research-article

Open access

Combating False Data Injection Attacks on Human-Centric Sensing Applications

Authors:

Asif SalekinAuthors Info & Claims

Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies, Volume 6, Issue 2

Article No.: 83, Pages 1 - 22

https://doi.org/10.1145/3534577

Published: 07 July 2022 Publication History

Abstract

The recent prevalence of machine learning-based techniques and smart device embedded sensors has enabled widespread human-centric sensing applications. However, these applications are vulnerable to false data injection attacks (FDIA) that alter a portion of the victim's sensory signal with forged data comprising a targeted trait. Such a mixture of forged and valid signals successfully deceives the continuous authentication system (CAS) to accept it as an authentic signal. Simultaneously, introducing a targeted trait in the signal misleads human-centric applications to generate specific targeted inference; that may cause adverse outcomes. This paper evaluates the FDIA's deception efficacy on sensor-based authentication and human-centric sensing applications simultaneously using two modalities - accelerometer, blood volume pulse signals. We identify variations of the FDIA such as different forged signal ratios, smoothed and non-smoothed attack samples. Notably, we present a novel attack detection framework named Siamese-MIL that leverages the Siamese neural networks' generalizable discriminative capability and multiple instance learning paradigms through a unique sensor data representation. Our exhaustive evaluation demonstrates Siamese-MIL's real-time execution capability and high efficacy in different attack variations, sensors, and applications.

References

[1]

Osama Adel, Mostafa Soliman, and Walid Gomaa. 2021. Inertial Gait-based Person Authentication Using Siamese Networks. In 2021 International Joint Conference on Neural Networks (IJCNN). IEEE, 1--7.

[2]

Mohiuddin Ahmed and Al-Sakib Khan Pathan. 2020. False data injection attack (FDIA): an overview and new metrics for fair evaluation of its countermeasure. Complex Adaptive Systems Modeling 8, 1 (2020), 1--14.

[3]

Mohiuddin Ahmed and Abu SSM Barkat Ullah. 2017. False data injection attacks in healthcare. In Australasian Conference on Data Mining. Springer, 192--202.

[4]

Nazneen Akhter, Hanumant Gite, Gulam Rabbani, and Karbhari Kale. 2015. Heart rate variability for biometric authentication using time-domain features. In International Symposium on Security in Computing and Communication. Springer, 168--175.

[5]

Ala Alwan et al. 2011. Global status report on noncommunicable diseases 2010. World Health Organization.

[6]

Ferhat Attal, Samer Mohammed, Mariam Dedabrishvili, Faicel Chamroukhi, Latifa Oukhellou, and Yacine Amirat. 2015. Physical human activity recognition using wearable sensors. Sensors 15, 12 (2015), 31314--31338.

[7]

Jane Bromley, James W Bentz, Léon Bottou, Isabelle Guyon, Yann LeCun, Cliff Moore, Eduard Säckinger, and Roopak Shah. 1993. Signature verification using a "siamese" time delay neural network. International Journal of Pattern Recognition and Artificial Intelligence 7, 04 (1993), 669--688.

[8]

Andreas Bulling, Ulf Blanke, and Bernt Schiele. 2014. A tutorial on human activity recognition using body-worn inertial sensors. ACM Computing Surveys (CSUR) 46, 3 (2014), 1--33.

Digital Library

[9]

Gavin C Cawley and Nicola LC Talbot. 2010. On over-fitting in model selection and subsequent selection bias in performance evaluation. The Journal of Machine Learning Research 11 (2010), 2079--2107.

Digital Library

[10]

Romain Cayre, Florent Galtier, Guillaume Auriol, Vincent Nicomette, Mohamed Kaâniche, and Géraldine Marconato. 2021. InjectaBLE: Injecting malicious traffic into established Bluetooth Low Energy connections. In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[11]

Mario Parreño Centeno, Yu Guan, and Aad van Moorsel. 2018. Mobile based continuous authentication using deep features. In Proceedings of the 2nd International Workshop on Embedded and Mobile Deep Learning. 19--24.

