Yu Su,Yongjiao Li,Zhu Cao

DOI: https://doi.org/10.1109/jiot.2023.3296650

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Smart wearable devices (SWDs) collect and store sensitive daily information of many people. Its primary method of identification is still the password unlocking method. However, several studies have shown serious security flaws in that method, which makes the privacy and security concerns of SWDs particularly urgent. Gait identification is well suited for SWDs because its built-in sensors can provide data support for identification. However, existing gait identification methods have low accuracy and neglect to protect the privacy of gait features. In addition, the SWD can be used as an Internet of Things device for users to share data. But few studies have used gait feature-based encryption schemes to protect the privacy of message interactions between SWDs and other devices. In this article, we propose a gait identification network, a bidirectional long short-term memory network with an attention mechanism (ABLSTM), to improve the identification accuracy and a stochastic orthogonal transformation (SOT) scheme to protect the extracted gait features from leakage. In the experiments, ABLSTM achieves an accuracy of 95.28%, reducing previous error rate by 19.3%. The SOT scheme is proved to be resistant to the chosen-plaintext attack (CPA) and is 30% faster than previous methods. A biometric-based encryption scheme is proposed to enable secure message interactions using gait features as keys after the gait identification stage is passed, and offers better protection of the gait features compared to previous schemes.

Jinyang Shi,Kwok-Yan Lam,Ming Gu,Mingze Li,Siu-Leung Chung

DOI: https://doi.org/10.1007/s10916-010-9467-2

IF: 4.92

2010-01-01

Journal of Medical Systems

Abstract:Wireless body sensor network (WBSN) has gained significant interests as an important infrastructure for real-time biomedical healthcare systems, while the security of the sensitive health information becomes one of the main challenges. Due to the constraints of limited power, traditional cryptographic key distribution schemes are not suitable for WBSN. This paper proposes a novel energy-efficient approach, BodyKey, which can distribute the keys using the electrocardiograph biometrics. BodyKey represents the biometric features as ordered set, and deals with the biometric variations using set reconciliation. In this way, only limited necessary information needs to be communicated for key agreement, and the total energy consumption for key distribution can thus be reduced. Experiments on the PhysioBank Database show that BodyKey can perform an energy consumption rate of 0.01 mJ/bit with an equal accuracy rate of 97.28%, allowing the system to be used as an energy-efficient key distribution scheme for secure communications in WBSN.

Lin Yao,Bing Liu,Kai Yao,Guowei Wu,Jia Wang

DOI: https://doi.org/10.1109/uic-atc.2010.7

2010-01-01

Abstract:Body Sensor Networks (BSNs) provide continuous body health monitoring and analysis of physiological parameters. A high degree of security and privacy protection for BSN is extremely required. In this paper, a highly flexible authentication and key establishment protocol based on ECG signals and fuzzy commitment, namely ESKE, is proposed. The uniqueness of ECG signals guarantees that ESKE can provide long, random, low latency, distinctive and temporal variant keys. The fuzzy commitment assures ESKE scheme can tolerate the high degree of noise and variability inherently in ECG signals. A priori distribution of keying material is not required in ESKE. Experiment results shows that ESKE can not only guarantee data confidentiality, authenticity and Integrity, but also resist malicious attacks efficiently.

