the wearer.
  • Support both identification and verification.

Key Science Methods & Advances

  • Leverage bioimpedance as a property to develop a unique signature of each person’s wrist;
  • Develop a wristband to measure bioimpedance through 8 electrodes and multiple frequencies;
  • Demonstrate that wrist bioimpedance is a viable biometric for identification and verification in small cohorts like households or workgroups.

Results & Impact

  • 98% balanced-accuracy under a cross-validation of a day's worth of bioimpedance samples from a cohort of 8 volunteer subjects.
  • Continues to recognize a subset of these subjects even several months later.

Understanding Sharing Preferences and Behavior for mHealth Devices

David Kotz (Dartmouth) with Aarathi Prasad, Jacob Sorber, Timothy Stablein and Denise Anthony

Objectives

  • Many mHealth devices collect and share health information – but how do people want to share it?
  • Determine how people’s preferences for sharing mHealth data change across type of data, relationship with data recipient, and progress of time
  • Sharing partners (friends, family, third parties or public); variable sharing granularity
  • Sensor data: steps, calories, sleep
  • Secondary data: weight, height, demographics

Key Science Methods & Advances

  • Recruit 41 participants to wear Fitbit fitness tracker
  • Ask them to share Fitbit data with others
  • Monitor how sharing preferences vary across type of data, relationship with data recipient, and progress of time
  • Interview participants for insight into preferences

Results & Impact

Findings

  • Secondary information is more sensitive
  • Participants shared more with strangers
  • Sharing behavior is dynamic

Recommendations

  • Provide flexible privacy controls
  • Reduce gap between information and privacy controls

HIDE-N-SENSE: PRESERVING PRIVACY EFFICIENTLY IN WIRELESS mHealth

David Kotz (Dartmouth) with Shirang Mare, Jacob Sorber, Minho Shin and Cory Cornelius

Objectives

  • Enable wireless devices to communicate without allowing eavesdroppers to identify them, or
  • Allowing eavesdroppers to link the packets within a flow,
  • Adapt the level of security to the presence of possible adversaries.

Key Science Methods & Advances

  • Adaptive security, to dynamically modify transmission overhead;
  • Mac striping, to make forgery difficult even for small-sized message authentication codes; and
  • Asymmetric resource requirements, in recognition of the limited resources in tiny mhealth sensors.

Results & Impacts

  • Prototype on a Chronos wrist device;
  • Security, privacy, efficiency, and energy analysis:
  • HnS is more energy-efficient than the existing security protocols for low-power sensors, and much more energy-efficient than existing privacy-preserving wireless protocols.
  • Shrirang Mare, Jacob Sorber, Minho Shin, Cory Cornelius, and David Kotz. Hide-n-Sense: preserving privacy efficiently in wireless mHealth. Mobile Networks and Applications (MONET), 19(3):331-344, June 2014. Special issue on Wireless Technology for Pervasive Healthcare. DOI 10.1007/s11036-013-0447-x.

Lighttouch: Securely Connecting Wearables to Ambient Displays with User Intent

David Kotz (Dartmouth) with Xiaohui Liang, Tianlong Yun, Ronald Peterson

Objectives

  • Enable a wearable device (like a bracelet) to connect to an ambient display (like a television), securely,
  • Leveraging the light from the display as out-of-band communication channel,
  • Bootstrap a secure RF channel (e.g., Wi-Fi), in the presence of eavesdropping adversaries.

Key Science Methods & Advances

  • Novel use of light as out-of-band channel
  • Novel correlation algorithm to survive noisy channel
  • Novel algorithm to determine location of sensor on the display
  • Easy to use

Results & Impact

  • Small, cheap, and low-power bracelet prototype
  • Interaction can complete around 6 seconds
  • Connecting successfully in 98% of test cases
  • Achieving a low attack probability of 0.46%.

Plug-N-Trust: Practical Trusted Sensing For mHealth

David Kotz (Dartmouth) with Jacob Sorber, Minho Shin, Ron Peterson

Objectives

  • Enable smartphones to receive, process, and forward sensitive data from external sensors,
  • Without exposing the cleartext data to the hardware or software of the smartphone
  • Leveraging plug-in trusted hardware (e.g., on an SD or SIM card).

Key Science Methods & Advances

  • Unique way to leverage plug-in trusted hardware
  • Novel encoding for computation desired by card
  • Split-computation model with a novel path-hashing technique to verify proper behavior without exposing confidential data.

Results & Impact

  • PnT is simple to use and deploy
  • Our implementation works for Java-based smart cards and Android phones
  • Our experimental evaluation demonstrates that PnT achieves its security goals while incurring acceptable overhead.

A Wearable System That Knows Who Wears It

David Kotz (Dartmouth) with Cory Cornelius, Ron Peterson, Joe Skinner and Ryan Halter

Objectives

  • Wearable devices need to identify their wearer to authenticate wearer for access to sensitive information and services, or to personalize services for the wearer.
  • How can a wrist-worn device automatically determine whom is wearing the device?

