secure cluster formation in bsn using physiological values l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Secure Cluster Formation in BSN using Physiological Values PowerPoint Presentation
Download Presentation
Secure Cluster Formation in BSN using Physiological Values

Loading in 2 Seconds...

play fullscreen
1 / 19

Secure Cluster Formation in BSN using Physiological Values - PowerPoint PPT Presentation


  • 156 Views
  • Uploaded on

Secure Cluster Formation in BSN using Physiological Values. Krishna Venkatasubramanian IMPACT Lab CSE 591 Embedded Networks Final Presentation. Overview. Pervasive Healthcare Biomedical Sensors and Stimuli Physiological Value-based Security Secure Cluster Formation Security Analysis

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Secure Cluster Formation in BSN using Physiological Values' - thom


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
secure cluster formation in bsn using physiological values

Secure Cluster Formation in BSN using Physiological Values

Krishna Venkatasubramanian

IMPACT Lab

CSE 591 Embedded Networks

Final Presentation

overview
Overview
  • Pervasive Healthcare
  • Biomedical Sensors and Stimuli
  • Physiological Value-based Security
  • Secure Cluster Formation
  • Security Analysis
  • Prototyping Results
pervasive computing healthcare

Camera

EEG

EKG

BP

SpO2

GPS

Mp3

PDA/

Gateway

Feedback for Adaptation

Medical Sensor Plane

Motion

Sensor

Actuation

(drug-delivery)

Management Plane

Knowledge Generation

Plane

Doctor

Physiological

Data

Knowledge

Patient

  • Collect Medical Data
  • Local Processing
  • Medical Actuation
  • Storage Management
  • Sensor Management
  • Generate Context

Generate

Knowledge

Pervasive Computing & Healthcare

Pervasive Computing

Pervasive Healthcare

Use Pervasive Computing for day-to-day healthcare management (monitoring + treatment), made possible by development of biomedical sensors

Personalized computing power available everywhere, by embedding computing in user’s environment.

BSN

  • Features:
  • Merger of Physical and Virtual Space
  • Uses computing entities which are:

- tiny/ cheap

- specialized

- unsupervised

- interconnected

  • Features:
  • Extends BSN with embedded medical sensors
  • No time & space restrictions for healthcare
  • Better coverage and quality of care to all.

Overview

Some Applications

Sports Health

Management

Assisted

Living

Disaster

Relief

Management

Medical Facility

Management

GOAL:Enable independent living, general wellness and disease management.

biomedical sensors biosensors
Biomedical Sensors (Biosensors)

Inter-Pulse-Interval (V’1)

Inter-Pulse-Interval (V1)

EKG

EKG

Inter-Pulse-Interval (V2)

=

=

Inter-Pulse-Interval (V’2)

PPG

PPG

  • Physiological Values (PV): Measure Stimuli from bodye.g. EKG, PPG(Photoplethysymograph)
  • PVs are universally collectable, vary with time and can have similar values in one human being
  • Biomedical Sensor Platforms
  • In-vivo sensors
    • Are primarily at experimental stage
    • Measure one stimuli
  • Wearable sensors
    • Groups of sensors packaged together
    • Products available
    • Have wireless capability
  • Generic Sensors
  • Measure environmental stimuli
  • Can perform wireless communication
  • Used in medical monitoring projects, Code Blue @ Harvard
  • Mica2, MicaZ, TelosB

Nano-scale Blood

Glucose level detector

Developed @ UIUC

Mica2 based

EKG sensor

AMON Wearable

Health Monitor

  • Properties
  • Small form factor
  • Limited processor, memory, communication capabilities
  • Form large networks within body for energy- efficiency

Life Shirt Ambulatory

Monitoring

biosensor net security energy efficiency

Base

Station

Leader Node

(LN)

Cluster

Sensor Nodes (SN)

Biosensor Net: Security & Energy-Efficiency
  • Security
    • Healthcare systems collect sensitivemedical data from a patient.
    • Patient’s privacy is a legal requirement (HIPAA).
    • Health information of a person can be taken advantage of.
  • Attacks
    • Fake emergency warnings.
    • Prevent legitimate emergency warnings
    • Battery power depletion
    • Tissue heating
  • Energy-Efficient Topologies
    • Biosensors have limited capabilities
    • Topological formations helps in reducing energy consumption
    • Many topologies possible: Cluster, Tree …
    • Cluster is one of the most energy-efficient topologies.
  • Security and Topology
    • Topology formation
      • Not traditionally secured
      • Open systems toattacks during topology formation. Example: Sinkholes
    • Securing topology formation a must
pvs physiological value based security
PVS: Physiological Value based Security

