Securing the Internet-of-Hackable-Things
Örebro University, Örebro, Sweden
Security, Privacy, Internet of Things, Pervasive Healthcare
Recently formed Machine Perception and Interaction (MPI) Lab at the Center for Applied Autonomous Sensor Systems (AASS)
We are offering a fully funded 4 years PhD position at Örebro university, Sweden, starting November 2016 or January 2017.
Örebro University is a modern and prominent broad-based university with the courage to review and the ability to evolve. Our professional degree programmes are among the best in the country and we endeavour to be an attractive place of work where members of staff feel a sense of pride and satisfaction. 1,200 employees and 17,000 students come to work and study at Örebro University.
The research project will target the problem of securing the Internet-of-Things, with focus on the pervasive healthcare domain (see, for instance, the [email protected] project: http://ecareathome.se). Potential applications and use cases will be in the context of smart environments for monitoring elders and patients, that is homes of connected electronic devices (things), such as sensors and actuators, linked to the Internet to form smart sensor networks monitoring several parameters of elders and patients.
The PhD student will work in the Machine Perception and Interaction (MPI) Lab at the Center for Applied Autonomous Sensor Systems (AASS). The PhD project will be jointly supervised by Prof. Nicola Dragoni and Prof. Amy Loutfi.
See below for further details on the research project.
Conditions for Application
The candidate must hold a Master degree in computer science / computer engineering or an equivalent degree. Background on security and/or Internet-of-Things systems is considered a plus.
How to Apply
Submit the following material to Prof. Nicola Dragoni ([email protected]):
- Detailed CV, including attended courses with related grades
- Letter of motivation
- (Optional) Recommendation Letters
Prof. Nicola Dragoni: nicola[email protected]
Prof. Amy Loutfi: [email protected]
PhD Project Description
The ongoing tsunami of Internet-of Things (IoT) and mobile applications for healthcare is giving hackers an easy way to burrow deeper into our lives as never before. In February 2015, 78.8 million of Anthem  customers were hacked. This has been the largest healthcare breach so far, and it opened the floodgates on a landmark year. According to the Office of Civil Rights under Health and Human Services , more than 113 million medical records were compromised in 2015. This security disaster was further validated by Gemalto, whose report on data breach world-wide for the first half of 2015  showed that the healthcare industry is taking the lead with 84.4 million total records lost. As the IoT ofcontinues to grow to an estimated 50 billion of connected devices by 2020, Internet-enabled systems will become increasingly attractive targets for cyber attacks. If we know that virtually everything can and will be connected to the Internet, we have to recognise its corollary s!
tatement: everything that can be connected to the Internet can be hacked too. Thus, as people are making more and more information about themselves available online, by means of any kind of device connected to the Internet, there's going to be more and more data available for cybercriminals to steal and exploit.
This security and privacy disaster becomes even more serious when applied to IoT systems for monitoring elderly people or patients in their home. WHO putredicts that the proportion of people aged 65+ in Europe will almost double from 2010 to 2050. Simultaneously, those aged 85+ will rise from 14 million to 40 million while the total population size will remain consistent. With the development of new technologies such as mobile systems, embedded/wearable systems and wireless sensor networks, monitoring systems for healthcare are going to be more and more common . The rationale behind these systems is that elderly patients require systematic and continuous monitoring in order to promptly detect anomalous changes in their condition. Generally speaking, several wireless communication devices are employed and combined with medical sensors, to monitor elders from various points of view and according to different health parameters.
Surprisingly, although the huge amount of sensitive data these systems deal with and expose to the external world, security and privacy issues are not sufficiently taken into consideration. Medical devices, especially those vulnerable to life-threatening hacks like cardiac defibrillators and pacemakers and insulin pumps, have been proved to be little resilient or not resilient at all to cybersecurity attacks. The serious implication is that a hacker can have full control of our IoT devices, thus having control of our own life.
The objective of the PhD project is to investigate and tackle the above challenge by designing and implementing a security solution for IoT systems. The PhD project may include participation in summer/winter schools on IoT and/or security related topics, and it is expected to be done in an international context in collaboration with both academic and industrial partners.
 Gemalto, First Half Review 2015, http://www.gemalto.com/brochures-site/download-site/Documents/Gemalto_H1_2015_BLI_Report.pdf [May 2015]
 A. Pantelopoulos and N. G. Bourbakis. A Survey on Wearable Sensor-Based Systems for Health Monitoring and Prognosis. IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews), 40(1):1-12, 2010.
Fully-Funded PhD Scholarship on Security for the Internet-of-Things, Örebro, Sweden