Digital Library

[12]

Mohit Dua, Chhavi Jain, and Sushil Kumar. 2021. LSTM and CNN based ensemble approach for spoof detection task in automatic speaker verification systems. Journal of Ambient Intelligence and Humanized Computing (2021), 1--16.

[13]

Pablo Fernandez-Lopez, Judith Liu-Jimenez, Kiyoshi Kiyokawa, Yang Wu, and Raul Sanchez-Reillo. 2019. Recurrent neural network for inertial gait user recognition in smartphones. Sensors 19, 18 (2019), 4054.

[14]

Pablo Fernandez-Lopez, Judith Liu-Jimenez, Carlos Sanchez-Redondo, and Raul Sanchez-Reillo. 2016. Gait recognition using smartphone. In 2016 IEEE International Carnahan Conference on Security Technology (ICCST). IEEE, 1--7.

[15]

Victor Garcia and Joan Bruna. 2017. Few-shot learning with graph neural networks. arXiv preprint arXiv:1711.04043 (2017).

[16]

Thanassis Giannetsos and Tassos Dimitriou. 2013. Spy-sense: Spyware tool for executing stealthy exploits against sensor networks. In Proceedings of the 2nd ACM workshop on Hot topics on wireless network security and privacy. 7--12.

Digital Library

[17]

Lorena Gonzalez-Manzano, Upal Mahbub, Jose M de Fuentes, and Rama Chellappa. 2020. Impact of injection attacks on sensor-based continuous authentication for smartphones. Computer Communications 163 (2020), 150--161.

[18]

Rohit Goyal, Nicola Dragoni, and Angelo Spognardi. 2016. Mind the tracker you wear: a security analysis of wearable health trackers. In Proceedings of the 31st Annual ACM Symposium on Applied Computing. 131--136.

Digital Library

[19]

Alejandro S Guinea, Andrey Boytsov, Ludovic Mouline, and Yves Le Traon. 2018. Continuous identification in smart environments using wrist-worn inertial sensors. In Proceedings of the 15th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services. 87--96.

Digital Library

[20]

Md Hasan, Rafia Nishat Toma, Abdullah-Al Nahid, MManjurul Islam, Jong-Myon Kim, et al. 2019. Electricity theft detection in smart grid systems: A CNN-LSTM based approach. Energies 12, 17 (2019), 3310.

[21]

Mohammed Mehedi Hassan, Md Zia Uddin, Amr Mohamed, and Ahmad Almogren. 2018. A robust human activity recognition system using smartphone sensors and deep learning. Future Generation Computer Systems 81 (2018), 307--313.

Digital Library

[22]

Anil K Jain, Arun Ross, and Sharath Pankanti. 2006. Biometrics: a tool for information security. IEEE transactions on information forensics and security 1, 2 (2006), 125--143.

[23]

Borko D Jovanovic and Paul S Levy. 1997. A look at the rule of three. The American Statistician 51, 2 (1997), 137--139.

[24]

Mingu Kang, Siho Shin, Jaehyo Jung, and Youn Tae Kim. 2021. Classification of Mental Stress Using CNN-LSTM Algorithms with Electrocardiogram Signals. Journal of Healthcare Engineering 2021 (2021).

[25]

Clemens Kirschbaum, Karl-Martin Pirke, and Dirk H Hellhammer. 1993. The 'Trier Social Stress Test'-a tool for investigating psychobiological stress responses in a laboratory setting. Neuropsychobiology 28, 1-2 (1993), 76--81.

[26]

Cheng-I Lai, Alberto Abad, Korin Richmond, Junichi Yamagishi, Najim Dehak, and Simon King. 2019. Attentive filtering networks for audio replay attack detection. In ICASSP 2019-2019 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP). IEEE, 6316--6320.

[27]

Yao Liu, Peng Ning, and Michael K Reiter. 2011. False data injection attacks against state estimation in electric power grids. ACM Transactions on Information and System Security (TISSEC) 14, 1 (2011), 1--33.