ECG, Heart/Pulse Rate

  • Principle Idea: Use PVs as security primitives in biomedical sensor networks:
    • Hide cryptographic keys
    • Authenticate and secure biosensor communication
  • Examples:
    • Blood Pressure, Heart Rate, Glucose level
    • Temporal variations in different PVs.
    • Combination of multiple PV
  • PVs values at two location slightly different
    • Use Error Correction Codes like Majority Encoding for correction

Blood Pressure

+

Blood Glucose

Easier and safe key generation

  • Cheaper key distribution

Sensors

aspects of physiological values

Value

Time 

Aspects of Physiological Values

Required Properties of Physiological Values

FOUND: Inter-Pulse-Interval (IPI), Heart Rate Variation (HPV)

FUTURE QUEST: Find Others…

  • Universal
    • Should be measurable in everyone
  • Distinctive
    • Should be able to differentiate 2 individuals
  • Random
    • To prevent brute-force attacks
  • Timevariant
    • If broken, the next set of values should not be guessable.

Physiological Certificate

  • Cert = MAC (Key, Data), γ Where γ = Key  PV
  • hides the actual Key used for computing the Message Authentication Code (MAC) over the data for integrity protection.
pv based communication
PV Based Communication

Measure Pre-defined PV @ Sender PVs & Receiver PVr

Generate Random Key

@ sender

Randkey

Cert = MAC(Randkey, Data) , γ

where γ = PVs Randkey

Compute Physiological Certificate with Key Rand on Data

Send Message

<Data, Cert, γ>

Receiver message

Unhide RandKeyusing PVr and γ from the Cert

RandKey’= PVr Cert. γ

Correct RandKey, verify certificate by computing MAC

RandKey’’ = ECC(RandKey’)

Cert == MAC (RandKey’’, Data) ?

Error Correction Code used  Majority Encoding [Juels99,CVG03]

communication scheduling for pvs
Communication Scheduling for PVS
  • PVs unpredictable vary with time
  • At a given time PVs measured at co-located sensors are similar

Time-slot

  • At MT, both sender & receiver measure a pre-decided PV
  • At TT, sender and receiver communicate using the PV measured in the MT before

Sender

Sequence

1

3

7

Receiver

Sequence

6,9

7

*

Measurement

Time (MT)

Transmission

Time (TT)

Broadcast

(used for solicitations)

  • Schedule is computed apriori by BS, based on network topology and communication requirements, and distributed to sensors
  • Duration of time-slot variable, can be chosen based on PV strength and estimated time to compromise it.
  • Once PV newly measured, old values are NEVER reused
choosing physiological values
Choosing Physiological Values

PV1

PV0

  • Identified PVs
    • Inter-Pulse-Interval (IPI) [PZ06].
    • Heart Rate Variation (HRV) [BZZ05]
  • PV Distinctiveness Testing
  • Performanceevaluation criteria:
    • False Rejection Rate (FRR)
    • False Acceptance Rate (FAR)
  • FAR and FRR increased if two PVs lack synchronicity.
  • Randomness of PVs verified using Chi-Square Test.
  • Interference possible:
    • Drastic difference between PVs of two people will prevent un-wanted communication

HRV

HRV

Encoder

Encoder

I1

Io

128 bits

Hamming

Distance

128 bits

< 22 bits

(same person)

 90 bits

(different person)

Radio-range for

Intended

communication

Interference

advantage of using pv based security
Advantage of Using PV Based Security

Traditional Secure Biosensor Network Communication

S

R

BS

Topology Formation

Key Distribution

Secure Communication

  • Unsecured
  • Cluster
  • Linear
  • Use distributed keys
  • Diffie Hellman (ECC)
  • Pre-deployed Keys
  • Master Key based Assignment…

PV based Secure Biosensor Network Communication

S

R

BS

Secure Topology Formation

Secure Communication

  • PV based security
  • Centralized Cluster Formation
  • Distributed Cluster Formation
  • Use PV for sensor-sensor secure communication

Key Distribution Completely Eliminated

VERY EFFICIENT

cluster formation security flaws
Cluster formation & Security Flaws

LN3

LN1

LN2

Hello-Flood Attack

  • Leads to the formation of Sinkholes
  • The sinkhole can now mount selective forwarding attacks on the sensor in its “cluster”.