Sandeep Pirbhulal,Heye Zhang,Wanqing Wu,Yuan Ting Zhang

DOI: https://doi.org/10.1007/978-3-319-18191-2_3

2015-01-01

Abstract:In Body Sensor Networks (BSN) several sensor nodes are attached on, inside or around human body to monitor vital sign signals such as, Electrocardiogram (ECG), Electroencephalogram (EEG), Blood pressure etc. The information from each sensor node is very significant; therefore privacy and security is very important during data transmission in BSN. The conventional cryptographic approaches make use of cryptographic keys to achieve authentication, and use of these keys not only require high resource utilization and computation time, but also consume large amount of energy, power and memory in BSN. Therefore, it is necessary to develop power efficient and less computational complex authentication technique for BSN. In this paper we design a novel biometric algorithm which is based on biometric feature Electrocardiogram (ECG) and uses Data Authentication Function (DAF) for the security of BSN instead of utilizing traditional key generation procedure. Our proposed algorithm is compared with two cryptographic authentication techniques, Data Encryption Standard (DES) which is symmetric or private-key based encryption technique and RSA (Rivest Shamir Adleman) which is asymmetric or public-key based encryption scheme. Simulation is performed in MATLAB and results explain that our algorithm is efficient in terms of transmission time utilization and average remaining energy.

Zhaoyang Zhang,Honggang Wang,Athanasios V. Vasilakos,Hua Fang

DOI: https://doi.org/10.1109/titb.2012.2206115

2012-01-01

IEEE Transactions on Information Technology in Biomedicine

Abstract:Wireless body area networks (BANs) have drawn much attention from research community and industry in recent years. Multimedia healthcare services provided by BANs can be available to anyone, anywhere, and anytime seamlessly. A critical issue in BANs is how to preserve the integrity and privacy of a person's medical data over wireless environments in a resource efficient manner. This paper presents a novel key agreement scheme that allows neighboring nodes in BANs to share a common key generated by electrocardiogram (ECG) signals. The improved Jules Sudan (IJS) algorithm is proposed to set up the key agreement for the message authentication. The proposed ECG-IJS key agreement can secure data commnications over BANs in a plug-n-play manner without any key distribution overheads. Both the simulation and experimental results are presented, which demonstrate that the proposed ECG-IJS scheme can achieve better security performance in terms of serval performance metrics such as false acceptance rate (FAR) and false rejection rate (FRR) than other existing approaches. In addition, the power consumption analysis also shows that the proposed ECG-IJS scheme can achieve energy efficiency for BANs.

Xinyu Yang,Cong Zhao,Shusen Yang,Xinwen Fu,Julie Mccann

DOI: https://doi.org/10.1109/ICC.2015.7249494

2015-01-01

Abstract:Security plays a vital role in promoting the practicality of Wireless Body Sensor Networks (BSNs), which provides a promising solution to precise human physiological status monitoring. A fundamental security issue in BSN is key management, including establishment and maintenance of the key system. However, current BSN key management solutions are either designed for specific phases of a BSN's life-time or restricted to strong assumptions such as homogeneous BSN composition, pre-deployed key materials, and existing secure path, which limits their applications in real-world BSNs. In this paper, we develop the Systematic Key Management (SKM) for practical BSNs, where basic human interactions are conducted for non-predeployed secure BSN initialization, and authenticated key agreement is achieved using lightweight non-pairing certificateless public key cryptography. We construct a BSN prototype consisting of self-designed motes and Android phones to evaluate the real-world performance of SKM. Through extensive simulations and test-bed experiments, we demonstrate that our lightweight SKM scheme manages to provide high security guarantee while outperforming state-of-the-art approaches in terms of both computation and storage efficiency.

Yang Wu,Yongmei Sun,Lei Zhan,Yuefeng Ji

DOI: https://doi.org/10.1155/2013/912873

IF: 1.938

2013-01-01

International Journal of Distributed Sensor Networks

Abstract:Body area network (BAN) is an emerging branch of wireless sensor networks for personalized applications in many fields, such as health monitoring. The services in BAN usually have a high requirement on security, especially for the medical diagnosis, which involves private information. With limitations of power and computation capabilities, one of the main challenges to ensure security in BAN is how to generate or distribute a shared key between nodes for lightweight symmetric cryptography. The current research almost exploits the randomness and distinctiveness (characteristics) of physiological signals to solve the key generation problem. However, it needs the help of additional hardware support and has the constraint on positions deployment, to acquire vital signals, which will bring the high cost and hardness to implementation of real system. To avoid the above problems, this paper presents a novel key generation scheme and a key distribution protocol, both of which are only based on wireless modules equipped on sensors. By exploiting the high correlation of received signal strength index (RSSI) between peer-to-peer communications, our scheme can provide a shared symmetric cryptographic key under the presence of an eavesdropper. We conduct experiments on the real Telosb nodes, and the results demonstrate that our proposed methods have a good performance on security.

