NYIT receives grant for smartphone security research
Paolo Gasti, Ph.D., assistant professor of Computer Science at NYIT, and a team of researchers have been awarded nearly $300,000 from the National Science Foundation (NSF) for a research project entitled "Towards Energy-Efficient Privacy-Preserving Active Authentication of Smartphone Users." Gasti is a principal investigator for this project, along with Kiran Balagani, Ph.D., assistant professor of Computer Science at NYIT; Gang Zhou, Ph.D., associate professor of Computer Science, The College of William & Mary; and graduate and undergraduate students from NYIT's School of Engineering and Computing Sciences.
The team will research secure ways to authenticate user identity that do not utilize a great deal of power that would quickly deplete the smartphone's battery. According to Gasti, the research will focus on making privacy-preserving active authentication practical on smartphones, from both energy and device performance perspectives.
"The primary goal of our research is to investigate new techniques to significantly reduce the energy cost of privacy-preserving protocols for active, or continuous, authentication of smartphone users," said Gasti. "Our research focus is in sharp contrast with existing techniques and protocols, which have been largely agnostic to energy consumption patterns and to the user's possession of the smartphone post-authentication. The outcome of this project is a suite of new techniques and protocols that enable secure energy-efficient continuous authentication of smartphone users."
"This project is more proof of NYIT's leadership in the area of cybersecurity. The scientific merit is in the authentication of smart phones through the collection of behavioral biometric information in a sustainable, energy-efficient manner. The research will also have other applications, especially in the design of medical devices and body sensor networks," said Nada Marie Anid, Ph.D., dean, NYIT School of Engineering and Computing Sciences.
Secure ways to verify the identity of smartphone users include behaviors and traits unique to the user, such as touchscreen interaction, hand movements, gait, voice, and phone location. However, these techniques can raise significant privacy and security concerns since such behaviors represent personal identifiable data and can expose information such as user activity, health, and location. And, because smartphones can easily be lost or stolen, all sensitive behavioral information collected and processed on them needs to be protected.
As such, the research project also will focus on novel techniques for securely offloading data related to active authentication from the smartphone to the cloud or other outsourcing party, further reducing the energy burden on the battery.
The research is positioned to pave the way for widespread adoption of active authentication technologies by making them secure and private, as well as energy efficient. Health care-oriented body sensor networks are currently smartphone-centered, so the research is expected to also provide tangible benefits to the health care community. For example, current research prototypes of body sensor networks rely on smartphones to aggregate data from various body sensors, including heart rate sensors and step sensors, and possibly to control medical devices such as an insulin pump. "Guarantees on security and privacy of the authentication pipeline will allow end-users to trust and use active authentication technologies," Gasti added.
To help disseminate the research results following the project's conclusion in September 2018, the principal investigators will develop a new graduate course at NYIT, and integrate research outcomes into existing graduate courses at both NYIT and William & Mary.