Digital Library

[28]

Upal Mahbub, Jukka Komulainen, Denzil Ferreira, and Rama Chellappa. 2019. Continuous authentication of smartphones based on application usage. IEEE Transactions on Biometrics, Behavior, and Identity Science 1, 3 (2019), 165--180.

[29]

Anindya Maiti, Ryan Heard, Mohd Sabra, and Murtuza Jadliwala. 2018. Towards inferring mechanical lock combinations using wrist-wearables as a side-channel. In Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks. 111--122.

Digital Library

[30]

Anindya Maiti, Murtuza Jadliwala, Jibo He, and Igor Bilogrevic. 2018. Side-channel inference attacks on mobile keypads using smartwatches. IEEE Transactions on Mobile Computing 17, 9 (2018), 2180--2194.

Digital Library

[31]

Cameron McCarthy, Nikhilesh Pradhan, Calum Redpath, and Andy Adler. 2016. Validation of the Empatica E4 wristband. In 2016 IEEE EMBS international student conference (ISC). IEEE, 1--4.

[32]

Gautam Raj Mode, Prasad Calyam, and Khaza Anuarul Hoque. 2020. Impact of false data injection attacks on deep learning enabled predictive analytics. In NOMS 2020-2020 IEEE/IFIP Network Operations and Management Symposium. IEEE, 1--7.

Digital Library

[33]

Manar Mohamed, Babins Shrestha, and Nitesh Saxena. 2016. Smashed: Sniffing and manipulating android sensor data for offensive purposes. IEEE Transactions on Information Forensics and Security 12, 4 (2016), 901--913.

[34]

NJ Morrish, S-L Wang, LK Stevens, JH Fuller, and H Keen. 2001. Mortality and causes of death in the WHO Multinational Study of Vascular Disease in Diabetes. Diabetologia 44, 2 (2001), S14-S21.

[35]

Arsalan Mosenia, Susmita Sur-Kolay, Anand Raghunathan, and Niraj K. Jha. 2017. CABA: Continuous Authentication Based on BioAura. IEEE Trans. Comput. 66, 5 (2017), 759--772. https://doi.org/10.1109/TC.2016.2622262

Digital Library

[36]

Vahram Mouradian, Armen Poghosyan, and Levon Hovhannisyan. 2014. Continuous wearable health monitoring using novel PPG optical sensor and device. In 2014 IEEE 10th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob). IEEE, 120--123.

[37]

Abdulmajid Murad and Jae-Young Pyun. 2017. Deep recurrent neural networks for human activity recognition. Sensors 17, 11 (2017), 2556.

[38]

Pratik Musale, Duin Baek, Nuwan Werellagama, Simon S Woo, and Bong Jun Choi. 2019. You walk, we authenticate: lightweight seamless authentication based on gait in wearable IoT systems. IEEE Access 7 (2019), 37883--37895.

[39]

Tempestt Neal and Damon Woodard. 2019. Mobile Biometrics, Replay Attacks, and Behavior Profiling: An Empirical Analysis of Impostor Detection. In 2019 International Conference on Biometrics (ICB). IEEE, 1--8.

[40]

Maryem Neyja, Shahid Mumtaz, Kazi Mohammed Saidul Huq, Sherif Adeshina Busari, Jonathan Rodriguez, and Zhenyu Zhou. 2017. An IoT-based e-health monitoring system using ECG signal. In GLOBECOM 2017-2017 IEEE Global Communications Conference. IEEE, 1--6.

Digital Library

[41]

Keyurkumar Patel, Hu Han, Anil K Jain, and Greg Ott. 2015. Live face video vs. spoof face video: Use of moiré patterns to detect replay video attacks. In 2015 International Conference on Biometrics (ICB). IEEE, 98--105.