Yuezhong Wu,Mahbub Hassan,Wen Hu

DOI: https://doi.org/10.1145/3534607

2022-01-01

Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies

Abstract:Recent works have shown that wearable or implanted devices attached at different locations of the body can generate an identical security key from their independent measurements of the same gait. This has created an opportunity to realize highly secured data exchange to and from critical implanted devices. In this paper, we first demonstrate that vision can be used to easily attack such gait-based key generations; an attacker with a commodity camera can measure the gait from a distance and generate a security key with any target wearable or implanted device faster than other legitimate devices worn at different locations of the subject's body. To counter the attack, we propose a firewall to stop video-based gait measurements to proceed with key generation, but letting measurements from inertial measurement units (IMUs) that are widely used in wearable devices to measure the gait accelerations from the body to proceed. We implement the firewall concept with an IMU-vs-Video binary classifier that combines InceptionTime, an ensemble of deep Convolutional Neural Network (CNN) models for effective feature extraction from gait measurements, to a Generative Adversarial Network (GAN) that can generalize the classifier across subjects. Comprehensive evaluation with a real-world dataset shows that our proposed classifier can perform with an accuracy of 97.82%. Given that an attacker has to fool the classifier for multiple consecutive gait cycles to generate the complete key, the high single-cycle classification accuracy results in an extremely low probability for a video attacker to successfully pair with a target wearable device. More precisely, a video attacker would have one in a billion chance to successfully generate a 128-bit key, which would require the attacker to observe the subject for thousands of years.

Xin Huang,Bangdao Chen,Andrew Markham,Qinghua Wang,Zheng Yan,Andrew William Roscoe

DOI: https://doi.org/10.1049/iet-ifs.2012.0080

2013-01-01

IET Information Security

Abstract:A body sensor network (BSN) is typically a wearable wireless sensor network. Security protection is critical to BSNs, since they collect sensitive personal information. Generally speaking, security protection of BSN relies on identity (ID) and key distribution protocols. Most existing protocols are designed to run in general wireless sensor networks, and are not suitable for BSNs. After carefully examining the characteristics of BSNs, the authors propose human interactive empirical channel-based security protocols, which include an elliptic curve Diffie–Hellman version of symmetric hash commitment before knowledge protocol and an elliptic curve Diffie–Hellman version of hash commitment before knowledge protocol. Using these protocols, dynamically distributing keys and IDs become possible. As opposite to present solutions, these protocols do not need any pre-deployment of keys or secrets. Therefore compromised and expired keys or IDs can be easily changed. These protocols exploit human users as temporary trusted third parties. The authors, thus, show that the human interactive channels can help them to design secure BSNs.

Lin Yao,Bing Liu,Guowei Wu,Kai Yao,Jia Wang

DOI: https://doi.org/10.1155/2011/282986

IF: 1.938

2011-01-01

International Journal of Distributed Sensor Networks

Abstract:Current advances in semiconductor technology have made it possible to implant a network of biosensors inside the human body for health monitoring. In the context of a body area network (BAN), the confidentiality and integrity of the sensitive health information is particularly important. In this paper, we present an ECG (electrocardiogram)-signal-based key establishment protocol to secure the communication between every sensor and the control unit before the physiological data are transferred to external networks for remote analysis or diagnosis. The uniqueness of ECG signal guarantees that our protocol can provide long, random, distinctive and temporal variant keys. Biometric Encryption technique is applied to achieve the mutual authentication and derive a non-linkable session key between every sensor and the control unit. The correctness of the proposed key establishment protocol is formally verified based on SVO logic. Security analysis shows that our protocol can guarantee data confidentiality, authenticity and integrity. Performance analysis shows that it is a lightweight protocol.

