Data security in smart environments for assisted living

(1)

Dissertations in Forestry and Natural Sciences

DISSERTATIONS | OLAYEMI OLAOLU OLAWUMI | DATA SECURITY IN SMART ENVIRONMENTS F

PUBLICATIONS OF

THE UNIVERSITY OF EASTERN FINLAND

Security is a very important issue in Smart Home Environments due to the sensitive nature of private and confidential data being transmitted via wireless communication links.

The wireless technologies being used in the implementation of smart homes have serious security issues that could have severe security

implications if they are not carefully taken into account. In this dissertation, we present

unique techniques to enhance the security of transmitted data via wireless interfaces in smart home environments based on Steganography and Digital Watermaking.

OLAYEMI OLAOLU OLAWUMI

(2)

(3)

DATA SECURITY IN SMART ENVIRONMENTS FOR ASSISTED

LIVING

(4)

Olayemi Olaolu Olawumi

DATA SECURITY IN SMART ENVIRONMENTS FOR ASSISTED

LIVING

Publications of the University of Eastern Finland Dissertations in Forestry and Natural Sciences

No 278

University of Eastern Finland Kuopio

2017

Academic dissertation

To be presented by permission of the Faculty of Science and Forestry for public examination in the Auditorium SN200 in the Snellmania

(5)

Olayemi Olaolu Olawumi

DATA SECURITY IN SMART ENVIRONMENTS FOR ASSISTED

LIVING

Publications of the University of Eastern Finland Dissertations in Forestry and Natural Sciences

No 278

University of Eastern Finland Kuopio

2017

Academic dissertation

To be presented by permission of the Faculty of Science and Forestry

(6)

Grano Oy Jyväskylä, 2017

Editors: Pertti Pasanen, Matti Vornanen, Jukka Tuomela, Matti Tedre

Distribution: University of Eastern Finland / Sales of publications www.uef.fi/kirjasto

ISBN: 978-952-61-2577-0 (Print) ISBN: 978-952-61-2578-7 (PDF)

Author’s address: Olayemi Olaolu Olawumi University of Eastern Finland School of Computing

P.O. Box 1627

70211 KUOPIO, FINLAND email: olayemo@student.uef.fi

Supervisors: Professor Pekka Toivanen, D.Sc. (Tech.) University of Eastern Finland

School of Computing P.O. Box 1627

70211 KUOPIO, FINLAND email: pekka.toivanen@uef.fi Dr. Keijo Haataja, Ph.D. University of Eastern Finland School of Computing

P.O. Box 1627

70211 KUOPIO, FINLAND email: keijo.haataja@uef.fi

Reviewers: Professor Timo Hämäläinen, Ph.D.

University of Jyväskylä

Faculty of Information Technology, P.O. Box 35,

40014 Jyväskylä, FINLAND email: timo.t.hamalainen@jyu.fi Professor Philippe Le Parc, Ph.D. University of Brest,

Department of Informatics,

3 rue des Archives, CS 93837-29238, Brest cedex 3, FRANCE

email: Philippe.Le-Parc@univ-brest.fr Opponent: Professor Ville Leppänen, Ph.D.

University of Turku, Agora, Vesilinnantie 5,

(7)

Grano Oy Jyväskylä, 2017

Editors: Pertti Pasanen, Matti Vornanen, Jukka Tuomela, Matti Tedre

Distribution: University of Eastern Finland / Sales of publications www.uef.fi/kirjasto

ISBN: 978-952-61-2577-0 (Print)

Author’s address: Olayemi Olaolu Olawumi University of Eastern Finland School of Computing

P.O. Box 1627

70211 KUOPIO, FINLAND email: olayemo@student.uef.fi

Supervisors: Professor Pekka Toivanen, D.Sc. (Tech.) University of Eastern Finland

School of Computing P.O. Box 1627

70211 KUOPIO, FINLAND email: pekka.toivanen@uef.fi Dr. Keijo Haataja, Ph.D.

University of Eastern Finland School of Computing

P.O. Box 1627

70211 KUOPIO, FINLAND email: keijo.haataja@uef.fi

Reviewers: Professor Timo Hämäläinen, Ph.D.

University of Jyväskylä

Faculty of Information Technology, P.O. Box 35,

40014 Jyväskylä, FINLAND email: timo.t.hamalainen@jyu.fi Professor Philippe Le Parc, Ph.D.

University of Brest,

Department of Informatics,

3 rue des Archives, CS 93837-29238, Brest cedex 3, FRANCE

email: Philippe.Le-Parc@univ-brest.fr Opponent: Professor Ville Leppänen, Ph.D.

University of Turku,

(8)

Olawumi, Olayemi Olaolu

Data Security in Smart Environments for Assisted Living Kuopio: University of Eastern Finland, 2017

Publications of the University of Eastern Finland Dissertations in Forestry and Natural Sciences 2017; 278 ISBN: 978-952-61-2577-0 (Print)

ISSNL: 1798-5668 ISSN: 1798-5668

ISBN: 978-952-61-2578-7 (PDF) ISSN: 1798-5668 (PDF)

ABSTRACT

Security is a very important issue in Smart Home Environments due to the sensitive nature of private and confidential data being transmitted via wireless communication links. The wireless technologies being used in the implementation of smart homes have serious security issues that could have severe security implications if they are not carefully taken into account. Therefore, identification of these security issues is crucial to taking the appropriate steps towards mitigating them and enhancing the security of the collected data within these homes.

This thesis presents our contributions on how to enhance the security of transmitted data via wireless interfaces in smart home environments.

We investigated the security issues in smart home systems and we proposed countermeasures to mitigate these threats. We also analyzed smart environments with an emphasis on the security challenges of the wireless network interfaces being utilized in these systems and we examined how the SEAL system can be designed in a more secure way that will guarantee maximum protection of data transmitted across the system.

Moreover, we proposed and practically demonstrated in our laboratory environment three (3) attack scenarios against ZigBee network, which is commonly utilized for data transmission in smart homes. These attack scenarios are based on utilizing several vulnerabilities found from the main security components of ZigBee technology and we also proposed countermeasures that we believe will render the attacks impossible, although do not totally eliminate their potential danger.

