Your browser does not support JavaScript!

Doctoral theses

Search command : Author="Παπαγιαννάκης"  And Author="Γεώργιος"

Current Record: 6 of 114

Back to Results Previous page
Next page
Add to Basket
[Add to Basket]
Identifier 000456491
Title Mitigation of cyber attacks in wearable devices
Author Kazlouski, Andrei M.
Thesis advisor Μαρκάτος, Ευάγγελος
Reviewer Ferrari, Elena
Carminati, Barbara
Τζίτζικας, Γιάννης
Φραγκοπούλου, Παρασκευή
Μαγκούτης, Κώστας
Φατούρου, Παναγιώτα
Abstract The consumer wearable market has been growing relentlessly since 2013, reaching unprecedented sales numbers during the first two years of the COVID-19 pandemic. At present, hundreds of millions (potentially billions) of users worldwide use such devices to monitor their private lives twenty-four hours a day and seven days a week. However, the lightning spread of wearable device and commercial fitness trackers, in particular, has not been complemented by the adequate security and privacy protection of their ever-growing userbase. In this dissertation, we investigate if average consumers of commercial wearable devices are at risk. More specifically, whether conventional usage of fitness trackers by regular people may lead to a significant loss of privacy. In particular, we explore 2 aspects of consumer wearables: the devices with the associated ecosystem, and the data they produce. We demonstrate that private information on users of prominent consumer fitness trackers may be inferred, when the devices transmit the collected data to the permanent storage of their manufacturer. An adversary may obtain insights on how often users exercise and measure their heart rate, whether they have trouble sleeping, or if they are overweight. We proceed to study the third-party companies that are contacted by wearable devices as part of their functioning. We show that significant and sometimes deeply personal data may be transferred to these “unwanted” third parties without explicit consent from users. We further establish that sharing data generated by wearable “as is” may lead to significant privacy exposure and even full re-identification of users. By possessing very limited amounts of wearable data, a competent adversary may learn insights on person’s gender, weight, height, and even reconstruct a “wearable fingerprint” – a unique pattern of daily routine. To combat the above threats, we suggest a methodology for blocking unwanted connections of wearables, severely limiting the possibilities for privacy leaks. We further present comprehensive guidelines for privacy-preserving release of wearable data by both regular users and data controllers, who aggregate such information into datasets. We emphasize that all proposed defense mechanisms can be easily employed by regular users with limited technical expertise and do not require any additional equipment.
Language English
Subject Privacy
Security
Issue date 2023-07-21
Collection   School/Department--School of Sciences and Engineering--Department of Computer Science--Doctoral theses
  Type of Work--Doctoral theses
Permanent Link https://elocus.lib.uoc.gr//dlib/6/a/3/metadata-dlib-1687335710-595237-13093.tkl Bookmark and Share
Views 808

Digital Documents
No preview available

Download document
View document
Views : 4