real-time-electrocardiogram streams for continious … · 2018. 12. 17. · electrocardiogram (ecg...
TRANSCRIPT
-
#CyberCamp18
Real-time Electrocardiogram Streams
for Continuous Authentication
Pedro Peris-Lopez ([email protected])
Carlos III University of Madrid
-
#CyberCamp18
MOTIVATION
-
#CyberCamp18
Implantable Medical Devices (IMDs)
An IMD is an electronic device implanted within the human
body to:
Treat a medical condition
e.g., pacemaker or neurostimulator
Monitor the state or improve the functioning of some body
part
Provide the patient a capability that he did not possesses
before
-
#CyberCamp18FDA -- Cybersecurity
Source: FDA - U.S. Department of Health and Human Services
-
#CyberCamp18
IMPLANTABLE MEDICAL DEVICES
-
#CyberCamp18
IMDS
-
#CyberCamp18
Pacemaker
IMDS
Neurostimulator
Insulin Pump
-
#CyberCamp18
New generation of IMDsWireless connectivity:
Constantly monitor the patient’s physiological
parameters
Enhanced supervision and management of the IMD
operation
Reduction in the overall costs
Intra Body Networks (IBN): computation and
analysis tasks could be shared among different
networked devices
-
#CyberCamp18Security Analysis
Are threats to IMDs a real concern? YES!
IMDs like pacemakers can be hacked!
• Disclose of private information
• Update the therapy
• Re-progam the device
• Drain the battery of IMD
• …
-
#CyberCamp18
Disclose of private information
-
#CyberCamp18
Re-progam the device
-
#CyberCamp18
Drain the battery of IMD
Are you awake?Are you awake?
Are you awake?
-
#CyberCamp18
Tensions and trade-offs
IMD SECURITY VS PATIENT SAFETY
IMD CAPABILITIES VS BATTERY LIFE
-
#CyberCamp18
LIMITATIONS
• Energy
• Integrated battery (5-10 years)
• Replacement: surgical procedure
• Memory
• Historical data from different events and episodes
• Small RAM
• Computing and communication
• Extremely limited in IMD
-
#CyberCamp18
Adversary
Model
-
#CyberCamp18
Protection
Mechanisms
-
#CyberCamp18
BIOMETRICS
ELECTROCARDIOGRAM (ECG or EKG)
-
#CyberCamp18AUTHENTICATION
Authentication is the process of determining whether someone or
something is, in fact, who or what it declares itself to be
Something you know
(such as a password)
Something you have
(such as a smart card)
Something you are
(such as a fingerprint or other
biometric method)
-
#CyberCamp18
Biometrics
• Universal (every person should have that characteristic)
• Unique (no two people should be exactly the same in terms
of that characteristic)
• Permanent (invariant with time)
• Collectable (can be measured quantitatively)
• Reliable (must be safe and operate at a satisfactory
performance level)
• Acceptable (non-invasive and socially tolerable)
-
#CyberCamp18
ECG SIGNAL
The action potentials
generated by the different
cells in the myocardium
sum up to generate the
ECG waveform
-
#CyberCamp18
ECG AUTHENTICATION
HUMAN IDENTIFICATION USING COMPRESSED SIGNALS
-
#CyberCamp18
Domains in Biomedical Signal
Time Domain
-
#CyberCamp18
Domains in Biomedical Signal
Frequency Domain
• Fourier Transform
• Wavelet Transform
• Walsh-Hadamard Transform
• …
-
#CyberCamp18
Walsh Hadamard Transform (WHT)
𝑋 = 𝐻𝑥
Computational more efficient than
other transforms Compressed version of the signal
-
#CyberCamp18
ECG Biometrics
-
#CyberCamp18ECG Biometrics
DC component is eliminated
Pass-band filter [0.67 - 45] Hz
Windowing (2 secs. – 256 samples)
X= Hx24-lower sequencing coefficients