Since we have demonstrated that attacks against the wireless interfaces utilized for data transmission in Smart Homes are real, we then proposed novel methods to enhance the security of these wireless interfaces and render these attacks impossible. The first method employs Steganography to strengthen the Bluetooth pairing process and thwart the MITM attacks; we demonstrated experimentally the

(9)

Olawumi, Olayemi Olaolu

Data Security in Smart Environments for Assisted Living Kuopio: University of Eastern Finland, 2017

Publications of the University of Eastern Finland Dissertations in Forestry and Natural Sciences 2017; 278 ISBN: 978-952-61-2577-0 (Print)

ISSNL: 1798-5668 ISSN: 1798-5668

ISBN: 978-952-61-2578-7 (PDF) ISSN: 1798-5668 (PDF)

ABSTRACT

Security is a very important issue in Smart Home Environments due to the sensitive nature of private and confidential data being transmitted via wireless communication links. The wireless technologies being used in the implementation of smart homes have serious security issues that could have severe security implications if they are not carefully taken into account. Therefore, identification of these security issues is crucial to taking the appropriate steps towards mitigating them and enhancing the security of the collected data within these homes.

This thesis presents our contributions on how to enhance the security of transmitted data via wireless interfaces in smart home environments.

We investigated the security issues in smart home systems and we proposed countermeasures to mitigate these threats. We also analyzed smart environments with an emphasis on the security challenges of the wireless network interfaces being utilized in these systems and we examined how the SEAL system can be designed in a more secure way that will guarantee maximum protection of data transmitted across the system.

Moreover, we proposed and practically demonstrated in our laboratory environment three (3) attack scenarios against ZigBee network, which is commonly utilized for data transmission in smart homes. These attack scenarios are based on utilizing several vulnerabilities found from the main security components of ZigBee technology and we also proposed countermeasures that we believe will render the attacks impossible, although do not totally eliminate their potential danger.

Since we have demonstrated that attacks against the wireless interfaces utilized for data transmission in Smart Homes are real, we then proposed novel methods to enhance the security of these wireless interfaces and render these attacks impossible. The first method employs Steganography to strengthen the Bluetooth

(10)

of intrusion and secure the entire connection. The second method employs digital watermarking technique to improve the security and authentication of healthcare images transmitted via wireless network; in this technique, a special digital image is embedded into the RONI (Region of Non-Interest) sections of the healthcare images before transmission over wireless networks to the receiver. Then at the receiver’s side, the embedded special digital image is extracted from the healthcare image and verified to confirm its authenticity. We demonstrated with experimental figures the effectiveness and robustness of this technique by implementing DWT (Discrete Wavelet Transform) algorithm to successfully embed a watermark into the RONI section of some healthcare images. The watermarks were embedded in such a way that the ROI (Region of Interest) sections of the images were not affected and the integrity of the images was protected. Our results show clearly that this technique is very robust and efficient in providing authentication and enhancing the security of healthcare images and it can be implemented for wireless communication in smart home and mobile health systems.

The results of the work documented in this thesis were all practically demonstrated to evaluate their effectiveness and efficiency if implemented.

Universal Decimal Classification: 004.056, 004.732, 621.395.721.5

Inspec Thesaurus: home automation; home computing; home networks; personal area networks; wireless LAN; mobile computing; security of data; data privacy; cryptography;

steganography; data encapsulation; image watermarking; Zigbee; Bluetooth; discrete wavelet transforms

Yleinen suomalainen asiasanasto: älytalot; palvelutalot; lähiverkot; langattomat verkot;

langaton tekniikka; mobiililaitteet; tietoturva; tietosuoja; salaus; kryptografia;

verkkohyökkäykset; Bluetooth

ACKNOWLEDGEMENTS

This study was conducted at the University of Eastern Finland, School of Computing between 2013-2017.

First and foremost, I would like to thank my supervisors, Professor Pekka Toivanen and Dr. Keijo Haataja, without whose support, guidance, and enthusiasm this work would never have been completed. I consider myself very lucky to work with them for my Ph.D. Thesis and I am grateful to them for providing me with the opportunities to work on an important research project. I was given the freedom to find my own techniques and I definitely learned a lot during the research.

I would like to express my gratitude to my colleagues, whom I have worked with during the research and those who have supported me in the course of my research work. I would like to thank Antti Väänänen and Marwan Ali Albahar for their unfailing support and generous help during the research work.

I would like to thank Solomon Oyelere and Emmanuel Kolog for their good advices, support, and interesting discussions on my research work and also I will like to thank my family and friends, especially Olanrewaju Olawumi for his moral support during the research work.

Finally, I want to dedicate this work to my wife (Phebean Olawumi) and my daughters, Olamide and Tiwalola, who both brought so many smiles to my face.

Kuopio, June 5, 2017 Olayemi Olaolu Olawumi

(11)

of intrusion and secure the entire connection. The second method employs digital watermarking technique to improve the security and authentication of healthcare images transmitted via wireless network; in this technique, a special digital image is embedded into the RONI (Region of Non-Interest) sections of the healthcare images before transmission over wireless networks to the receiver. Then at the receiver’s side, the embedded special digital image is extracted from the healthcare image and verified to confirm its authenticity. We demonstrated with experimental figures the effectiveness and robustness of this technique by implementing DWT (Discrete Wavelet Transform) algorithm to successfully embed a watermark into the RONI section of some healthcare images. The watermarks were embedded in such a way that the ROI (Region of Interest) sections of the images were not affected and the integrity of the images was protected. Our results show clearly that this technique is very robust and efficient in providing authentication and enhancing the security of healthcare images and it can be implemented for wireless communication in smart home and mobile health systems.

The results of the work documented in this thesis were all practically demonstrated to evaluate their effectiveness and efficiency if implemented.

