Secu Wear: An Open Source, Multi-component Hardware/Software Platform for Exploring Wearable Security

Matthew L. Hale, Dalton Ellis, Rose Gamble, Charles Waler, Jessica Lin

Research output: Chapter in Book/Report/Conference proceedingConference contribution

9 Citations (Scopus)

Abstract

Wearables are the next big development in the mobile internet of things. Operating in a body area network around a smartphone user they serve a variety of commercial, medical, and personal uses. Whether used for fitness tracking, mobile health monitoring, or as remote controllers, wearable devices can include sensors that collect a variety of data and actuators that provide hap tic feedback and unique user interfaces for controlling software and hardware. Wearables are typically wireless and use Bluetooth LE (low energy) to transmit data to a waiting smartphone app. Frequently, apps forward this data onward to online web servers for tracking. Security and privacy concerns abound when wearables capture sensitive data or provide critical functionality. This paper develops a platform, called SecuWear, for conducting wearable security research, collecting data, and identifying vulnerabilities in hardware and software. SecuWear combines open source technologies to enable researchers to rapidly prototype security vulnerability test cases, evaluate them on actual hardware, and analyze the results to understand how best to mitigate problems. The paper includes two types of evaluation in the form of a comparative analysis and empirical study. The results reveal how several passive observation attacks present themselves in wearable applications and how the SecuWear platform can capture the necessary information needed to identify and combat such attacks.

Original languageEnglish (US)
Title of host publicationProceedings - 2015 IEEE 3rd International Conference on Mobile Services, MS 2015
EditorsJia Zhang, Onur Altintas
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages97-104
Number of pages8
ISBN (Electronic)9781467372848
DOIs
StatePublished - Aug 26 2015
Event3rd IEEE International Conference on Mobile Services, MS 2015 - New York, United States
Duration: Jun 27 2015Jul 2 2015

Publication series

NameProceedings - 2015 IEEE 3rd International Conference on Mobile Services, MS 2015

Other

Other3rd IEEE International Conference on Mobile Services, MS 2015
CountryUnited States
CityNew York
Period6/27/157/2/15

Fingerprint

hardware
Smartphones
Wear of materials
Hardware
vulnerability
Bluetooth
data capture
Application programs
User interfaces
Actuators
Servers
user interface
fitness
functionality
Feedback
privacy
Controllers
Monitoring
Sensors
monitoring

Keywords

  • Bluetooth low energy
  • internet of things
  • man-in-the-middle
  • security
  • vulnerability discovery
  • wearables

ASJC Scopus subject areas

  • Communication
  • Computer Networks and Communications

Cite this

Hale, M. L., Ellis, D., Gamble, R., Waler, C., & Lin, J. (2015). Secu Wear: An Open Source, Multi-component Hardware/Software Platform for Exploring Wearable Security. In J. Zhang, & O. Altintas (Eds.), Proceedings - 2015 IEEE 3rd International Conference on Mobile Services, MS 2015 (pp. 97-104). [7226677] (Proceedings - 2015 IEEE 3rd International Conference on Mobile Services, MS 2015). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/MobServ.2015.23

Secu Wear : An Open Source, Multi-component Hardware/Software Platform for Exploring Wearable Security. / Hale, Matthew L.; Ellis, Dalton; Gamble, Rose; Waler, Charles; Lin, Jessica.

Proceedings - 2015 IEEE 3rd International Conference on Mobile Services, MS 2015. ed. / Jia Zhang; Onur Altintas. Institute of Electrical and Electronics Engineers Inc., 2015. p. 97-104 7226677 (Proceedings - 2015 IEEE 3rd International Conference on Mobile Services, MS 2015).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Hale, ML, Ellis, D, Gamble, R, Waler, C & Lin, J 2015, Secu Wear: An Open Source, Multi-component Hardware/Software Platform for Exploring Wearable Security. in J Zhang & O Altintas (eds), Proceedings - 2015 IEEE 3rd International Conference on Mobile Services, MS 2015., 7226677, Proceedings - 2015 IEEE 3rd International Conference on Mobile Services, MS 2015, Institute of Electrical and Electronics Engineers Inc., pp. 97-104, 3rd IEEE International Conference on Mobile Services, MS 2015, New York, United States, 6/27/15. https://doi.org/10.1109/MobServ.2015.23
Hale ML, Ellis D, Gamble R, Waler C, Lin J. Secu Wear: An Open Source, Multi-component Hardware/Software Platform for Exploring Wearable Security. In Zhang J, Altintas O, editors, Proceedings - 2015 IEEE 3rd International Conference on Mobile Services, MS 2015. Institute of Electrical and Electronics Engineers Inc. 2015. p. 97-104. 7226677. (Proceedings - 2015 IEEE 3rd International Conference on Mobile Services, MS 2015). https://doi.org/10.1109/MobServ.2015.23
Hale, Matthew L. ; Ellis, Dalton ; Gamble, Rose ; Waler, Charles ; Lin, Jessica. / Secu Wear : An Open Source, Multi-component Hardware/Software Platform for Exploring Wearable Security. Proceedings - 2015 IEEE 3rd International Conference on Mobile Services, MS 2015. editor / Jia Zhang ; Onur Altintas. Institute of Electrical and Electronics Engineers Inc., 2015. pp. 97-104 (Proceedings - 2015 IEEE 3rd International Conference on Mobile Services, MS 2015).
@inproceedings{040f29faba3948269ca5f8fd26feb453,
title = "Secu Wear: An Open Source, Multi-component Hardware/Software Platform for Exploring Wearable Security",
abstract = "Wearables are the next big development in the mobile internet of things. Operating in a body area network around a smartphone user they serve a variety of commercial, medical, and personal uses. Whether used for fitness tracking, mobile health monitoring, or as remote controllers, wearable devices can include sensors that collect a variety of data and actuators that provide hap tic feedback and unique user interfaces for controlling software and hardware. Wearables are typically wireless and use Bluetooth LE (low energy) to transmit data to a waiting smartphone app. Frequently, apps forward this data onward to online web servers for tracking. Security and privacy concerns abound when wearables capture sensitive data or provide critical functionality. This paper develops a platform, called SecuWear, for conducting wearable security research, collecting data, and identifying vulnerabilities in hardware and software. SecuWear combines open source technologies to enable researchers to rapidly prototype security vulnerability test cases, evaluate them on actual hardware, and analyze the results to understand how best to mitigate problems. The paper includes two types of evaluation in the form of a comparative analysis and empirical study. The results reveal how several passive observation attacks present themselves in wearable applications and how the SecuWear platform can capture the necessary information needed to identify and combat such attacks.",
keywords = "Bluetooth low energy, internet of things, man-in-the-middle, security, vulnerability discovery, wearables",
author = "Hale, {Matthew L.} and Dalton Ellis and Rose Gamble and Charles Waler and Jessica Lin",
year = "2015",
month = "8",
day = "26",
doi = "10.1109/MobServ.2015.23",
language = "English (US)",
series = "Proceedings - 2015 IEEE 3rd International Conference on Mobile Services, MS 2015",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "97--104",
editor = "Jia Zhang and Onur Altintas",
booktitle = "Proceedings - 2015 IEEE 3rd International Conference on Mobile Services, MS 2015",

