Fitness Trackers: Fit for Health but Unfit for Security and Privacy
| Title | Fitness Trackers: Fit for Health but Unfit for Security and Privacy |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Fereidooni, H., Frassetto, T., Miettinen, M., Sadeghi, A. R., Conti, M. |
| Conference Name | 2017 IEEE/ACM International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE) |
| Date Published | jul |
| Keywords | activity monitoring solutions, Activity/Health data, authenticity, cloud computing, cloud-based services, condition monitoring, confidentiality, customers, Data integration, data integrity, data privacy, Encryption, erroneous data analytics, fitness trackers, fitness tracking products, Health Care, health monitoring, Human Behavior, malicious user setting, Monitoring, privacy, Protocols, pubcrawl, resilience, Resiliency, Scalability, Security and Privacy, Servers, smart devices market, smart phones, target tracking, vital security analysis, wearable computers, wearable devices, wearables security |
| Abstract | Wearable devices for fitness tracking and health monitoring have gained considerable popularity and become one of the fastest growing smart devices market. More and more companies are offering integrated health and activity monitoring solutions for fitness trackers. Recently insurances are offering their customers better conditions for health and condition monitoring. However, the extensive sensitive information collected by tracking products and accessibility by third party service providers poses vital security and privacy challenges on the employed solutions. In this paper, we present our security analysis of a representative sample of current fitness tracking products on the market. In particular, we focus on malicious user setting that aims at injecting false data into the cloud-based services leading to erroneous data analytics. We show that none of these products can provide data integrity, authenticity and confidentiality. |
| URL | https://ieeexplore.ieee.org/document/8010569/ |
| DOI | 10.1109/CHASE.2017.54 |
| Citation Key | fereidooni_fitness_2017 |
- security and privacy
- malicious user setting
- Monitoring
- privacy
- Protocols
- pubcrawl
- resilience
- Resiliency
- Scalability
- Human behavior
- Servers
- smart devices market
- smart phones
- target tracking
- vital security analysis
- wearable computers
- Wearable devices
- wearables security
- data integrity
- Activity/Health data
- authenticity
- Cloud Computing
- cloud-based services
- condition monitoring
- confidentiality
- customers
- Data integration
- activity monitoring solutions
- data privacy
- encryption
- erroneous data analytics
- fitness trackers
- fitness tracking products
- health care
- health monitoring