Universal Decimal Classification: 004.056, 004.732, 621.395.721.5

Inspec Thesaurus: home automation; home computing; home networks; personal area networks; wireless LAN; mobile computing; security of data; data privacy; cryptography;

steganography; data encapsulation; image watermarking; Zigbee; Bluetooth; discrete wavelet transforms

Yleinen suomalainen asiasanasto: älytalot; palvelutalot; lähiverkot; langattomat verkot;

langaton tekniikka; mobiililaitteet; tietoturva; tietosuoja; salaus; kryptografia;

verkkohyökkäykset; Bluetooth

ACKNOWLEDGEMENTS

This study was conducted at the University of Eastern Finland, School of Computing between 2013-2017.

First and foremost, I would like to thank my supervisors, Professor Pekka Toivanen and Dr. Keijo Haataja, without whose support, guidance, and enthusiasm this work would never have been completed. I consider myself very lucky to work with them for my Ph.D. Thesis and I am grateful to them for providing me with the opportunities to work on an important research project. I was given the freedom to find my own techniques and I definitely learned a lot during the research.

I would like to express my gratitude to my colleagues, whom I have worked with during the research and those who have supported me in the course of my research work. I would like to thank Antti Väänänen and Marwan Ali Albahar for their unfailing support and generous help during the research work.

I would like to thank Solomon Oyelere and Emmanuel Kolog for their good advices, support, and interesting discussions on my research work and also I will like to thank my family and friends, especially Olanrewaju Olawumi for his moral support during the research work.

Finally, I want to dedicate this work to my wife (Phebean Olawumi) and my daughters, Olamide and Tiwalola, who both brought so many smiles to my face.

Kuopio, June 5, 2017 Olayemi Olaolu Olawumi

(12)

LIST OF ABBREVIATIONS

AES Advanced Encryption Standard

APIs Application Programming Interfaces

DCT Discrete Cosine Transform

DoS Denial-of-Service

DWT Discrete Wavelet Transform

HVAC Heating, Ventilation, and Air Conditioning

JW Just Works

LSB Least Significant Bit

MIC Message Integrity Code

MITM Man-In-The-Middle

NC Numeric Comparison

OOB Out-Of-Band

PE Passkey Entry

RF Radio Frequency

ROI Region of Interest

RONI Region of Non-Interest

SEAL Smart Environment for Assisted Living

SSP Secure Simple Pairing

TC Trust Center

UI User Interface

WLAN Wireless Local Area Network

WPAN Wireless Personal Area Network

ZED ZigBee End-Device

(13)

LIST OF ABBREVIATIONS

AES Advanced Encryption Standard

APIs Application Programming Interfaces

DCT Discrete Cosine Transform

DoS Denial-of-Service

DWT Discrete Wavelet Transform

HVAC Heating, Ventilation, and Air Conditioning

JW Just Works

LSB Least Significant Bit

MIC Message Integrity Code

MITM Man-In-The-Middle

NC Numeric Comparison

OOB Out-Of-Band

PE Passkey Entry

RF Radio Frequency

ROI Region of Interest

RONI Region of Non-Interest

SEAL Smart Environment for Assisted Living

SSP Secure Simple Pairing

TC Trust Center

UI User Interface

WLAN Wireless Local Area Network

WPAN Wireless Personal Area Network

ZED ZigBee End-Device

(14)

LIST OF ORIGINAL PUBLICATIONS

This thesis is based on data presented in the following articles, referred to by the Roman Numerals I-IV.

I Olawumi O., Väänänen A., Haataja K., and Toivanen P.: Security Issues in Smart Home and Mobile Health Systems: Threat Analysis, Possible Countermeasures and Lessons Learned. International Journal on Information Technologies & Security, Vol. 9, No. 1, pp. 31-52, 2017.

II Olawumi O., Haataja K., Asikainen M., Vidgren N., and Toivanen P.: Three Practical Attacks Against ZigBee Security: Attack Scenario Definitions, Practical Experiments, Countermeasures, and Lesson Learned. Proceedings of the 14th IEEE International Conference on Hybrid Intelligent Systems (HIS 2014), Kuwait, December 14-16, 2014.

III Albahar M. A., Olawumi O., Haataja K., and Toivanen P.: A Novel Method For Bluetooth Pairing Using Steganography. International Journal on Information Technologies & Security, Vol. 9, No. 1, pp. 53-66, 2017.

IV Olawumi O., Haataja K., and Toivanen P.: A Novel Security and Authentication Technique For Reliable Wireless Transmission Of Healthcare Images in Smart Home And Mobile Health System Based On Digital Watermarking. International Journal on Information Technologies & Security, Vol.

9, No. 1, pp. 67-84, 2017.

(15)

LIST OF ORIGINAL PUBLICATIONS

This thesis is based on data presented in the following articles, referred to by the Roman Numerals I-IV.

I Olawumi O., Väänänen A., Haataja K., and Toivanen P.: Security Issues in Smart Home and Mobile Health Systems: Threat Analysis, Possible Countermeasures and Lessons Learned. International Journal on Information Technologies & Security, Vol. 9, No. 1, pp. 31-52, 2017.

II Olawumi O., Haataja K., Asikainen M., Vidgren N., and Toivanen P.: Three Practical Attacks Against ZigBee Security: Attack Scenario Definitions, Practical Experiments, Countermeasures, and Lesson Learned. Proceedings of the 14th IEEE International Conference on Hybrid Intelligent Systems (HIS 2014), Kuwait, December 14-16, 2014.

III Albahar M. A., Olawumi O., Haataja K., and Toivanen P.: A Novel Method For Bluetooth Pairing Using Steganography. International Journal on Information Technologies & Security, Vol. 9, No. 1, pp. 53-66, 2017.

IV Olawumi O., Haataja K., and Toivanen P.: A Novel Security and Authentication Technique For Reliable Wireless Transmission Of Healthcare Images in Smart Home And Mobile Health System Based On Digital Watermarking. International Journal on Information Technologies & Security, Vol.

9, No. 1, pp. 67-84, 2017.

