University of Alabama scientists working on sensor packed smartphones which will guard your smartphone against hacking
Smartphones are already advanced, however few computer scientists from the University of Alabama at Birmingham have now come up with newer ideas of making the smartphones even more smarter.
Some of the scientific devices like accelerometer, GPS chips, gyroscopes and other environment aware devices when added in the smartphone can read the user’s mood, guard their data and hence help user to stay alert from the hackers and other crooks. How can this be done, Science Daily looks at how sensor technology can make your smartphone a super competent companion.
There are in all seven innovative ideas to sum it up which might probably give birth to “Next Gen Sensor smartphones”.
- Watching your back: Ragib Hasan, Ph.D., an assistant professor in the UAB College of Arts and Sciences Department of Computer and Information Sciences and director of SECRET Lab, is developing a software in such a way so as to convert the phone into a digital detector. The software uses information from camera, accelerometer, microphone gauge a user’s attentiveness and respond appropriately. Base of this software is a recent study by Munirul Haque, , Ph.D., who recently completed a postdoctoral fellowship in Hasan’s lab, and collaborators at Marquette University. His research found that the smartphone can be good sensors of mood by using camera and accelerometer. Images from camera helped to determine the facial expressions and accelerometer data helped in determining the energy expenditure. It was found that when a person is anxious they tend to walk, if a person is inactive then mostly it is a sign of depression. The study revealed six different states: anger, disgust, fear, happiness, sadness and surprise. How this study is related to Hasan’s data? Hasan’s software uses these expression and judges if the user is alert; if not then it does not allow the person to do financial transaction eg if user is drunk it will not allow these important transactions and it will remind the user for these transactions later when user is alert. Similarly if user is driving it will allow only important alerts others will be silenced for the time being
- Learning your style: Nitesh Saxena, Ph.D., an associate professor in the CIS department and director of the SPIES lab, is developing a software based on “Behavioral trait” of the user. Saxena is a specialist in the “behavioral biometrics” security research, hence his software reads the peculiar body language of user while talking on phone or clicking selfies by collecting sufficient data from accelerometer, gyroscopes, proximity sensors. Once the software learns the user’s peculiar movement it will automatically be locked in case it goes in wrong hands. Saxena says “A system that taps into user interactions with multiple connected devices, such as Google Glass or the new Apple Watch, would be even more secure”.
- Replacing your password: Nitesh Saxena, Ph.D., associate professor in the Department of Computer and Information Science, is working in collaboration with the University of Helsinki and Aalto University in Finland on this project. “Zero Interaction Authentication Method” eliminates the use of password for log ins and by using this method user can access a PC, tablet or a car without interacting with it. The method makes use of wireless channels such as Bluetooth and the system detects user’s security token such as the smartphone and then depending on it, verifies and grants access to the user. However this method was vulnerable to relay attacks wherein criminals, one close to the user, the other near his or her computer, could relay or eavesdrop on the verification process and hack the system. Now Saxena’s team combined multiple sensors like GPS, audio, temperature and altitude and have come up with an Android-based app, called BlueProximity++, which uses these readings to instantly secure and unlock laptops and other devices as soon as the user’s phone gets within range. So now newer smart phones can use a combination of physical sensor like proximity detection combined with the temperature, altitude, humidity etc. to curb the relay attack.
- Tracing your steps — without sacrificing your privacy: Hasan’s team has developed a device known as WORAL ie Witness Oriented Asserted Location Provenance which alters the GPS readings. Cost of this is device is $10 and it relies on the WiFi routers and the encryption methods which helps user to validate their presence in a particular destination through the WORAL app and this check in is validated by other WORAL user who is also present in that location creating a collusion-resistant proof that the user actually was present at the designated location. GPS sensors are present in most of the smartphones and is useful for sales people and insurance agents however central tracking of employees is not possible in such cases WORAL helps to keep a track of the user. Also Hasan states:”WORAL could be used to track products through a supply chain”
- Protecting your payments: Most of the Android phones have a built in of NFC technology i.e Near-Field Communications, which is required to make the online payments like Apple Pay, Google Wallets etc. User just needs to touch their phone at the reader at retail store to get the NFC chip activated and do the payment. This NFC system is again vulnerable to “relay attack” i.e. hacker can hijack users credentials and pass it on to their team present at another location. E.g. User might use their phone to pay bill at some retail store and at the same time hacker might use their data to purchase some jewelry at some other location. As a counter measure Saxena’s team developed a system which will use signals from a combination of sensors, including lists of nearby WiFi hot spots and their signal strengths, and short audio snippets captured by the phone’s microphone. NFC reader will compare the data received and check if the payment request is from the same location as that of the reader, if its same then the payment will be done so indirectly this is a sort of authentication of the location and reader.
- Guarding your digits: Criminals use the heat sensing cameras to check which buttons were pressed by the customer immediately as they left the ATM. Hence Hasan’s team is working towards protecting ATM PIN attacks. User needs to snap a picture of the QR code which appears on the ATM screen and this would give a list of random numbers with spaces left in between to plug the actual PIN, for this the Bank has to incorporate a software developed by Hasan’s team which involves minimum cost. Now even if criminals get the actual PIN it will not help because the combination of random numbers will be unique everytime user uses the ATM.
- Sensing danger: Nitish Saxena’s team is working towards blocking the “Context Aware” attacks by incorporating gesture recognition codes on the RFID ie Radio Frequency IDentification (RFID) systems which is a vulnerable to unauthorized readings. All the different sensors in the smart phones could relay attack these RFID by reading the previously malicious code which triggers mass chaos and such a thing is hard to detect and also not easily preventable. RFID is generally found every where as a preventive measure against terrorism.
So researchers have may power future smartphones to be absolute pets as well as guards for your.
Resource : Science Daily.