Abstract
Wearable technology has become a subject of research and analysis. However, the importance of the information carried across these devices incentivizes malicious individuals to look for ways to attack them and intercept such information for various illicit purposes, it makes information security a major concern for users and manufacturers. The purpose of this research is to analyze wearable devices security through different parameters centered on two different models found after a thorough research based on scientific articles, where the authors demonstrate their importance and effectiveness in the analysis of computer security. The first model selected was the DREAD model, which analyzes the Damage, Reproducibility, Exploitability, Affectability, and Discoverability of each attack examined. The second model chosen is the STRIDE model, this one allows to classify attacks within the main categories of threats, which are: denial of services, elevation of privileges, repudiation, among others. The analysis performed shows the injection of code attack as the one that represents a higher level of risk for wearable devices. On the other hand, the threat of information disclosure ends up being to which these devices are most susceptible because it houses the most attacks analyzed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ching, K., Singh, M.: Wearable technology devices security and privacy vulnerability analysis. Int. J. Netw. Secur. Its Appl. (IJNSA) 8(3), 19–30 (2016)
HP. http://www8.hp.com/us/en/hp-news/pressrelease.html?id=2037386#.Vi18G7crLIU. Accessed 03 July (2020)
Tseng, T., Wu, C., Lai, F.: Threat analysis for wearable health devices and environment monitoring internet of things integration system. IEEE Access 7, 144983–144994 (2019)
Andalusian Society of Intensive Medicine and Coronary Units. http://www.samiuc.es/estadisticas-variables-binarias/medidas-de-concordancia/kappa-de-cohen/#:~:text=Kappa%20de%20Cohen%20(%CE%BA),que%20podr%C3%ADaocurrir%20por%20mero%20azar.&text=Si%20K%20es%20cero%2C%20ello,que%20ocurrir%C3%ADa%20por%20puro%20azar
Lotfy, K., Hale, M.L.: Assessing pairing and data exchange mechanism security in the wearable internet of things. In: 2016 IEEE International Conference on Mobile Services (2016)
Farooq, M., Waseem, M., Khairi, A., Mazhar, S.: A critical analysis on the security concerns of Internet of Things (IoT). Int. J. Comput. Appl. 111, 1–6 (2016). https://doi.org/10.5120/19547-1280
Zhu, B., Joseph, A., Sastry, S.: A taxonomy of cyber attacks on SCADA systems. In: International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing, vol. 2011, pp. 380–388 (2011)
Nan, Y., Yang, M., Yang, Z., Zhou, S., Gu, G., Wang, X.: UIPicker: user-input privacy identification in mobile applications. In: USENIX Security Symposium, pp. 993–1008 (2015)
Simmons, C., Ellis, C., Shiva, S., Dasgupta, D., Wu, Q.: AVOIDIT: a cyber-attack taxonomy (2009)
Gruschka, N., Jensen, M.: Attack surfaces: a taxonomy for attacks on cloud services. In: IEEE 3rd International Conference on Cloud Computing (CLOUD), pp. 276–279 (2010). https://doi.org/10.1109/CLOUD.2010.23
Padhy, R., Patra, M., Satapathy, S.: Cloud computing: security issues and research challenges. Int. J. Comput. Sci. Inform. Technol. Secur. (IJCSITS) 1(2), 136–146 (2011)
Jensen, M., Schwenk, J., Gruschka, N., Iacono, L.L.: On technical security issues in cloud computing. In: IEEE International Conference on Cloud Computing, pp. 109–116 (2009)
Zhang, Q., Wang, X.: SQL injections through back-end of RFID system. In: International Symposium on Computer Network and Multimedia Technology, pp. 1–4 (2009)
Dorai, R., Kannan, V.: SQL injection—database attack revolution and prevention. J. Int.’l Com. L. Tech. 6(4), 224 (2011)
Hassan, S.S., Bibon, S.D., Hossain, M.S., Atiquzzaman, M.: Security threats in Bluetooth technology. Comput. Secur. 74, 308–322 (2017)
Network. International Journal of Computer Applications, vol. 40, no. 15, pp. 19–25 (2012). https://doi.org/10.5120/5056-7374
Boyle, R.J., Panko, R.R.: Corporate Computer Security. Prentice Hall Press, Essex (2014)
European Parliament. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv%3AOJ.L_.2016.119.01.0089.01.ENG&toc=OJ%3AL%3A2016%3A119%3ATOC. Accessed 03 July (2020)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Brichetto, A., Criollo-C, S., Jaramillo-Alcázar, Á., Luján-Mora, S. (2021). Wearable Devices Information Security: An Overview. In: Botto-Tobar, M., Cruz, H., Díaz Cadena, A. (eds) Artificial Intelligence, Computer and Software Engineering Advances. CIT 2020. Advances in Intelligent Systems and Computing, vol 1326. Springer, Cham. https://doi.org/10.1007/978-3-030-68080-0_24
Download citation
DOI: https://doi.org/10.1007/978-3-030-68080-0_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-68079-4
Online ISBN: 978-3-030-68080-0
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)