(16)

AUTHOR’S CONTRIBUTION

The publications selected for this dissertation are original research papers on wireless and smart home security. In all papers presented here, the authors cooperated in writing the papers and the proposed methods are the result of teamwork with joint efforts made by all authors. The order of the names shows the contribution of authors in preparing the papers; the first and second authors were responsible for the initial drafting of the papers:

I. The author was the primary contributor to the idea and manuscript of this paper, which was jointly written with significant contributions from Antti Väänänen. Dr. Keijo Haataja and Professor Pekka Toivanen are the main author’s Ph.D. supervisors and they contributed also by revising and commenting on the paper draft and giving ideas for improvement.

II. The author was a major contributor in devising the three practical attack scenarios presented in this paper; moreover, the experiment was planned and performed by the author. The author also proposed novel countermeasures to mitigate these attacks. The writing of the paper was a joint contribution of all the authors.

III. The novel method of using Steganography to strengthen the Bluetooth pairing process presented in this paper was investigated and designed by the author, which was then further developed by Marwan Al Albahar. The writing of the paper was a joint contribution of all the authors.

IV. The author proposed this novel approach to improve the security and authentication of transmitted healthcare images presented in this paper.

The author planned and performed the experiment; the author also contributed significantly to the writing of this paper.

(17)

AUTHOR’S CONTRIBUTION

The publications selected for this dissertation are original research papers on wireless and smart home security. In all papers presented here, the authors cooperated in writing the papers and the proposed methods are the result of teamwork with joint efforts made by all authors. The order of the names shows the contribution of authors in preparing the papers; the first and second authors were responsible for the initial drafting of the papers:

I. The author was the primary contributor to the idea and manuscript of this paper, which was jointly written with significant contributions from Antti Väänänen. Dr. Keijo Haataja and Professor Pekka Toivanen are the main author’s Ph.D. supervisors and they contributed also by revising and commenting on the paper draft and giving ideas for improvement.

II. The author was a major contributor in devising the three practical attack scenarios presented in this paper; moreover, the experiment was planned and performed by the author. The author also proposed novel countermeasures to mitigate these attacks. The writing of the paper was a joint contribution of all the authors.

III. The novel method of using Steganography to strengthen the Bluetooth pairing process presented in this paper was investigated and designed by the author, which was then further developed by Marwan Al Albahar. The writing of the paper was a joint contribution of all the authors.

IV. The author proposed this novel approach to improve the security and authentication of transmitted healthcare images presented in this paper.

The author planned and performed the experiment; the author also contributed significantly to the writing of this paper.

(18)

1 INTRODUCTION

The research and development efforts for smart homes are increasing, but are faced with data and information security related issues. Smart homes provide excellent infrastructure, which is being utilized to enable a comfortable and secure living for its users; smart homes also promote independent living at home for disabled and elderly people, which in turns improves their quality of life [1–2].

However, the increasing threats and abuse of smart environments is a major source of concern as there are vulnerabilities found in the various protocols utilized in the implementation of smart homes, and these vulnerabilities can be exploited by intruders. In a scenario when smart homes can store and release healthcare data to third parties, the collected healthcare data within these homes are vulnerable to severe security and privacy abuses [1–2]. Identification of these security issues and taking appropriate steps towards mitigating them to ensure security of healthcare data collected in smart home is essential.

SEAL (Smart Environment for Assisted Living) is developed in the Computational Intelligence (CI) research group at the University of Eastern Finland (UEF). SEAL is a comprehensive combination of smart home and mobile health subsystems. The subsystems provide functionalities to home residents that help them to achieve secure, healthy, and easy living and working environment even if they are suffering from chronic conditions or just want to automate equipment functionalities in their home/office or to be more aware about their health condition [2–3].

SEAL is developed for use in home healthcare organizations, occupational health studies, and individual use, where ambitious and challenging interdisciplinary research work can be conducted and later on companies can transfer these novel research findings into everyday use within new mobile health products. All SEAL subsystems are planned be realized as separate entities, which will work seamlessly together with an open and common communication interface.

SEAL can be separated into two subsystem entities, which are the Assisted Living

& Home Automation subsystem and the mHealth subsystem. These two subsystems work seamlessly together in the same application and measurements can be seen in the same UI (User Interface). The architectural logic behind the system is divided by the application programming interfaces (APIs), which collect the measurement data from different sources [2–3].

The mHealth subsystem can be used for active monitoring of patients in chronic conditions or active health information monitoring (e.g., weight and blood pressure) for fitness and well-being purposes. In SEAL, the vital signs and periodic

(21)

1 INTRODUCTION

The research and development efforts for smart homes are increasing, but are faced with data and information security related issues. Smart homes provide excellent infrastructure, which is being utilized to enable a comfortable and secure living for its users; smart homes also promote independent living at home for disabled and elderly people, which in turns improves their quality of life [1–2].

However, the increasing threats and abuse of smart environments is a major source of concern as there are vulnerabilities found in the various protocols utilized in the implementation of smart homes, and these vulnerabilities can be exploited by intruders. In a scenario when smart homes can store and release healthcare data to third parties, the collected healthcare data within these homes are vulnerable to severe security and privacy abuses [1–2]. Identification of these security issues and taking appropriate steps towards mitigating them to ensure security of healthcare data collected in smart home is essential.

SEAL (Smart Environment for Assisted Living) is developed in the Computational Intelligence (CI) research group at the University of Eastern Finland (UEF). SEAL is a comprehensive combination of smart home and mobile health subsystems. The subsystems provide functionalities to home residents that help them to achieve secure, healthy, and easy living and working environment even if they are suffering from chronic conditions or just want to automate equipment functionalities in their home/office or to be more aware about their health condition [2–3].

SEAL is developed for use in home healthcare organizations, occupational health studies, and individual use, where ambitious and challenging interdisciplinary research work can be conducted and later on companies can transfer these novel research findings into everyday use within new mobile health products. All SEAL subsystems are planned be realized as separate entities, which will work seamlessly together with an open and common communication interface.

SEAL can be separated into two subsystem entities, which are the Assisted Living

& Home Automation subsystem and the mHealth subsystem. These two subsystems work seamlessly together in the same application and measurements can be seen in the same UI (User Interface). The architectural logic behind the system is divided by the application programming interfaces (APIs), which collect the measurement data from different sources [2–3].

