The THaW team recently released the dissertations of two of its newest PhDs.

Tuo Yu, University of Illinois: The two faces of mobile sensing

https://www.ideals.illinois.edu/handle/2142/107938

Abstract: The recent popularization of mobile devices equipped with high-performance sensors has given rise to the fast development of mobile sensing technology. Mobile sensing applications analyze the signals generated by human activities and environment changes, and thus get a better understanding of the environment and human behaviors. Nowadays, researchers have developed diverse mobile sensing applications, which benefit people’s living, such as gesture recognition, vital sign monitoring, localization, and identification. Mobile sensing has two faces. While benefiting people’s lives, its growing capability would also spawn new threats to security and privacy. Exploring the dual character of mobile sensing is challenging. On one hand, while the commercialization of new mobile devices enlarges the design space, it is challenging to design effective mobile sensing systems, which use less or cheaper sensors and achieve better performance or more functionalities. On the other hand, attackers can utilize the sensing strategies to track victims’ activities and cause privacy leakages. It is challenging to find the potential leakages, because mobile sensing attacks usually use side channels and target the information hidden in non-textual data. To target the above challenges, I present the Mobile Sensing Application-Attack (MSAA) framework, a general model showing the structures of mobile sensing applications and attacks, and how the two faces are connected. MSAA reflects our principle of designing effective mobile sensing systems, i.e., we reduce the cost and improve the performance of current systems by exploring different sensors, various requirements for user/environment contexts, and different sensing algorithms. MSAA also shows our principle of exploring information leakages, i.e., we break a sensing system into basic components, and for each component we consider what user information could be extracted if data are leaked. I take handwriting input and indoor walking path tracking as examples, and show how we design effective mobile sensing techniques and also investigate their potential threats following MSAA. I design an audio-based handwriting input method for tiny mobile devices, which allows users to input words by writing on tables with fingers. Then, I explore the attacker’s capability of recognizing a victim’s handwriting content based on the handwriting sound. I also present an in-shoe force sensor-based indoor walking path tracking system, which enables smart shoes to locate users. Meanwhile, I show how likely a victim can be located if the foot force data are leaked to attackers. Our experiment results show that our applications can achieve satisfactory performance, and also confirm the threats of privacy leakage if they are maliciously used, which reveals the two faces of mobile sensing.

Travis Peters, Dartmouth College: Trustworthy Wireless Personal Area Networks.

https://www.cs.dartmouth.edu/~trdata/reports/abstracts/TR2020-878/

Abstract: In the Internet of Things (IoT), everyday objects are equipped with the ability to compute and communicate. These smart things have invaded the lives of everyday people, being constantly carried or worn on our bodies, and entering into our homes, our healthcare, and beyond. This has given rise to wireless networks of smart, connected, always-on, personal things that are constantly around us, and have unfettered access to our most personal data as well as all of the other devices that we own and encounter throughout our day. It should, therefore, come as no surprise that our personal devices and data are frequent targets of ever-present threats. Securing these devices and networks, however, is challenging. In this dissertation, we outline three critical problems in the context of Wireless Personal Area Networks (WPANs) and present our solutions to these problems.

First, I present our Trusted I/O solution (BASTION-SGX) for protecting sensitive user data transferred between wirelessly connected (Bluetooth) devices. This work shows how in-transit data can be protected from privileged threats, such as a compromised OS, on commodity systems. I present insights into the Bluetooth architecture, Intel’s Software Guard Extensions (SGX), and how a Trusted I/O solution can be engineered on commodity devices equipped with SGX.

Second, I present our work on AMULET and how we successfully built a wearable health hub that can run multiple health applications, provide strong security properties, and operate on a single charge for weeks or even months at a time. I present the design and evaluation of our highly efficient event-driven programming model, the design of our low-power operating system, and developer tools for profiling ultra-low-power applications at compile time.

Third, I present a new approach (VIA) that helps devices at the center of WPANs (e.g., smartphones) to verify the authenticity of interactions with other devices. This work builds on past work in anomaly detection techniques and shows how these techniques can be applied to Bluetooth network traffic. Specifically, we show how to create normality models based on fine- and course-grained insights from network traffic, which can be used to verify the authenticity of future interactions.