[42]

Amith K. Belman; Li Wang; Sundaraja S. Iyengar; Pawel Sniatala; Robert Wright; Robert Dora; Jacob Baldwin; Zhanpeng Jin; Vir V. Phoha. 2019. SU-AIS BB-MAS (Syracuse University and Assured Information Security - Behavioral Biometrics Multi-device and multi-Activity data from Same users) Dataset. https://doi.org/10.21227/rpaz-0h66

[43]

Hongyi Pu, Liang He, Chengcheng Zhao, David KY Yau, Peng Cheng, and Jiming Chen. 2020. Detecting replay attacks against industrial robots via power fingerprinting. In Proceedings of the 18th Conference on Embedded Networked Sensor Systems. 285--297.

Digital Library

[44]

Mahmudur Rahman, Bogdan Carbunar, and Umut Topkara. 2014. SensCrypt: A secure protocol for managing low power fitness trackers. In 2014 IEEE 22nd International Conference on Network Protocols. IEEE, 191--196.

Digital Library

[45]

Mahmudur Rahman, Bogdan Carbunar, and Umut Topkara. 2015. Secure management of low power fitness trackers. IEEE Transactions on Mobile Computing 15, 2 (2015), 447--459.

Digital Library

[46]

Mohammad Naim Rastgoo, Bahareh Nakisa, Frederic Maire, Andry Rakotonirainy, and Vinod Chandran. 2019. Automatic driver stress level classification using multimodal deep learning. Expert Systems with Applications 138 (2019), 112793.

[47]

Gangireddy Narendra Kumar Reddy, M Sabarimalai Manikandan, and NVL Narasimha Murty. 2020. On-device integrated ppg quality assessment and sensor disconnection/saturation detection system for IoT health monitoring. IEEE Transactions on Instrumentation and Measurement 69, 9 (2020), 6351--6361.

[48]

Gojka Roglic, Nigel Unwin, Peter H Bennett, Colin Mathers, Jaakko Tuomilehto, Satyajit Nag, Vincent Connolly, and Hilary King. 2005. The burden of mortality attributable to diabetes: realistic estimates for the year 2000. Diabetes care 28, 9 (2005), 2130--2135.

[49]

Mike Ryan. 2013. Bluetooth: With low energy comes low security. In 7th {USENIX} Workshop on Offensive Technologies ( {WOOT} 13).

[50]

Prasan Kumar Sahoo, Hiren Kumar Thakkar, Wen-Yen Lin, Po-Cheng Chang, and Ming-Yih Lee. 2018. On the design of an efficient cardiac health monitoring system through combined analysis of ecg and scg signals. Sensors 18, 2 (2018), 379.

[51]

Virginia Sandulescu, Sally Andrews, David Ellis, Nicola Bellotto, and Oscar Martinez Mozos. 2015. Stress detection using wearable physiological sensors. In International work-conference on the interplay between natural and artificial computation. Springer, 526--532.

[52]

A. Sarkar, A. L. Abbott, and Z. Doerzaph. 2016. Biometric authentication using photoplethysmography signals. In 2016 IEEE 8th International Conference on Biometrics Theory, Applications and Systems (BTAS). 1--7. https://doi.org/10.1109/BTAS.2016.7791193

Digital Library

[53]

Philip Schmidt, Attila Reiss, Robert Duerichen, Claus Marberger, and Kristof Van Laerhoven. 2018. Introducing wesad, a multimodal dataset for wearable stress and affect detection. In Proceedings of the 20th ACM International Conference on Multimodal Interaction. 400--408.

Digital Library

[54]

Jiacheng Shang and Jie Wu. 2019. A usable authentication system using wrist-worn photoplethysmography sensors on smartwatches. In 2019 IEEE Conference on Communications and Network Security (CNS). IEEE, 1--9.

[55]

Pekka Siirtola, Ella Peltonen, Heli Koskimäki, Henna Mönttinen, Juha Röning, and Susanna Pirttikangas. 2019. Wrist-worn Wearable Sensors to Understand Insides of the Human Body: Data Quality and Quantity. In The 5th ACM Workshop on Wearable Systems and Applications. 17--21.