The mHealth subsystem can be used for active monitoring of patients in chronic conditions or active health information monitoring (e.g., weight and blood

(22)

automation mini-PC. The data is collected by applications located in a mobile device or in a home gateway application, depending on user location (indoor / outdoor) [2–3].

In the Assisted Living & Home Automation subsystem, the wireless network collects the environmental data from ambient sensors, which are located in the resident’s home. The SEAL system analyzes the collected data and changes the house automation functionality accordingly. The SEAL Application will be designed to operate in multiple mobile platforms and provide functionalities to several end-user groups, such as healthcare professionals, healthy users who want to monitor their health status, or people who want assistance when using intelligent house technology. SEAL will provide comprehensive security measures for wireless authentication, data transmission, and data storage in mobile devices to help to achieve user needs and regulatory requirements for transferring and storing personal health data [2–3]. Figure 1 illustrates our SEAL system that can be utilized in mHealth, Smart Home, and Smart Office use cases.

Figure 1. SEAL System for mHealth, Smart Home, and Smart Office use cases. [2]

The necessity of wireless networks in realising smart home and mHealth systems are very significant. Wireless interfaces mainly Bluetooth, ZigBee, and/or WLAN (Wireless Local Area Network) are commonly used for data transmission in smart environments, and these wireless protocols have serious security challenges,

at rest. The recent occurrences of smart environment hacking raise an alarm of the need to urgently research unique techniques to ensure security of these homes.

The aim of our work is to provide an investigation into the possible security issues in smart home systems. In addition, we analyzed smart environments with an emphasis on the security challenges of the wireless network interfaces being utilized in these systems.

Our research work can be divided into four parts. In the first part, we conducted a detailed literature based investigation into the possible security attacks against smart environments and we then applied threat modelling process to our SEAL system to identify the assets and threats to the system and propose possible countermeasures to mitigate these threats. We also examined how the SEAL system can be designed in a more secure way that will guarantee a maximum protection of data transmitted across the system.

In the second part, we studied individually two major protocols used in the implementation of smart homes. The weaknesses of ZigBee security and different types of attacks against ZigBee security were investigated. We also practically demonstrated some of these attacks in our research laboratory and proposed countermeasures against each type of attack. Much work had already been done by Haataja et al. [6–10] on Bluetooth security, so we only studied critically these previous papers and moved on to design unique solutions to some of the problems discovered.

In the third part, we proposed a novel method that will strengthen the Bluetooth pairing process by employing Steganography in which secret messages and key are hidden in a cover object. We also demonstrated this technique with experimental figures to show its uniqueness and we believe this technique will draw a robust Bluetooth pairing model, which can counteract MITM attacks.

Finally, we presented a novel approach to improve the security and authentication of healthcare images transmitted via wireless network based on digital watermarking technique. In this approach, a special digital image is embedded into the RONI (Region of Non-Interest) sections of the healthcare images before transmission over wireless networks to the receiver. Then at the receiver’s side, the embedded special digital image is extracted from the healthcare image and verified to confirm its authenticity.

The rest of the thesis is organized as follows. Chapter 2 gives an overview of smart homes and mobile health systems; current security issues in smart Homes are explained. Chapter 3 gives an overview of ZigBee and Bluetooth security basics. We also presented briefly about the vulnerability of Bluetooth security mechanism and existing countermeasures and their limitations. Chapter 4 presents summary of our practical experiments and our novel solutions to possibly enhance the security of the wireless interfaces. Chapter 6 presents a summary of our contribution to

(23)

automation mini-PC. The data is collected by applications located in a mobile device or in a home gateway application, depending on user location (indoor / outdoor) [2–3].

In the Assisted Living & Home Automation subsystem, the wireless network collects the environmental data from ambient sensors, which are located in the resident’s home. The SEAL system analyzes the collected data and changes the house automation functionality accordingly. The SEAL Application will be designed to operate in multiple mobile platforms and provide functionalities to several end-user groups, such as healthcare professionals, healthy users who want to monitor their health status, or people who want assistance when using intelligent house technology. SEAL will provide comprehensive security measures for wireless authentication, data transmission, and data storage in mobile devices to help to achieve user needs and regulatory requirements for transferring and storing personal health data [2–3]. Figure 1 illustrates our SEAL system that can be utilized in mHealth, Smart Home, and Smart Office use cases.

Figure 1. SEAL System for mHealth, Smart Home, and Smart Office use cases. [2]

The necessity of wireless networks in realising smart home and mHealth systems are very significant. Wireless interfaces mainly Bluetooth, ZigBee, and/or WLAN (Wireless Local Area Network) are commonly used for data transmission in

at rest. The recent occurrences of smart environment hacking raise an alarm of the need to urgently research unique techniques to ensure security of these homes.

The aim of our work is to provide an investigation into the possible security issues in smart home systems. In addition, we analyzed smart environments with an emphasis on the security challenges of the wireless network interfaces being utilized in these systems.

Our research work can be divided into four parts. In the first part, we conducted a detailed literature based investigation into the possible security attacks against smart environments and we then applied threat modelling process to our SEAL system to identify the assets and threats to the system and propose possible countermeasures to mitigate these threats. We also examined how the SEAL system can be designed in a more secure way that will guarantee a maximum protection of data transmitted across the system.

In the second part, we studied individually two major protocols used in the implementation of smart homes. The weaknesses of ZigBee security and different types of attacks against ZigBee security were investigated. We also practically demonstrated some of these attacks in our research laboratory and proposed countermeasures against each type of attack. Much work had already been done by Haataja et al. [6–10] on Bluetooth security, so we only studied critically these previous papers and moved on to design unique solutions to some of the problems discovered.

In the third part, we proposed a novel method that will strengthen the Bluetooth pairing process by employing Steganography in which secret messages and key are hidden in a cover object. We also demonstrated this technique with experimental figures to show its uniqueness and we believe this technique will draw a robust Bluetooth pairing model, which can counteract MITM attacks.

Finally, we presented a novel approach to improve the security and authentication of healthcare images transmitted via wireless network based on digital watermarking technique. In this approach, a special digital image is embedded into the RONI (Region of Non-Interest) sections of the healthcare images before transmission over wireless networks to the receiver. Then at the receiver’s side, the embedded special digital image is extracted from the healthcare image and verified to confirm its authenticity.