Yuezhong Wu,Mahbub Hassan,Wen Hu

DOI: https://doi.org/10.1145/3534607

2022-01-01

Proceedings of the ACM on Interactive Mobile Wearable and Ubiquitous Technologies

Abstract:Recent works have shown that wearable or implanted devices attached at different locations of the body can generate an identical security key from their independent measurements of the same gait. This has created an opportunity to realize highly secured data exchange to and from critical implanted devices. In this paper, we first demonstrate that vision can be used to easily attack such gait-based key generations; an attacker with a commodity camera can measure the gait from a distance and generate a security key with any target wearable or implanted device faster than other legitimate devices worn at different locations of the subject's body. To counter the attack, we propose a firewall to stop video-based gait measurements to proceed with key generation, but letting measurements from inertial measurement units (IMUs) that are widely used in wearable devices to measure the gait accelerations from the body to proceed. We implement the firewall concept with an IMU-vs-Video binary classifier that combines InceptionTime, an ensemble of deep Convolutional Neural Network (CNN) models for effective feature extraction from gait measurements, to a Generative Adversarial Network (GAN) that can generalize the classifier across subjects. Comprehensive evaluation with a real-world dataset shows that our proposed classifier can perform with an accuracy of 97.82%. Given that an attacker has to fool the classifier for multiple consecutive gait cycles to generate the complete key, the high single-cycle classification accuracy results in an extremely low probability for a video attacker to successfully pair with a target wearable device. More precisely, a video attacker would have one in a billion chance to successfully generate a 128-bit key, which would require the attacker to observe the subject for thousands of years.

Mana Al Reshan,Hang Liu,Chunqiang Hu,Jiguo Yu

DOI: https://doi.org/10.1109/access.2019.2921822

IF: 3.9

2019-01-01

IEEE Access

Abstract:A body area network (BAN) consists of wireless sensors and actuators deployed on a patient's body for real-time health monitoring and personalized medical care. It is essential and challenging to secure wireless communications in a BAN to protect the patient's privacy while also allowing the authorized healthcare practitioners (e.g., emergency room doctors and nurses) to easily communicate with and configure the BAN devices transparent to the patient or even when the patient loses consciousness. With the existing schemes, the devices are based on a pre-installed secret password or a physiological signal feature to authenticate each other and to agree upon a cryptographic key for secure communications. The former requires a patient's input to access and configure the BAN, and the latter is not sufficiently reliable or secure due to signal dynamics. This motivates us to design a new key agreement scheme in this paper, called multi-biometric and physiological signal-based key agreement (MBPSKA), to achieve more secure and reliable authentication and communication session establishment between the BAN devices while providing flexibility to authorized personnel to access, control, and adjust the BAN without patient involvement. The proposed scheme exploits both the reliable biometric traits and the time-variant physiological signal features of a patient along with the efficient fuzzy crypto-algorithms and key distribution protocols. The devices use multiple biometric and physiological features for mutual authentication and cryptographic key protection. We analyze the security characteristics of MBPSKA, including its capabilities against various attacks. Our evaluation results using the real-world datasets demonstrate that MBPSKA outperforms the existing physiological signal-based key agreement schemes in terms of security, authentication reliability, and accuracy.

Zhaoyang Zhang,Honggang Wang,Athanasios V. Vasilakos,Hua Fang

DOI: https://doi.org/10.4108/icst.bodynets.2013.253689

2013-01-01

Abstract:Wireless Body Area Networks (WBANs) are the core of components of future m-Health system and is playing a crucial role in healthcare applications. A key requirement for such applications is secure communications between body sensors. This paper presents a novel key agreement scheme which allows wireless body sensors in WBANs to share a common key generated using wireless channel information. Unlike traditional biometric based security approach, the proposed key agreement does not need extra hardware, which can secure data communications in a plug-n-play manner. Our experimental results show that the proposed scheme is feasible for WBANs.