Reason

  • All solicitations supposed to be from LN only.
  • Each LN is assumed to be trustworthy.

Traditional

Cluster Formation

Technique

SN1

SN2

SN3

SN4

SN5

SN6

Weaker signal

Flaws in Traditional Cluster Formation

Malicious

Node

LN1

LN2

SN1

SN3

SN2

  • Problem:
  • Traditional cluster formation protocol is not secure.
secure cluster formation
Secure Cluster Formation
  • PV based inter-sensor communication
  • NO explicit key distribution

Assumptions

  • Wireless Medium NOTTrusted
  • Base Station Trustworthy
  • Physical compromise of sensors difficult (ambulatory patient)
  • Jamming not considered
  • Leader Nodes identified apriori cluster formation
  • Clusters are temporary topologies.
  • Leader Nodes rotated at regular intervals.
centralized cluster formation
Centralized Cluster Formation

Base Station

Nc

NA

NB

Nc

NA

NB

NC

N4

N3

N1

N2

Solicitation (N3 *) :N3, Cert [N3]

Relay (NC BS): N3, NC, SS, Cert( N3, NC , SS)

Relay (NB BS): N3, NB, SS, Cert( N3, NC , SS)

Reply (BS  N3) : NC, Cert(NC)

distributed cluster formation
Distributed Cluster Formation

NC

NA

NB

N1

N3

N2

N4

Solicitation (NB * ):NB, Cert [NB]

Reply (N3 NB): N3, Cert[ N3, NB]

Reply (N2 NB): N3, Cert[ N3, NB]

security analysis
Security Analysis

Centralized Protocol

Vulnerability

Distributed Protocol

  • Relayed messages cannot be authenticated as no Cert as spoofed LN cannot measure PV
  • Spoofed LN cannot measure PV, so no valid Cert

Spoof LN

Spoof Sensor Nodes

  • Adversary cannot measure PV, illegal Cert appended to reply
  • Adversary cannot measure PV, illegal Cert appended in solicitation

Compromise Physiological Values

Will FAIL to protect

Will FAIL to protect

Very Important to Choose good PVs

prototype implementation

Entity

Centralized

Distributed

Base

Station

15.2KB

---

Leader

Node

12.8KB

12.5KB

Sensor

Node

13.5KB

13.9KB

Prototype Implementation

Promiscuous

Listener

Logical Setup:

BS

LN

  • Implementation on Mica2 motes.
  • Promiscuous listener used to see workings of the protocol.
  • Attacked the setup,
    • Spoofed LN
    • Spoof SN
    • Attacks Thwarted

LN

Spoofed LN

SN

SN

Distributed

Spoofed SN

Centralized

Actual Setup:

File Sizes:

Clusters

SN

LN

LN

LN

LN

Base Station

conclusions and future work
Conclusions and Future Work
  • Use of Physiological Values for establishing session keys between biosensors, for example: Inter-Pulse Interval and Heart-Rate Variation.
  • Prototyped protocol using Mica2 motes and tested resiliency by actively attacking it.
  • Future Work
    • Expand the set of Physiological Values used for securing biosensor communication.
    • Incorporate PVs into the implementation
feasibility
Feasibility
  • Single PV for all sensors ?
    • All sensors cannot be expected to measure same PV.
    • Need enough PVs to allow senders and receivers to choose the one they have in common.
  • Multiple stimuli Measurement
    • Multi-modal wearable monitoring devices available
      • Vivago WristCare (Wrist Wearable) – patient activity, skin temperature, skin conductivity (http://www.istsec.fi/eng/Etuotteet.htm)
      • AMON (Wrist Wearable) – EKG, Blood Pressure, SpO2 [LA02]
      • Life Shirt (Smart Clothes)- EKG, perspiration, posture, SpO2 (http://www.vivometric.com)
    • For in-vivo sensors, such capabilities are not yet available to the best of our knowledge.
  • Powering sources:
    • Power-paper cells which can be printed (http://www.powerpaper.com)
    • Battery made of fiber that can be woven [AGS05]
    • Body movement and heat [ASG05]
    • Flexile solar cells, textile coils, even Bike dynamo [ASG05]