Developing a platform to evaluate and assess the security of wearable devices
作者机构:Department of Cybersecurity School of Interdisciplinary Informatics University of Nebraska at Omaha Omaha NE 68135 USA Tandy School of Computer Science University of Tulsa Tulsa OK 74104 USA
出 版 物:《Digital Communications and Networks》 (数字通信与网络(英文版))
年 卷 期:2019年第5卷第3期
页 面:147-159页
核心收录:
学科分类:0809[工学-电子科学与技术(可授工学、理学学位)] 08[工学]
基 金:Nebraska Research Initiative
主 题:Bluetooth LE Internet of things Man-in-the-middle attacks Security Vulnerability discovery Wearables
摘 要:Operating in a body area network around a smartphone user, wearables serve a variety of commercial, medical and personal uses. Depending on a certain smartphone application, a wearable can capture sensitive data about the user and provide critical, possibly life-or-death, functionality. When using wearables, security problems might occur on hardware/software of wearables, connected phone apps or web services devices, or Bluetooth channels used for communication. This paper develops an open source platform called SecuWear for identifying vulnerabilities in these areas and facilitating wearable security research to mitigate them. SecuWear supports the creation, evaluation, and analysis of security vulnerability tests on actual hardwares. Extending earlier results, this paper includes an empirical evaluation that demonstrates proof of concept attacks on commercial wearable devices and shows how SecuWear captures the information necessary for identifying such attacks. Also included is a process for releasing attack and mitigation information to the security community.
维普期刊数据库