Samira Mesmoudi,Mohammed Feham

DOI: https://doi.org/10.5121/ijnsa.2011.3512

2011-10-09

Abstract:The Wireless Sensors Network (WSN) is an emergent technology resulting from progress of various fields. Many applications of networks WSN are born. One of the applications which have an operational effectiveness relates to the field of health and allows a medical remote support. Miniature wireless sensors, strategically placed on the human body, create a Wireless Body Sensor Network (WBSN) which allows supervising various essential biological signals (rate of heartbeat, pressure, etc). The sensitivity of medical information requires mechanisms of safety. This performance constitutes a challenge for WBSN because of their limitation in resources energy and data-processing. In this paper we propose a new approach to symmetric cryptographic key establishment, based on biometrics physiology. This approach takes into account WBSN constraints and its topology.

Networking and Internet Architecture

Yuchen Miao,Chaojie Gu,Zhenyu Yan,Sze Yiu Chau,Rui Tan,Qi Lin,Wen Hu,Shibo He,Jiming Chen

DOI: https://doi.org/10.1145/3596264

2023-01-01

Abstract:Secure device pairing is important to wearables. Existing solutions either degrade usability due to the need of specific actions like shaking, or they lack universality due to the need of dedicated hardware like electrocardiogram sensors. This paper proposes TouchKey, a symmetric key generation scheme that exploits the skin electric potential (SEP) induced by powerline electromagnetic radiation. The SEP is ubiquitously accessible indoors with analog-to-digital converters widely available on Internet of Things devices. Our measurements show that the SEP has high randomness and the SEPs measured at two close locations on the same human body are similar. Extensive experiments show that TouchKey achieves a high key generation rate of 345 bit/s and an average success rate of 99.29%. Under a range of adversary models including active and passive attacks, TouchKey shows a low false acceptance rate of 0.86%, which outperforms existing solutions. Besides, the overall execution time and energy usage are 0.44 s and 2.716 mJ, which make it suitable for resource-constrained devices.

Jinyang Shi,Kwok-Yan Lam,Ming Gu,Husheng Li

DOI: https://doi.org/10.1145/1837188.1837197

2010-01-01

Abstract:This paper proposes a new biometric-based key distribution scheme, BodySec, for energyefficient secure communications in wireless body sensor networks. To the best of our knowledge, BodySec is the first approach that can remove the timing synchronization assumption of the biometric inter-pulse signals among different biomedical sensors. The basic design is to represent the biometrics as an unordered set of short-term slots, then transform the problem of key agreement using biometrics into a problem of set reconciliation, finally ensure the different sensors can possess the same keys with low energy consumption. The experimental results on the PhysioBank electrocardiogram database demonstrate that BodySec opens up a new feasible way for energy-efficient key distribution in the future human-centered wireless system characterized by timing asynchronism and limited power.

Ming Li,Shucheng Yu,Wenjing Lou,Kui Ren

DOI: https://doi.org/10.1109/infcom.2010.5462095

2010-01-01

Abstract:Body Area Networks (BAN) is a key enabling technology in E-healthcare such as remote health monitoring. An important security issue during bootstrap phase of the BAN is to securely associate a group of sensor nodes to a patient, and generate necessary secret keys to protect the subsequent wireless communications. Due to the the ad hoc nature of the BAN and the extreme resource constraints of sensor devices, providing secure, fast, efficient and user-friendly secure sensor association is a challenging task. In this paper, we propose a lightweight scheme for secure sensor association and key management in BAN. A group of sensor nodes, having no prior shared secrets before they meet, establish initial trust through group device pairing (GDP), which is an authenticated group key agreement protocol where the legitimacy of each member node can be visually verified by a human. Various kinds of secret keys can be generated on demand after deployment. The GDP supports batch deployment of sensor nodes to save setup time, does not rely on any additional hardware devices, and is mostly based on symmetric key cryptography, while allowing batch node addition and revocation. We implemented GDP on a sensor network testbed and evaluated its performance. Experimental results show that that GDP indeed achieves the expected design goals.