The rest of the thesis is organized as follows. Chapter 2 gives an overview of smart homes and mobile health systems; current security issues in smart Homes are explained. Chapter 3 gives an overview of ZigBee and Bluetooth security basics. We also presented briefly about the vulnerability of Bluetooth security mechanism and existing countermeasures and their limitations. Chapter 4 presents summary of our practical experiments and our novel solutions to possibly enhance the security of

(24)

2 SMART HOME AND MOBILE HEALTH SYSTEMS

2.1 INTRODUCTION

Smart homes are homes that connect several devices (such as sensors) and systems that can be accessed remotely, monitored, and controlled with the use of various communication networks [11–12]. Smart homes make it possible for all devices and appliances in the home to be connected and communicate with each other at the control of the home owner [13]. A typical scenario is when a home user controls the temperature gauge or controls the lighting system with the use of a ZigBee or Bluetooth-enabled remote control.

According to researchers in [14], smart homes comprise of three major areas, which are the physical components (sensors/actuators), a control system (expert system/artificial intelligence) and lastly, the communication system (wired/wireless), which interfaces the physical component and the control system.

Smart homes sense the environment with the help of the physical components.

Information is passed to the control system with the help of the home network and the decision are made by the control system, which then passes the control information to the actuator for appropriate action [14]. Figure 2 below depicts a typical structure of a smart home system.

Figure 2. Structure of a Smart Home system. [4]

(25)

2 SMART HOME AND MOBILE HEALTH SYSTEMS

2.1 INTRODUCTION

Smart homes are homes that connect several devices (such as sensors) and systems that can be accessed remotely, monitored, and controlled with the use of various communication networks [11–12]. Smart homes make it possible for all devices and appliances in the home to be connected and communicate with each other at the control of the home owner [13]. A typical scenario is when a home user controls the temperature gauge or controls the lighting system with the use of a ZigBee or Bluetooth-enabled remote control.

According to researchers in [14], smart homes comprise of three major areas, which are the physical components (sensors/actuators), a control system (expert system/artificial intelligence) and lastly, the communication system (wired/wireless), which interfaces the physical component and the control system.

Smart homes sense the environment with the help of the physical components.

Information is passed to the control system with the help of the home network and the decision are made by the control system, which then passes the control information to the actuator for appropriate action [14]. Figure 2 below depicts a typical structure of a smart home system.

(26)

2.2 POSSIBLE SECURITY THREATS IN SMART HOME AND MOBILE HEALTH SYSTEMS

Wireless networks are significant in realizing smart home and mHealth systems.

Wireless interfaces, mainly Bluetooth, ZigBee, and/or WLAN, are commonly used for data transmission in Smart environments, and these wireless protocols have serious security challenges, that make smart homes vulnerable to different attacks.

In Publication I, we presented the possible security threats in smart home environments, which can be classified into two main categories [15–16]: internal threat and external threat. Internal threat originate within the smart home, due to many reasons, which may be improper network configuration or weak passwords [2], while external threats are derived from external nodes. In Publication I, we focused our investigation on external threats to smart homes. External threats are categorized either as, passive attacks or active attacks, which are explained in Sections 2.2.1 and 2.2.2.

2.2.1 Passive Attacks

In passive attack, transmitted messages are not modified and an intruder only monitors the transmission to gain adequate knowledge about the senders and receivers [2, 15-17]. Therefore, since no modification was made, these kinds of attacks are difficult to detect. There are two types of attacks under this category: [2, 15–17].

I. Eavesdropping Attack: In eavesdropping attacks, an attacker only monitors the home user’s activities, like web surfing, phone communications etc., and all this is done without any modification or alerting the legitimate communication parties. Once an attacker has adequate knowledge of the home users and their activities, then further attacks are inevitable. Eavesdropping is a major attack in smart homes; it builds foundation for other attacks. In [18], we practically demonstrated this attack on ZigBee network and we proposed possible countermeasures we believe will work efficiently to mitigate them.

II. Traffic Analysis: Traffic analysis is very similar to the eavesdropping attack; an attacker simply observes the traffic pattern in communication between the home user and the communicating parties. From these observations, the attacker can gain adequate knowledge and conclusion on the subject matter, for example (frequency of messages, location, etc.). Traffic analysis is hard to detect, because no modifications are made and thus no evidence of an attack ever occurred [2, 15–17].

2.2.2 Active Attacks

In active attacks, modification of transmitted data or introduction of fraudulent data into smart home networks is attempted. Seven subcategories of active attacks can be defined: [2, 15–17]

I. Masquerade Attacks: In a masquerade attack, it is possible for an attacker to gain unauthorized privileges or take on a false identity to have access to the smart home internal network remotely to obtain confidential information. Once a masquerade attack is successful, then all other attacks are possible [2, 15–17].

II. Replay Attacks: In a replay attack, an intruder can capture a previously sent message between two legitimate parties and re-transmit the message while pretending to be a legitimate entity. Reply attack is possible in smart homes, where the home user’s bank transaction or medical request can be captured by an attacker and re-transmitted later, pretending to be from a legitimate user [15–

16]. As mentioned in Publication II, the effect of a reply attack depends on the content of the data being replayed. It may be a minor one or a severe one.

III. Message Modification Attacks: As the name implies, message modification simply means a certain part of a genuine message is altered; this kind of attack may also include an attacker delaying the message or reordering it to produce illegitimate effect [2, 15–17].

IV. Denial-of-Service (DoS) Attacks: In a DoS attack, the smart home’s internal network can be flooded with messages by an attacker in order to overload its resources with traffic, thereby making it impossible for an authorized user to access the resources. Moreover, internal traffic transmitted within the smart home can be blocked by an attacker sending several messages to the web server.

[2, 15–17, 19].

V. Interception Attacks: Interception attacks deny authorized users access to services in the smart home network. An attacker can intercept packets destined to a remote user from the smart environment [2, 16–17, 19].

