"This project is another proof of NYIT's leadership in the area of cybersecurity. The scientific merit is in the authentication of smartphones through the collection of behavioral biometric information in a sustainable, energy-efficient manner. The research will also have numerous applications, especially in the design of medical devices and body sensor networks," said Nada Marie Anid, Ph.D., dean, NYIT School of Engineering and Computing Sciences.
Secure ways to verify the identity of smartphone users include behaviors and traits unique to the user, such as touchscreen interaction, hand movements, gait, voice, and phone location. However, these techniques can raise significant privacy and security concerns as such behaviors represent personal identifiable data and can expose information such as user activity, health, and location. And, because smartphones can easily be lost or stolen, all sensitive behavioral information collected and processed on them needs to be protected.
As such, the research project also will focus on novel techniques for securely offloading data related to active authentication from the smartphone to the cloud or other outsourcing party, further reducing the energy burden on the battery. According to Gasti, the ultimate goal of the proposed research is to make privacy-preserving active authentication practical on smartphones, from both energy and device performance perspectives. This research project is expected to pave the way for widespread adoption of active authentication technologies by making them secure and private, as well as energy efficient. Healthcare-oriented body sensor networks are currently smartphone-centered, so the research on active authentication performed in this project is expected to provide tangible benefits to the healthcare community. For example, current research prototypes of body sensor networks rely on smartphones to aggregate data from various body sensors, including heart rate sensors and step sensors, and possibly to control medical devices such as an insulin pump. “Guarantees on security and privacy of the authentication pipeline will allow end-users to trust and use active authentication technologies,” Gasti added.
To help disseminate the research results following the project’s conclusion in September 2018, the principal investigators will develop a new graduate course at NYIT, and integrate research outcomes into existing graduate courses at both NYIT and William & Mary.