Security from Implicit Information

Loading...
Thumbnail Image

URL

Journal Title

Journal ISSN

Volume Title

School of Electrical Engineering | Doctoral thesis (article-based) | Defence date: 2020-09-18

Date

2020

Major/Subject

Mcode

Degree programme

Language

en

Pages

127 +app. 107

Series

Aalto University publication series DOCTORAL DISSERTATIONS, 128/2020

Abstract

We present novel security mechanisms using implicit information extracted from physiological, behavioural, and ambient data. These mechanisms are implemented with reference to device-to-user and inter-device relationships, including: user authentication with transient image-based passwords, device-to-device secure connection initialization based on vocal commands, collaborative inference over the communication channel, and continuous on-body device pairing. Authentication methods based on passwords require users to explicitly set their passwords and change them regularly. We introduce a method to generate always-fresh authentication challenges from videos collected by wearable cameras. We implement two password formats that expect users to arrange or select images according to their chronological information. Radio waves are mainly used for data transmission. We implement function computation over the wireless signals to perform collaborative inference. We encode information into burst sequences in such a way that arithmetic functions can be computed using the interference. Hence, data is hidden inside the wireless signals and implicitly aggregated. Our algorithms allow us to train and deploy a classifier efficiently with the support of minimal backscatter devices. To initialize a connection between a personal device (e.g. smart-phone) and shared appliances (e.g. smart-screens), users are required to explicitly ask for connection information including device identities and PIN codes. We propose to leverage natural vocal commands to select shared appliance types and generate secure communication keys from the audio implicitly. We perform experiments to verify that device proximity defined by audio fingerprints can restrict the range of device-to-device communication. PIN codes in device pairing must be manually entered or verified by users. This is inconvenient in scenarios when pairing is performed frequently or devices have limited user interfaces. Our methods generate secure pairing keys for on-body devices continuously from sensor data. Our mechanisms automatically disconnect the devices when they leave the user's body. To cover all human activities, we leverage gait in human ambulatory actions and heartbeat in resting postures.

Description

A doctoral dissertation completed for the degree of Doctor of Science (Technology) to be defended, with the permission of the Aalto University School of Electrical Engineering. Remote connection link https://aalto.zoom.us/j/6549167529, on 18 September 2020 at 17:00 EEST.

Supervising professor

Sigg, Stephan, Assoc. Prof., Aalto University, Department of Communications and Networking, Finland

Keywords

security, implicit information, sensor data, signal processing, machine learning

Other note

Parts

  • [Publication 1]: Dominik Schürmann, Arne Brüsch, Ngu Nguyen, Stephan Sigg, and Lars Wolf. Moves like Jagger: Exploiting variations in instantaneous gait for spontaneous device pairing. Pervasive and Mobile Computing, Volume 47, Pages 1-12 , July 2018.
    DOI: 10.1016/j.pmcj.2018.03.006 View at publisher
  • [Publication 2]: Arne Brüsch, Ngu Nguyen, Dominik Schürmann, Stephan Sigg, and Lars Wolf. Security Properties of Gait for Mobile Device Pairing. IEEE Transactions on Mobile Computing, All authors contributed equally to this work and are listed in alphabetical order, February 2019
  • [Publication 3]: Ngu Nguyen, Rainhard D. Findling, and Stephan Sigg. Always-fresh Authentication Challenges from Videos Captured by a Body-worn Camera. IEEE Transactions on Mobile Computing, submitted, 2020
  • [Publication 4]: Ngu Nguyen, Stephan Sigg, Jari Lietzen, Rainhard D. Findling, and Kalle Ruttik. Collaborative Inference – Training a Distributed Learner for Smart Environments. IEEE Transactions on Mobile Computing, submitted, 2020
  • [Publication 5]: Ngu Nguyen and Stephan Sigg. PassFrame: Generating image-based passwords from egocentric videos. In IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Work- shops), USA, March 2017.
    DOI: 10.1109/PERCOMW.2017.7917518 View at publisher
  • [Publication 6]: Ngu Nguyen and Stephan Sigg. User Authentication based on Personal Image Experiences. In IEEE International Conference on Pervasive Com- puting and Communications Workshops (PerCom Workshops), Greece, March 2018.
    DOI: 10.1109/PERCOMW.2018.8480087 View at publisher
  • [Publication 7]: Ngu Nguyen, Nico Jähne-Raden, Ulf Kulau, and Stephan Sigg. Representation Learning for Sensor-based Device Pairing. In IEEE International Conference on Pervasive Computing and Communications Workshops (Per-Com Workshops), Greece, March 2018.
    Full text in Acris/Aaltodoc: http://urn.fi/URN:NBN:fi:aalto-201812105912
    DOI: 10.1109/PERCOMW.2018.8480412 View at publisher
  • [Publication 8]: Ngu Nguyen and Stephan Sigg. Secure Context-based Pairing for Unprecedented Devices. In IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), Greece, March 2018.
    Full text in Acris/Aaltodoc: http://urn.fi/URN:NBN:fi:aalto-201812106152
    DOI: 10.1109/PERCOMW.2018.8480126 View at publisher
  • [Publication 9]: Ngu Nguyen and Stephan Sigg. Learning with Vertically-Partitioned Data, Binary Feedback, and Random Parameter Update. In IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), France, April 2019.
    Full text in Acris/Aaltodoc: http://urn.fi/URN:NBN:fi:aalto-202001021057
    DOI: 10.1109/INFCOMW.2019.8845203 View at publisher
  • [Publication 10]: Stephan Sigg, Ngu Nguyen, Pablo Perez Zarazaga, and Tom Bäckström. Provable Consent for Voice User Interfaces in Indoor Environments. In IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), USA, March 2020

Citation