My thesis, "Usable security for wireless body-area networks," investigates the security of a wireless network of pervasive wearable devices. As wearable devices become more ubiquitous in our lives, manufacturers will realize the value of interoperability. This, in turn, will pose many security problems. I am motivated by the use of these devices in mobile health scenarios where these wearable devices might help individuals diagnose (e.g., fitness or activity tracking), prevent (e.g., monitoring chronic health conditions like diabetes), and even treat (e.g, administering insulin based on blood glucose levels) their health conditions.
In my thesis, I identified three such security problems and investigated solutions to them. First, I examined mechanisms for recognizing who is wearing these devices. Second, I developed a method for verifying whether two of these devices are on the same body. Finally, I explored methods for cryptographically pairing these devices as a means to bootstrap secure and private communications between them. As an added caveat to these problems, I specifically designed these solutions so that the user should not have to do anything but attach the sensor to their body and have them just work.
Over the course of my research, I have applied many types of machine learning and signal processing algorithms to these problems, including: speaker recognition systems, bioimpedance as a biometrics, activity recognition algorithms, privacy-preserving cryptographic protocols, and other problems.
Most recently, I have an interest in adversarial machine learning. Our attack, ShapeShifter, demonstrates a state-of-the-art physical attack on object detectors. I also found the first collision in Apple's Neural Perceptual Hash model (Register, TechCrunch, The Verge).