Wireless body area network (BAN) is a promising technology for real-time monitoring of physiological signals to support medical applications. In order to ensure the trustworthy and reliable gathering of patient's critical health information, it is essential to provide node authentication service in a BAN, which prevents an attacker from impersonation and false data/command injection. Although quite fundamental, the authentication in BAN still remains a challenging issue. On one hand, traditional authentication solutions depend on prior trust among nodes whose establishment would require either key pre-distribution or non-intuitive
participation by inexperienced users, while they are vulnerable to key compromise. On the other hand, most existing non-cryptographic authentication schemes require advanced hardware capabilities or significant modifications to the system software, which are impractical for BANs.
In this project we proposed a lightweight body area network authentication scheme (BANA) that does not depend on prior-trust among the nodes and can be efficiently realized on commercial off-the-shelf low-end sensor devices. This is achieved by exploiting physical layer characteristics unique to a BAN, namely, the distinct received signal strength (RSS) variation behaviors between an on-body communication channel and an off-body channel. Our main finding is that the latter is more unpredictable over time, especially under various body motion scenarios. This unique channel characteristic naturally arises from the multi-path environment surrounding a BAN, and cannot be
easily forged by attackers. We then adopt clustering analysis to differentiate the signals from an attacker and a legitimate node.
- Jiawei Yuan and Shucheng Yu, "Privacy Preserving Back-Propagation Neural Network Learning Made Practical with Cloud Computing", Accepted, IEEE Transactions on Parallel and DistributedSystems (TPDS).
- Lu Shi, Ming Li, Shucheng Yu, and Jiawei Yuan, "BANA: Body Area Network Authentication Exploiting Channel Characteristics", ACM WiSec 2012, Tucson, Arizona, April 16-18, 2012.
- Ming Li, Shucheng Yu, Ning Cao, and Wenjing Lou, "Authorized Private Keyword Search over Encrypted Personal Health Records in Cloud Computing", IEEE ICDCS 2011, Minnesapolis, MN, June 20-24 2011.
- Ming Li, Shucheng Yu, Kui Ren, and Wenjing Lou, "Securing Personaly Health Records in Cloud Computing: Patient-centric and Fine-grained Data Access Control in Multi-owner Settings", The 6th International Conference on Security and Privacy in Communication Networks (SecureComm 2010), Singapore, September 7-10, 2010.
- Shucheng Yu, Cong Wang, Kui Ren, and Wenjing Lou, "Attribute Based Data Sharing with Attribute Revocation", ACM ASIACCS 2010, Beijing, China, April 13-16, 2010.
- Shucheng Yu, Cong Wang, Kui Ren, and Wenjing Lou, "Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing", IEEE INFOCOM 2010, San Diego, CA, March 15-19, 2010.
- Shucheng Yu, Kui Ren, Wenjing Lou, and Jin Li, "Defending Against Key Abuse Attacks in KP-ABE Enabled Broadcast Systems", The 5th International Conference on Security and Privacy in Communication Networks (SecureComm 2009), Athens, Greece, September 14-18, 2009.
- Shucheng Yu, Kui Ren, and Wenjing Lou, "Attribute-Based Content Distribution with Hidden Policy", The 4th Workshop on Secure Network Protocols (NPSec 2008), Orlando, FL, USA, October 19, 2008, in conjunction with ICNP 2008.