Dr.-Ing. Mikhail Fomichev

IoT Security and Privacy

Contact Information

Offered Theses Topics

No results match your search criteria.

  2022 Completed

Collecting a Real-World Dataset of Private Patterns for Stream Processing Systems

The Internet of Things (IoT) shows a clear shift towards analyzing streaming data (collected by IoT devices) using so-called stream processing systems (SPSs) that infer knowledge from these data in (near) real-time. Such SPSs work on the notion of events detected from sensor data, e.g., a user is standing, jogging, or eating. The SPSs raise serious privacy concerns, as they not only ignore user privacy but also pose new threats to it. For example, a sequence of seemingly nonsensitive events, like "swallow" --> "drink" --> "lay down", can reveal a sensitive private pattern of taking medicine. A few privacy-preserving mechanisms (PPMs) exist to address the private patterns' threat, but they need to be validated on realistic datasets containing a number of private patterns that are captured by various sensor data, e.g., IMU, ECG/EMG, and heart rate. To date such datasets do not exist. Hence, collecting one would the main goal of this thesis, which will be a big step towards validating existing and designing new PPMs that tackle the threat of private patterns in SPSs. The precise topic addressing the above research goal would be tailored depending on your skillset. However, a hands-on experience with data collection using smart devices (phones, watches, IoT sensors) and/or user studies is a strong plus. [1, 2] are exemplary data collection studies, which can serve as an inspiration for this work. [1] FallAllD: An Open Dataset of Human Falls and Activities of Daily Living for Classical and Deep Learning Applications [2] Case Studies Using Shimmer Sensors

  2022 Completed

Hiding User Private Attributes Using Machine Learning

The ubiquity of IoT sensors enables customized user services such as smart health or smart home. Recently, the advances in machine learning have been exploited to discover private user attributes (e.g., gender, age) from sensor data collected for different purposes such as activity recognition, violating user’s privacy. Two recent works [1, 2] utilize state-of-the-art machine learning techniques to suppress private user attributes in sensor data while maintaining the utility of the target application (e.g., target activity recognition remains accurate). In this thesis, we will critically evaluate the above proposals, with respect to their security (can other private attributes be learned on these data), generalizability (would they still work on a slightly different sensor data?), and deployability (can such approaches run on edge devices?). The precise topic addressing the above research goal would be tailored depending on your skillset. However, a solid background in machine learning and data mining is required in addition to a thorough understanding of privacy issues stemming from sensor data (also known as inference attacks). [1] Protecting Sensory Data against Sensitive Inferences [2] Preventing Sensitive Information Leakage from Mobile Sensor Signals via Integrative Transformation

  2022 Completed

Discovering Oversensing Privacy Issues in Smart IoT Environments

The proliferation of the IoT makes numerous smart devices equipped with rich sensing capabilities part of our everyday life. These sensors enable customized services by measuring a user’s ambient environment such as a fitness tracker recording daily activities (e.g., jogging), allowing users who exercise a lot to get an insurance discount. However, the ubiquity of sensing raises the problem of oversensing [1], namely inferring user’s sensitive attributes or behaviors (e.g., health conditions, political orientation) from the sensor data that was collected for benign purposes. In this thesis, we will explore the landscape of oversensing, focusing on the following problem: how to discover the oversensing issues in various sensor data in a scalable (i.e., automated) way? The precise topic addressing the above research goal would be tailored depending on your skillset. However, a solid background in machine learning and data mining is required in addition to a thorough understanding of privacy issues stemming from sensor data (also known as inference attacks). [1] How to Curtail Oversensing in the Home

  2020 Completed

Speeding up and hardening zero-interaction pairing by utilizing off-the-shelf IoT actuators

  2019 Completed

nextoyou - a zero-interactiion co-presence detection scheme based on Channel State Information

  2017 Completed

Implementation of a Contextual Framework for Secure Device Pairing Methods on Android

Motivation With the proliferation of numerous personal gadgets and smart devices, device pairing has become prominent in introducing security to such a diverse environment. Clearly, the process of secure device pairing is much more ambiguous than previously thought. This stems from the fact that there is no coherent vision of the pairing problem among the research community. To this end, we see that there is a plethora of various pairing protocols that have been proposed many of which are insecure or fail to work in practice. Clearly, there is no single winner in a device pairing race. Goal Correspondingly, one solution to such a problem is to support several pairing methods. However, from a user prospective this may create an additional burden. On top of that, some pairing protocols may be less appropriate security‐wise in certain scenarios. For instance, if a paring method relies on audio but is used in a noisy environment, this creates an additional attack vector or causes reliability issues. Another example are visual paring techniques used in a public place, which can be subject to shoulder surfing. Overall, in this thesis you will research which contextual information that can be gathered by a modern smartphone can augment in secure device pairing. We already have a working Android implementation which performs different methods of device pairing. More specifically, your task is to identify which factors can be potentially hazardous or beneficial for a certain pairing method in a particular scenario. The context that we are going to incorporate includes both the environmental information as well as the user input (feedback, preferences, etc.). Hence, you'll take measurements on the smartphone to rate the environmental information, and perform a small user study (20-30 users) on the device pairing usability.

  2017 Completed

Design, Implementation and Evaluation of a Privacy-preserving Framework for Trust Inference on Android

Publications

No results match your search criteria.

No One Size (PPM) Fits All: Towards Privacy in Stream Processing Systems

Next2You: Robust Copresence Detection Based on Channel State Information

FastZIP: faster and more secure zero-interaction pairing

Making Zero-interaction Pairing and Authentication Practical in the Internet of Things

Zero-Interaction Security - Towards Sound Experimental Validation

Perils of Zero-Interaction Security in the Internet of Things

Survey and Systematization of Secure Device Pairing