}

TY - GEN

T1 - Secu Wear

T2 - An Open Source, Multi-component Hardware/Software Platform for Exploring Wearable Security

AU - Hale, Matthew L.

AU - Ellis, Dalton

AU - Gamble, Rose

AU - Waler, Charles

AU - Lin, Jessica

PY - 2015/8/26

Y1 - 2015/8/26

N2 - Wearables are the next big development in the mobile internet of things. Operating in a body area network around a smartphone user they serve a variety of commercial, medical, and personal uses. Whether used for fitness tracking, mobile health monitoring, or as remote controllers, wearable devices can include sensors that collect a variety of data and actuators that provide hap tic feedback and unique user interfaces for controlling software and hardware. Wearables are typically wireless and use Bluetooth LE (low energy) to transmit data to a waiting smartphone app. Frequently, apps forward this data onward to online web servers for tracking. Security and privacy concerns abound when wearables capture sensitive data or provide critical functionality. This paper develops a platform, called SecuWear, for conducting wearable security research, collecting data, and identifying vulnerabilities in hardware and software. SecuWear combines open source technologies to enable researchers to rapidly prototype security vulnerability test cases, evaluate them on actual hardware, and analyze the results to understand how best to mitigate problems. The paper includes two types of evaluation in the form of a comparative analysis and empirical study. The results reveal how several passive observation attacks present themselves in wearable applications and how the SecuWear platform can capture the necessary information needed to identify and combat such attacks.

AB - Wearables are the next big development in the mobile internet of things. Operating in a body area network around a smartphone user they serve a variety of commercial, medical, and personal uses. Whether used for fitness tracking, mobile health monitoring, or as remote controllers, wearable devices can include sensors that collect a variety of data and actuators that provide hap tic feedback and unique user interfaces for controlling software and hardware. Wearables are typically wireless and use Bluetooth LE (low energy) to transmit data to a waiting smartphone app. Frequently, apps forward this data onward to online web servers for tracking. Security and privacy concerns abound when wearables capture sensitive data or provide critical functionality. This paper develops a platform, called SecuWear, for conducting wearable security research, collecting data, and identifying vulnerabilities in hardware and software. SecuWear combines open source technologies to enable researchers to rapidly prototype security vulnerability test cases, evaluate them on actual hardware, and analyze the results to understand how best to mitigate problems. The paper includes two types of evaluation in the form of a comparative analysis and empirical study. The results reveal how several passive observation attacks present themselves in wearable applications and how the SecuWear platform can capture the necessary information needed to identify and combat such attacks.

KW - Bluetooth low energy

KW - internet of things

KW - man-in-the-middle

KW - security

KW - vulnerability discovery

KW - wearables

UR - http://www.scopus.com/inward/record.url?scp=84954127199&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84954127199&partnerID=8YFLogxK

U2 - 10.1109/MobServ.2015.23

DO - 10.1109/MobServ.2015.23

M3 - Conference contribution

AN - SCOPUS:84954127199

T3 - Proceedings - 2015 IEEE 3rd International Conference on Mobile Services, MS 2015

SP - 97

EP - 104

BT - Proceedings - 2015 IEEE 3rd International Conference on Mobile Services, MS 2015

A2 - Zhang, Jia

A2 - Altintas, Onur

PB - Institute of Electrical and Electronics Engineers Inc.

ER -