Entropy values
-
#CyberCamp18ECG Biometrics
K-NN (non-parametric lazy learning algorithms)
• No assumptions about data distribution
• Minimal training
Experimentation:
K=1 ({3,5,9})
10-fold cross-validation
-
#CyberCamp18
Evaluation - Dataset
MIT-BIH Normal Sinus Rhythm Database
• Long-term ECG recordings
• No significant arrhythmias
• Sampling frequency 128 Hz
• 18-subjets
• Aged 26 to 50
-
#CyberCamp18
ECG Biometrics
Results
Euclidean distance (dE) and Manhattan distance (dM)
-
#CyberCamp18
CONTINOUS AUTHENTICATION
REAL-TIME ECG STREAMS
-
#CyberCamp18
CONTINOUS
AUTHENTICATION
(CA)
• Non-Continuous Authentication (NCA):
• The user is authenticated once at time T
• E.g., s/he is logged in a system
• Continuous Authentication (CA):
• The user is authenticated every period of time Ti• Ensuring the continued presence of the user
-
#CyberCamp18
Datamining vs data stream mining
• Data mining refers to the set of technologies to handle larger datasets to find
patterns, trends or rules and explain data behaviour
• It does not consider the continuous supply of data (training would have to
be repeated)
• Data stream mining: new paradigm to address the continuous data problem
• Uniqueness: process an example at a time, and inspect it only once
• Limited resources (memory and work)
• Immediacy: be ready to predict at any time
-
#CyberCamp18
DSM System
-
#CyberCamp18
DC component is eliminated
Pass-band filter [0.67 - 45] Hz
Windowing (2 secs. – 256 samples)
X= Hx (Hadamard)256-sequencing coefficients
Pearson’s linear correlation
-
#CyberCamp18
Two approaches: Buffered and Unbuffered
-
#CyberCamp18
Learner
• K-NN
high performance and simplicity
• Sliding window strategy (limited memory)
-
#CyberCamp18
DSM Approach
1. Each sample has a fixed number of attributes
less than several hundreds
2. The number of classes is limited and small
3. The learner has a small memory
the size of the training dataset is larger than the available memory
4. The speed rate of processing each sample is moderate
-
#CyberCamp18
Continuous Authentication (CA)
Results
t = 2 seconds | w = 2 seconds t=90 seconds | w = 2 seconds
-
#CyberCamp18
Continuous Authentication (CA)
Buffered approach
-
#CyberCamp18
Multi-Modal Biometrics
-
#CyberCamp18
Biometric Signals: Acquisition
• Electrocardiogram (ECG)
• Photoplethysmogram (PPG)
• Accelerometer (ACC),
• Galvanic skin response (GSR)
-
#CyberCamp18
Biometric System
-
#CyberCamp18
Discrete Fourier (F) and Walsh-Hadamard (H)
-
#CyberCamp18
One-class classifier (Gaussian model)
-
#CyberCamp18
Scenarios
Siting
Siting (after a walk)
Walking
-
#CyberCamp18
Results:
Scenario-2
-
#CyberCamp18
Best average metrics
-
#CyberCamp18
Conclusions
-
#CyberCamp18Conclusions
# New generations of IMDs are already on the market
# Importance of security issues (no fiction!)
# Special requirements for this kind of devices
# Biosignals are captured by IMDs (and other smart devices)
# Novel and efficient approaches are needed
# Data mining, data stream mining and even deep learningtechniques can help to design new solutions
# Multimodal approaches should be explored in depth
IMDs
Biometrics
-
#CyberCamp18
MOTIVATIONIMPLANTABLE MEDICAL DEVICESBIOMETRICS ELECTROCARDIOGRAM (ECG or EKG)ECG AUTHENTICATION HUMAN IDENTIFICATION USING COMPRESSED SIGNALSCONTINOUS AUTHENTICATIONREAL-TIME ECG STREAMSMulti-Modal BiometricsConclusions