VI. Session-Stealing Attacks: In session stealing attacks, an attacker will patiently wait for a legitimate user to be authenticated and successfully login into an application, and then the session is hijacked by impersonation of the identity of the genuine user or node [2, 16–17, 19].

VII. Malicious Codes: Malicious codes are threats that exploit various vulnerabilities found in smart home internal networks. Malicious code may be viruses, trapdoors, logic bombs, or Trojan horses that can be used by an attacker to exploit smart home internal networks, modifying/destroying data, and even gaining unauthorized access to confidential data. These treats can be introduced into smart homes via emails, surfing fraudulent web pages unintentionally, etc.

[2, 15, 16–17, 19]

(27)

2.2 POSSIBLE SECURITY THREATS IN SMART HOME AND MOBILE HEALTH SYSTEMS

Wireless networks are significant in realizing smart home and mHealth systems.

Wireless interfaces, mainly Bluetooth, ZigBee, and/or WLAN, are commonly used for data transmission in Smart environments, and these wireless protocols have serious security challenges, that make smart homes vulnerable to different attacks.

In Publication I, we presented the possible security threats in smart home environments, which can be classified into two main categories [15–16]: internal threat and external threat. Internal threat originate within the smart home, due to many reasons, which may be improper network configuration or weak passwords [2], while external threats are derived from external nodes. In Publication I, we focused our investigation on external threats to smart homes. External threats are categorized either as, passive attacks or active attacks, which are explained in Sections 2.2.1 and 2.2.2.

2.2.1 Passive Attacks

In passive attack, transmitted messages are not modified and an intruder only monitors the transmission to gain adequate knowledge about the senders and receivers [2, 15-17]. Therefore, since no modification was made, these kinds of attacks are difficult to detect. There are two types of attacks under this category: [2, 15–17].

I. Eavesdropping Attack: In eavesdropping attacks, an attacker only monitors the home user’s activities, like web surfing, phone communications etc., and all this is done without any modification or alerting the legitimate communication parties. Once an attacker has adequate knowledge of the home users and their activities, then further attacks are inevitable. Eavesdropping is a major attack in smart homes; it builds foundation for other attacks. In [18], we practically demonstrated this attack on ZigBee network and we proposed possible countermeasures we believe will work efficiently to mitigate them.

II. Traffic Analysis: Traffic analysis is very similar to the eavesdropping attack; an attacker simply observes the traffic pattern in communication between the home user and the communicating parties. From these observations, the attacker can gain adequate knowledge and conclusion on the subject matter, for example (frequency of messages, location, etc.). Traffic analysis is hard to detect, because no modifications are made and thus no evidence of an attack ever occurred [2, 15–17].

2.2.2 Active Attacks

In active attacks, modification of transmitted data or introduction of fraudulent data into smart home networks is attempted. Seven subcategories of active attacks can be defined: [2, 15–17]

I. Masquerade Attacks: In a masquerade attack, it is possible for an attacker to gain unauthorized privileges or take on a false identity to have access to the smart home internal network remotely to obtain confidential information. Once a masquerade attack is successful, then all other attacks are possible [2, 15–17].

II. Replay Attacks: In a replay attack, an intruder can capture a previously sent message between two legitimate parties and re-transmit the message while pretending to be a legitimate entity. Reply attack is possible in smart homes, where the home user’s bank transaction or medical request can be captured by an attacker and re-transmitted later, pretending to be from a legitimate user [15–

16]. As mentioned in Publication II, the effect of a reply attack depends on the content of the data being replayed. It may be a minor one or a severe one.

III. Message Modification Attacks: As the name implies, message modification simply means a certain part of a genuine message is altered; this kind of attack may also include an attacker delaying the message or reordering it to produce illegitimate effect [2, 15–17].

IV. Denial-of-Service (DoS) Attacks: In a DoS attack, the smart home’s internal network can be flooded with messages by an attacker in order to overload its resources with traffic, thereby making it impossible for an authorized user to access the resources. Moreover, internal traffic transmitted within the smart home can be blocked by an attacker sending several messages to the web server.

[2, 15–17, 19].

V. Interception Attacks: Interception attacks deny authorized users access to services in the smart home network. An attacker can intercept packets destined to a remote user from the smart environment [2, 16–17, 19].

VI. Session-Stealing Attacks: In session stealing attacks, an attacker will patiently wait for a legitimate user to be authenticated and successfully login into an application, and then the session is hijacked by impersonation of the identity of the genuine user or node [2, 16–17, 19].

VII. Malicious Codes: Malicious codes are threats that exploit various vulnerabilities found in smart home internal networks. Malicious code may be viruses, trapdoors, logic bombs, or Trojan horses that can be used by an attacker to exploit smart home internal networks, modifying/destroying data, and even gaining unauthorized access to confidential data. These treats can be introduced into smart homes via emails, surfing fraudulent web pages unintentionally, etc.

(28)

3 OVERVIEW OF ZIGBEE & BLUETOOTH SECURITY

3.1 INTRODUCTION

In recent years, the use of wireless communication systems, especially Wireless Personal Area Networks (WPANs), and their interconnections via networks have grown rapidly. Wireless communication network transmit and receive data wirelessly over the air utilizing wireless media, e.g., radio frequency (RF) technology, which can penetrate obstacles and make it possible for wireless devices to communicate with no direct line-of-sight between them [20]. RF technology is flexible and easier to set up and use than wired communication [20]. However, wireless communication does not replace wired networks, rather it augments it. Attackers can disrupt wireless RF communication more easily than wired communication, and for this reason, they need novel ways that will ensure communication via wireless networks are secured [20].

3.2 OVERVIEW OF ZIGBEE TECHNOLOGY

ZigBee is a developing low-power wireless technology being used for applications, which require a simple protocol stack, low data rate, and long battery life. ZigBee has already been deployed for a range of applications from smart thermostat communication to hospital patient monitoring systems [20–24]. ZigBee is based on the IEEE 802.15.4 specification and supports data rates up to 250 Kbps, which is lower than Bluetooth that supports data rates of 3 Mbps and Wi-Fi that is now capable of data rates up to even several Gbps [20-24]. However, ZigBee can be implemented in only 120 KB of memory and is capable of operating on embedded, battery-powered devices for years as opposed to days or hours, as can usually be expected from Bluetooth or Wi-Fi enabled portable devices. These characteristics make ZigBee useful for applications which do not require high data rates [20–24].