Key Science Methods & Advances

  • Use of bioimpedance of wrist as a biometric within small cohorts
  • 98% balanced-accuracy under a cross-validation of a day's worth of bioimpedance samples from a cohort of 8 volunteer subjects
  • Recognizes a subset of these subjects even several months later.

Results & Impact

  • A cheap, efficient method for wearable devices to self-determine whether they are on the same person.
  • If even one device has a biometric identification method, transitively all devices on the same body can then know who is wearing them.

Recognizing Whether Sensors and on the Same Body

David Kotz (Dartmouth) with Cory Cornelius

Objectives

  • Wearable devices communicate wirelessly with other devices nearby
  • Some devices need to discover other devices on the same body so they can collectively serve the wearer
  • How can we use accelerometers – a cheap, low-power sensor easily embedded in all wearables – to enable wearables to determine if they are on the same body?

Key Science Methods & Advances

  • Use of bioimpedance of wrist as a biometric within small cohorts
  • 98% balanced-accuracy under a cross-validation of a day's worth of bioimpedance samples from a cohort of 8 volunteer subjects
  • Recognizes a subset of these subjects even several months later

Results & Impact

  • A cheap, efficient method for wearable devices to self-determine whether they are on the same person.
  • If even one device has a biometric identification method, transitively all devices on the same body can then know who is wearing them.

SAW: SECURE AUTHENTICATION WITH WRISTBANDS

David Kotz (Dartmouth) with Shirang Mare, Ronald Peterson, Reza Rawassizadeh

Objectives

  • Enable clinical staff to authenticate to clinical information systems, quickly and securely, and
  • Ensure workstations de-authenticate quickly after departure of clinical staff,
  • Securing clinical systems and data from unauthorized use,
  • While minimizing burden on clinical staff.

Key Science Methods & Advances

  • Novel bilateral authentication method,
  • Via correlation between wrist motion and keyboard/mouse activity.
  • A tap-tap-tap-tap-tap on the keyboard to login, then
  • Continuously monitor keyboard with quick detection if adversary steps in to replace legitimate user,
  • Followed by rapid de-authentication.

Results & Impacts

  • Continuous authentication with 85% accuracy in verifying the correct user and identifying all adversaries within 11 seconds.
  • For a different threshold that trades security for usability, CSAW correctly verified 90% of users and identified all adversaries within 50 seconds.
  • Increased security, increased usability.

SPICE: SECURE PROXIMITY-BASED INFRASTRUCTURE FOR CLOSE ENCOUNTERS

David Kotz (Dartmouth) with Arathi Prasad, Xiaohul Lang

Objectives

  • Enable crowd-sourced sensor applications,
  • While protecting privacy of mobile users –
  • Both those who contribute data,
  • and those who consume data.
  • Allow for “close encounters”, in which users are at almost the same place at almost the same time, but never co-located in space/time.

Key Science Methods & Advances

  • Novel double-hash-chain methods,
  • for distributing time-based keys to mobile devices, from a distributed infrastructure,
  • later allowing those mobile devices to use those keys to query and decrypt sensor data contributed by others present at that time and location,
  • allowing for “close encounters”,
  • protecting privacy of contributors and queriers.

Results & Impacts

  • SPICE extends the capabilities of location-based applications and allow users to connect and exchange information with others in a close encounter.
  • Prototype implementation demonstrates feasibility.

Trustworthy Health & Wellness (THaW)

David Kotz (Dartmouth) with Keven Fu (University of Michigan), Carl Gunter (University of Illinois), Avi Rubin (Johns Hopkins), and others

Objectives

  • Mission: To enable the promise of health and wellness technology by innovating mobile- and cloud-computing systems that respect the privacy of individuals and the trustworthiness of medical information.
  • A five-year, five-university effort to tackle a wide range of security- and privacy-related challenges in securing medical devices and health-related information systems.

Key Science Methods & Advances

  • Methods for authenticating staff to clinical systems
  • Methods for secure, usable RF communications
  • Attacks and defenses on Android smartphones
  • Attacks and defenses on medical devices
  • Secure systems for genomic data
  • Impact of cyberattacks on hospital clinical outcomes
  • Security and privacy in mobile crowdsourcing

Results & Impact

  • Secure mechanisms for clinical authentication systems
  • Secure short-range RF and VLC communication
  • Novel speech-based biometrics
  • Stronger security for Android
  • A ‘Building Code’ for medical device software security
  • Educational outreach programs to engage students
  • See THaW.org for more info and papers

Trustworthy Information Systems for Healthcare (TISH)

David Kotz (Dartmouth) with Denise Anthony, Andrew Gettinger, Eric Johnson, Sean Smith

Objectives

  • Ensure security and privacy while addressing the pragmatic needs of patients, clinical staff, and healthcare organizations
  • Four broad research "threads”:
    • Access control in clinical settings
    • Mobile healthcare (mHealth)
    • Economic and risk models
    • Social informatics of IT in healthcare organizations