Chunqiang Hu,Xiuzhen Cheng,Fan Zhang,Dengyuan Wu,Xiaofeng Liao,Dechang Chen

DOI: https://doi.org/10.1109/infcom.2013.6567031

2013-01-01

Abstract:Body Area Networks (BANs) are expected to play a major role in patient health monitoring in the near future. Providing an efficient key agreement with the prosperities of plug-n-play and transparency to support secure inter-sensor communications is critical especially during the stages of network initialization and reconfiguration. In this paper, we present a novel key agreement scheme termed Ordered-Physiological-Feature-based Key Agreement (OPFKA), which allows two sensors belonging to the same BAN to agree on a symmetric cryptographic key generated from the overlapping physiological signal features, thus avoiding the pre-distribution of keying materials among the sensors embedded in the same human body. The secret features computed from the same physiological signal at different parts of the body by different sensors exhibit some overlap but they are not completely identical. To overcome this challenge, we detail a computationally efficient protocol to securely transfer the secret features of one sensor to another such that two sensors can easily identify the overlapping ones. This protocol possesses many nice features such as the resistance against brute force attacks. Experimental results indicate that OPFKA is secure, efficient, and feasible. Compared with the state-of-the-art PSKA protocol, OPFKA achieves a higher level of security at a lower computational overhead.

Sandeep Pirbhulal,Wanqing Wu,Guanglin Li

DOI: https://doi.org/10.1109/ICDMW.2018.00026

2018-01-01

Abstract:Internet of Medical Things (IoMTs) are essential building blocks for wearable healthcare applications including bio-systems, rehabilitation robotics, and activity recognition among others. IoMTs have got immensely resource restrictions thus lightweight security is the significant requirement. One of the primary problems of existing approaches to secure inter-sensor medical data transmission referred as decentralized communication is more energy consumption of wearable devices for implementing security in IoMT. And another main concern is if key length is increased, the randomness of produced keys is reduced significantly. Thus, in this research, we have developed a security model which can provide decentralized and secure communication by considering both the abovementioned factors for IoMT based healthcare applications. Given the fact that every individual has different physical and biological functionalities, thus body features have the potentials to be used for securing IoMT. For that reason, bio-keys are generated in the proposed security model so that it will be more difficult for a hacker to eavesdrop medical information. The experimental results reveal a developed model out forms existing approaches for medical information security in terms of random keys generation and energy consumption.

Liping Xie,Weichao Wang,Xinghua Shi,Tuanfa Qin

DOI: https://doi.org/10.1109/icc.2017.7996735

2017-01-01

Abstract:Medical sensors are usually attached to or implanted inside patient body. Since sensing results of Body Area Networks (BAN) can directly impact the control of medical equipment, the authenticity and integrity of sensing data is essential for safety of patients. Restricted by the limited resources available to BAN sensors, researchers have referred to Physical Unclonable Function of the nodes to achieve authentication. Existing approaches focus on the authentication between control unit and sensors. Mutual authentication among body sensors has not been carefully studied. In this paper, we propose to design a lightweight mutual authentication mechanism for BAN sensors with physical unclonable functions (PUF). Using control unit as a middle point, a pair of body sensors can establish shared secrets so that authenticity of exchanged data can be protected. The proposed approach does not require sensors to conduct any encryption operations, which suits the restricted resources available to BAN nodes. The analysis shows that the proposed approach has very low overhead and does not introduce new vulnerabilities into the system.