Addressing Security and Privacy Challenges in Internet of Things.

Author
Mosenia, Arsalan [Browse]
Format
Book
Language
English
Description
xx, 274 p. : ill. ; 29 cm.

Availability

Copies in the Library

Location Call Number Status Location Service Notes
Mudd Manuscript Library - Remote Storage (ReCAP): Mudd Library Use OnlyPRIN 685 2017 Browse related items Reading Room Request

    Details

    Summary note
    • Internet of Things (IoT), also referred to as the Internet of Objects, is envisioned as a holistic and transformative approach for providing numerous services. The rapid development of various communication protocols and miniaturization of transceivers along with recent advances in sensing technologies offer the opportunity to transform isolated devices into communicating smart things. Smart things, that can sense, store, and even process electrical, thermal, optical, chemical, and other signals to extract user-/environment-related information, have enabled services only limited by human imagination.
    • Despite picturesque promises of IoT-enabled systems, the integration of smart things into the standard Internet introduces several security challenges because the majority of Internet technologies, communication protocols, and sensors were not designed to support IoT. Several recent research studies have demonstrated that launching security/privacy attacks against IoT-enabled systems, in particular wearable medical sensor (WMS)-based systems , may lead to catastrophic situations and life-threatening conditions. Therefore, security threats and privacy concerns in the IoT domain need to be proactively studied and aggressively addressed. In this thesis, we tackle several domain-specific security/privacy challenges associated with IoT-enabled systems.
    • We first target health monitoring systems that are one of the most widely-used types of IoT-enabled systems. We discuss and evaluate several energy-efficient schemes and algorithms, which significantly reduce total energy consumption of different implantable and wearable medical devices (IWMDs). The proposed schemes make continuous long-term health monitoring feasible while providing spare energy needed for data encryption.
    • Furthermore, we present two energy-efficient protocols for implantable medical devices (IMDs), which are essential for data encryption: (i) a secure wakeup protocol that is resilient against battery draining attacks, along with (ii) a low-power key exchange protocol that shares the encryption key between the IMD and the external device while ensuring confidentiality of the key.
    • Moreover, we introduce a new class of attacks against the privacy of a patient who is carrying IWMDs. We describe how an attacker can infer private information about the patient by exploiting physiological information leakage, i.e., signals that continuously emanate from the human body due to the normal functioning of organs or IWMDs attached to (or implanted in) the body.
    • Further, we propose a new generic class of security attacks, called dedicated intelligent security attacks against sensor-triggered emergency responses (DISASTER), that is applicable to a variety of sensor-based systems. DISASTER exploits design flaws and security weaknesses of safety mechanisms deployed in cyber-physical systems (CPSs) to trigger emergency responses even in the absence of a real emergency. In addition to introducing DISASTER, we comprehensively describe its serious consequences and demonstrate the possibility of launching such attacks against the two most widely-used CPSs: residential and industrial automation/monitoring systems.
    • Finally, we present a continuous authentication system based on BioAura, i.e., information that is already gathered by WMSs for diagnostic and therapeutic purposes. We extensively examine the proposed authentication system and demonstrate that it offers promising advantages over one-time knowledge-based authentication systems, e.g., password-/pattern-based systems, and may potentially be used to protect personal computing devices and servers, software applications, and restricted physical spaces.
    Notes
    Source: Dissertation Abstracts International, Volume: 78-07(E), Section: B.
    Dissertation note
    Thesis (Ph.D.)--Princeton University, 2017.
    In
    Dissertation Abstracts International 78-07B(E).
    ISBN
    9781369557749
    OCLC
    991610274
    Statement on language in description
    Princeton University Library aims to describe library materials in a manner that is respectful to the individuals and communities who create, use, and are represented in the collections we manage. Read more...
    Other views
    Staff view

    Supplementary Information