Key Science Methods & Advances

  • Deeper understanding of staff interaction with security in clinical systems
  • Methods for secure, usable RF communications
  • Attacks and defenses on Android smartphones
  • Attacks and defenses on medical devices
  • Secure systems for genomic data
  • Impact of cyberattacks on hospital clinical outcomes
  • Security and privacy in mobile crowdsourcing

Results & Impact

  • Secure mechanisms for clinical authentication systems
  • Secure short-range RF and VLC communication
  • Novel speech and bioimpedance biometrics
  • Stronger security for Android
  • A ‘Building Code’ for medical device software security
  • Educational outreach programs to engage students
  • See THaW.org for more info and papers

Virtual Walls: Protecting Digital Privacy in Pervasive Environments

David Kotz (Dartmouth) with Apu Kapadia, Tristan Henderson, Jeffrey Fielding

Objectives

  • In sensor-rich smart environments, people desire control over the information collected about them
  • Provide intuitive mental model for the control of sensor information, analogous to physical walls
  • Hypothesis: can people understand virtual walls, whether transparent, translucent, or opaque, as a means to control the sharing of sensor data from that room

Key Science Methods & Advances

  • Developed new abstraction of virtual walls
  • Developed a web interface to allow people to assign virtual walls to real physical rooms
  • Developed policies for handling conflicts among walls assigned by several residents of a room
  • Evaluated with 23 test subjects

Results & Impacts

  • Clean, novel abstraction for privacy in smart spaces
  • Validated the concept with user study
  • Opened new research directions:
    • Context-sensitive privacy settings
    • Awareness of ‘exposure’ to others
    • Group-based privacy settings

Vocal Resonance: Using Internal Body Voice for Wearable Authentication

David Kotz (Dartmouth) with Apu Kapadia, Tristan Henderson, Jeffrey Fielding

Objectives

  • Enable a wearable device to know who is wearing it,
  • Unobtrusively and automatically,
  • By leveraging voice recognition in a unique way:
  • Measure the voice after it passes through the body.

Key Science Methods & Advances

  • A novel biometric method based on the internal body voice of the person wearing a device,
  • A deep-learning method for identification and authentication of the person wearing a device

Results & Impact

  • Can determine the speaker is indeed the expected person, and the microphone-enabled device is physically on the speaker's body.
  • Demonstrated the feasibility of a prototype
  • Our method achieved balanced accuracy 0.914 for identification and 0.961 for verification.

Wanda: Securely Introducing Wi-Fi Devices

David Kotz (Dartmouth) with Time Pierson, Xiaohui Liang, Ron Peterson

Objectives

  • To enable easy, secure connections between IoT devices over Wi-Fi – even those that have never met.
  • To configure a device to join the wireless local-area network,
  • To partner a device with other nearby devices so they can work together, and
  • To configure a device so it connects to the relevant individual or organizational account in the cloud.

Key Science Methods & Advances

  • Novel short-range RF communication method
  • Easy point-and-send interaction method
  • No special hardware or modifications required

Results & Impacts

  • Transfers 128-bit key in half a second
  • Nearly perfect operation by first-time users
  • Ideal for ‘smart homes’ and small enterprises
  • See thaw.org/wanda for more info

DEAMON: Energy-efficient sensor monitoring

S.W. Smith (IBM Research, then Dartmouth)

Objectives

  • Enable people-centric opportunistic sensing, in which people offer their mobile nodes (such as smart phones) as platforms for collecting sensor data,
  • Challenge: how to enable smartphones to participate in sensing tasks while minimizing battery consumption?

Key Science Methods & Advances

  • DEAMON (Distributed Energy-Aware MONitoring), an energy-efficient distributed algorithm for long-term sensor monitoring.
  • Smartphones (MNs) are tasked to report sensor data under conditions specified by a Boolean expression, nearby mobile nodes (MNs) contribute to monitoring subsets of the task's sensors.
  • Algorithm to select sensor nodes and to monitor the sensing condition conserves energy of all nodes by limiting sensing
  • and communication operations.

Results & Impacts

  • We evaluate DEAMON with a stochastic analysis and with simulation results, and show that it should significantly reduce energy consumption.

ShareHealth: Secure Sharing of Health Data

David Kotz (Dartmouth) with Emily Greene, Patrick Proctor

Objectives

  • Securely receive, store, and share data from mHealth devices, under the control of the mHealth subject, with:
    • cryptographically-enforced access-control measures to stream-based mHealth data,
    • support temporal controls and revocation of access to part or all of a data stream, and
    • implement a secure end-to-end system that can be applied to a variety of mHealth apps and devices.

Key Science Methods & Advances

  • ShareHealth, a scalable, usable, and practical system that allows mHealth-data owners to specify access-control policies on mHealth data streams;
  • Attribute-based encryption (ABE) so that only parties with the proper corresponding permissions are able to decrypt data;
  • A novel blend of hash chains and ABE to add temporal controls and revocation features

Results & Impact

  • Allows data owners to define flexible access policies
  • Allows both content-based and temporal controls
  • Uses hash chains as indices into the database
  • Supports revocation without the need for expensive re-encryption of the data
  • Preliminary prototype shows that this approach can be implemented efficiently on current hardware platforms