Digital Library

[56]

Amit Kumar Sikder, Hidayet Aksu, and A Selcuk Uluagac. 2017. 6thsense: A context-aware sensor-based attack detector for smart devices. In 26th {USENIX} Security Symposium ({USENIX} Security 17). 397--414.

[57]

Amit Kumar Sikder, Giuseppe Petracca, Hidayet Aksu, Trent Jaeger, and A Selcuk Uluagac. 2018. A survey on sensor-based threats to internet-of-things (iot) devices and applications. arXiv preprint arXiv:1802.02041 (2018).

[58]

Jesús Solano, Christian Lopez, Esteban Rivera, Alejandra Castelblanco, Lizzy Tengana, and Martin Ochoa. 2020. SCRAP: Synthetically Composed Replay Attacks vs. Adversarial Machine Learning Attacks against Mouse-based Biometric Authentication. In Proceedings of the 13th ACM Workshop on Artificial Intelligence and Security. 37--47.

Digital Library

[59]

Steven Taylor and Dana S Thordarson. 2002. Behavioural treatment of post-traumatic stress disorder associated with recovered memories. Cognitive Behaviour Therapy 31, 1 (2002), 8--17.

[60]

Timothy Trippel, Ofir Weisse, Wenyuan Xu, Peter Honeyman, and Kevin Fu. 2017. WALNUT: Waging doubt on the integrity of MEMS accelerometers with acoustic injection attacks. In 2017 IEEE European symposium on security and privacy (EuroS&P). IEEE, 3--18.

[61]

Chen Wang, Xiaonan Guo, Yan Wang, Yingying Chen, and Bo Liu. 2016. Friend or foe? Your wearable devices reveal your personal pin. In Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security. 189--200.

Digital Library

[62]

Jiliang Wang, Feng Hu, Ye Zhou, Yunhao Liu, Hanyi Zhang, and Zhe Liu. 2020. BlueDoor: breaking the secure information flow via BLE vulnerability. In Proceedings of the 18th International Conference on Mobile Systems, Applications, and Services. 286--298.

Digital Library

[63]

L Wang, L Li, X Zhou, S Pandya, and O Baser. 2016. A real-world evaluation of the clinical and economic burden of united states veteran patients with post-traumatic stress disorder. Value in Health 19, 7 (2016), A524.

[64]

G. M. Weiss, K. Yoneda, and T. Hayajneh. 2019. Smartphone and Smartwatch-Based Biometrics Using Activities of Daily Living. IEEE Access 7 (2019), 133190--133202.

[65]

Shuochao Yao, Shaohan Hu, Yiran Zhao, Aston Zhang, and Tarek Abdelzaher. 2017. Deepsense: A unified deep learning framework for time-series mobile sensing data processing. In Proceedings of the 26th International Conference on World Wide Web. 351--360.

Digital Library

[66]

Ahmed Zekry, Ahmed Sayed, Mohamed Moussa, and Mohamed Elhabiby. 2021. Anomaly Detection using IoT Sensor-Assisted ConvLSTM Models for Connected Vehicles. In 2021 IEEE 93rd Vehicular Technology Conference (VTC2021-Spring). IEEE, 1--6.

[67]

Bo Zhao, Xinwei Sun, Yanwei Fu, Yuan Yao, and Yizhou Wang. 2018. Msplit lbi: Realizing feature selection and dense estimation simultaneously in few-shot and zero-shot learning. In International conference on machine learning. PMLR, 5912--5921.

[68]

Wei Zheng, Le Yang, Robert J Genco, Jean Wactawski-Wende, Michael Buck, and Yijun Sun. 2019. SENSE: Siamese neural network for sequence embedding and alignment-free comparison. Bioinformatics 35, 11 (2019), 1820--1828.