Much of the interest in ZigBee is driven by development of home automation systems or smart homes, where ZigBee is being used for communication between electrical devices/equipment, security systems, ventilating and air conditioning (HVAC) systems, etc. [20–24] Smart-grid technology is another area in which ZigBee is being used, such as Advanced Metering Infrastructure (AMI) system, which is able to provide electricity consumers with information about pricing in real-time. In addition to these commercial systems, it was reported that large

(29)

3 OVERVIEW OF ZIGBEE & BLUETOOTH SECURITY

3.1 INTRODUCTION

In recent years, the use of wireless communication systems, especially Wireless Personal Area Networks (WPANs), and their interconnections via networks have grown rapidly. Wireless communication network transmit and receive data wirelessly over the air utilizing wireless media, e.g., radio frequency (RF) technology, which can penetrate obstacles and make it possible for wireless devices to communicate with no direct line-of-sight between them [20]. RF technology is flexible and easier to set up and use than wired communication [20]. However, wireless communication does not replace wired networks, rather it augments it. Attackers can disrupt wireless RF communication more easily than wired communication, and for this reason, they need novel ways that will ensure communication via wireless networks are secured [20].

3.2 OVERVIEW OF ZIGBEE TECHNOLOGY

ZigBee is a developing low-power wireless technology being used for applications, which require a simple protocol stack, low data rate, and long battery life. ZigBee has already been deployed for a range of applications from smart thermostat communication to hospital patient monitoring systems [20–24]. ZigBee is based on the IEEE 802.15.4 specification and supports data rates up to 250 Kbps, which is lower than Bluetooth that supports data rates of 3 Mbps and Wi-Fi that is now capable of data rates up to even several Gbps [20-24]. However, ZigBee can be implemented in only 120 KB of memory and is capable of operating on embedded, battery-powered devices for years as opposed to days or hours, as can usually be expected from Bluetooth or Wi-Fi enabled portable devices. These characteristics make ZigBee useful for applications which do not require high data rates [20–24].

Much of the interest in ZigBee is driven by development of home automation systems or smart homes, where ZigBee is being used for communication between electrical devices/equipment, security systems, ventilating and air conditioning (HVAC) systems, etc. [20–24] Smart-grid technology is another area in which ZigBee is being used, such as Advanced Metering Infrastructure (AMI) system, which is able to provide electricity consumers with information about pricing in

(30)

likely to transmit commercially sensitive and financial information using the ZigBee protocol later in the future [20–24].

3.3 ZIGBEE SECURITY BASICS AND EXISTING ATTACKS

There are four main concepts of ZigBee security: [18, 20, 23, 25–26]

I. Security Level: ZigBee supports two different security levels: High Security (which is also referred to as Commercial Security) and Standard Security (also referred to as Residential Security). The differences between these two security levels are mainly in the key management and distribution.

II. Trust Center (TC): The TC is one of the devices in a ZigBee-enabled network, and it is responsible for the security management. Three keys are used by the TC to provide a safety mechanism: the network key, the master key, and the link key. Moreover, the TC is responsible for selecting the suitable security level and for the key management. All ZigBee devices share the common network key, while the link key can be shared by any two ZigBee devices. The link key is derived from the master key, which is the basis for long-term security between two ZigBee devices.

III. Authentication and Data Encryption: Data is encrypted using 128-bit Advanced Encryption Standard (AES) with CCM (CCM = CBC-MAC = Counter with Cipher Block Chaining Message Authentication Code) mode allowing authentication and data encryption, thus forming a Federal Information Processing Standards (FIPS) compliant security mode called AES-CCM. The CCM mode is a mode of operation only for 128-bit cryptographic block ciphers. It combines the counter mode with the CBC- MAC authentication and uses the same encryption key for both modes.

ZigBee uses a slightly modified version of CCM called CCM*, which gives more flexibility than the standard CCM: CCM* enables to use either authentication or encryption, while both are always required in CCM.

IV. Integrity and Freshness of Data: There are several different security keys and methods used to ensure the integrity and freshness of data. The Message Integrity Code (MIC) can be used to make sure that the data has not been altered in transit (see Figure 3). ZigBee supports 16-, 32-, 64-, and 128-bit MIC lengths. The MIC is generated using the CCM* protocol.

Figure 3. Ensuring the integrity and freshness of data using MIC. [20, 26]

Key distributions in ZigBee-enabled devices can either be over-the-air transmission or by pre-installing them onto the devices, depending on the security level. [20] At high security level, the network key is always transmitted encrypted over-the-air and its distribution is secured using the master key. Thus, communicating devices can establish a trusted relationship between them.

However, at Standard Security level, the network key is transmitted unencrypted over-the-air, which is a serious vulnerability for the security of the ZigBee-enabled networks leading to the conclusion that the Standard Security level cannot be recommended for safety-critical systems.

There are various security threats against ZigBee-enabled systems, which can be exploited by attackers. In [20], the researchers proposed two practical attacks and carried out the latter one of them. The first attack is ZigBee End-Device (ZED) Sabotage attack and it is based on sabotaging the ZED by sending a special signal that makes it wake-up constantly until the battery runs out. This attack is possible because ZEDs, such as sensors and actuators, often run on battery and have low duty cycle (i.e., ratio of active radio time compared to the silent period). To save battery life, there is a predefined wake-up interval, which also opens new doors to practically perform successful Denial-of-Service (DoS) attacks. In a DoS attack, it is possible for an attacker to repeatedly jam the medium during both the Contention Access Period (CAP) and the Contention Free Period (CFP). In this way, the victim device can be put on endless retransmission loop, which may eventually reduce the battery life or completely exhaust the battery of victim device. [20, 27–28]

The second attack is ZigBee Network Key Sniffing attack that is based on exploiting the key exchange process in ZigBee when using the Standard Security level defined by the ZigBee specification in order to intercept the network key and use it for

(31)