Cited By

Salehzadeh Niksirat KVelykoivanenko LZufferey NCherubini MHuguenin KHumbert M(2024)Wearable Activity Trackers: A Survey on Utility, Privacy, and SecurityACM Computing Surveys10.1145/364509156:7(1-40)Online publication date: 9-Apr-2024
https://dl.acm.org/doi/10.1145/3645091
Chen FXin JPhoha V(2024)SSPRA: A Robust Approach to Continuous Authentication Amidst Real-World Adversarial ChallengesIEEE Transactions on Biometrics, Behavior, and Identity Science10.1109/TBIOM.2024.33695906:2(245-260)Online publication date: Apr-2024
https://doi.org/10.1109/TBIOM.2024.3369590
Vasile DKawsar FMin C(2024)Emerging Paradigms in Wearable Security: Adaptable and Secure Sandboxing for On-the-Fly Collaboration Among WearablesIEEE Security and Privacy10.1109/MSEC.2024.344019822:6(30-39)Online publication date: 1-Nov-2024
https://dl.acm.org/doi/10.1109/MSEC.2024.3440198

Index Terms

Combating False Data Injection Attacks on Human-Centric Sensing Applications
1. Human-centered computing
  1. Ubiquitous and mobile computing
    1. Ubiquitous and mobile computing design and evaluation methods
2. Security and privacy
  1. Intrusion/anomaly detection and malware mitigation
    1. Intrusion detection systems

Recommendations

On Hiddenness of Moving Target Defense against False Data Injection Attacks on Power Grid
Special Issue on User-Centric Security and Safety for CPS

Recent studies have exploited moving target defense (MTD) for thwarting false data injection (FDI) attacks against the state estimation (SE) by actively perturbing branch parameters (i.e., impedance or admittance) in power grids. To hide the activation ...
Distributed filtering under false data injection attacks
Abstract
We consider the problem of network security for distributed filtering under false data injection attacks over a wireless sensor network. To resist the hostile attacks from a malicious attacker who can inject false data into ...
POSTER: Defense against False Data Injection Attack in a Cyber-Physical System
ASIA CCS '24: Proceedings of the 19th ACM Asia Conference on Computer and Communications Security

Cyber-physical systems (CPSs) are closed-loop feedback systems that efficiently control the physical processes through cyber-systems. Security threats like false data injection (FDI) attacks are increasing in CPSs. FDI attacks disrupt the system's ...

Comments

comments powered by Disqus.

Information & Contributors

Information

Published In

Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies Volume 6, Issue 2

June 2022

1551 pages

EISSN:2474-9567

DOI:10.1145/3547347

Issue’s Table of Contents

Copyright © 2022 Owner/Author.

This work is licensed under a Creative Commons Attribution-NonCommercial International 4.0 License.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 July 2022

Published in IMWUT Volume 6, Issue 2

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

National Science Foundation

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
750
Total Downloads

Downloads (Last 12 months)202
Downloads (Last 6 weeks)31

Reflects downloads up to 20 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Salehzadeh Niksirat KVelykoivanenko LZufferey NCherubini MHuguenin KHumbert M(2024)Wearable Activity Trackers: A Survey on Utility, Privacy, and SecurityACM Computing Surveys10.1145/364509156:7(1-40)Online publication date: 9-Apr-2024
https://dl.acm.org/doi/10.1145/3645091
Chen FXin JPhoha V(2024)SSPRA: A Robust Approach to Continuous Authentication Amidst Real-World Adversarial ChallengesIEEE Transactions on Biometrics, Behavior, and Identity Science10.1109/TBIOM.2024.33695906:2(245-260)Online publication date: Apr-2024
https://doi.org/10.1109/TBIOM.2024.3369590
Vasile DKawsar FMin C(2024)Emerging Paradigms in Wearable Security: Adaptable and Secure Sandboxing for On-the-Fly Collaboration Among WearablesIEEE Security and Privacy10.1109/MSEC.2024.344019822:6(30-39)Online publication date: 1-Nov-2024
https://dl.acm.org/doi/10.1109/MSEC.2024.3440198

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Figures

Tables

Media

View Issue’s Table of Contents

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Alternative Proxies:

Alternative Proxy