报告题目：Voiceprint-based Access Control for Wireless Insulin Pump Systems

报告人：杜小江 教授, 美国天普大学

报告时间：10:30-11:30, 2018年10月8日

报告地点：长安校区 文津楼三段622报告厅

主办单位：信息安全团队

报告摘要：Insulin pumps have been widely used by patients with diabetes. Insulin pump systems adopt wireless channel with few cryptographic mechanisms, which makes them vulnerable to many attacks. In this paper, we focus on the wireless channel between Carelink USB and insulin pump on which the attackers can launch message eavesdropping and/or therapy manipulation attacks, which may put the patient in a life-threatening situation. Some prior solutions such as certificate-based or tokenbased schemes need either complicated key management or additional devices. We propose a novel voiceprint-based access control scheme comprising anti-replay speaker verification and voiceprint-based key agreement to secure the channel between the Carelink USB and insulin pump. Our scheme does not need permanent key sharing or additional devices. The anti-replay speaker verification adopts cascaded fusion of speaker verification and anti-replay countermeasure to ensure the insulin pump can be accessed by Carelink USB only after the legitimate user passes the identity verification. The evaluation on ASVspoof 2017 datasets shows that our scheme achieves a 4.02% Equal Error Rate (EER) with the existence of replay impostors. Besides, our scheme uses energy-difference-based voiceprint extraction and secure multi-party computing to generate a common cryptography (temporary) key between the Carelink USB and insulin pump, which can be used to encrypt the subsequent communication, and protect the insulin pump from eavesdropping and therapy manipulation attacks. By appropriately setting the similarity threshold of voiceprints, our key agreement scheme allows the insulin pump to establish a secure channel only with the device in its close proximity.

报告人简介：杜小江现任美国天普大学（Temple University ）计算机系的终身教授。他于1996年和1998年分别从清华大学获得学士和硕士学位，2002年和2003年分别从美国马里兰大学获得电子工程硕士和博士学位。杜博士的研究方向主要包括无线系统安全、物联网安全、计算机网络安全、和无线网络与通信等。无线系统安全、计算机通信和在异构传感器网络等方面做出了开创性的研究。杜博士在Springer出版专著一本. 目前已在国际顶级期刊和会议上发表论文300多篇，其中SCI收录100余篇和EI收录300余篇，其中三篇文章获得了国际会议的最佳论文奖。是三个国际期刊的编委，多次担任过IEEE/ACM国际会议的主席，并多次在国际学术会议作特邀报告。多次参加美国科学基金会的科研项目书评审会。杜博士已经主持了18项美国政府的科研项目，获得的科研经费超过6百万美元，其中9项是由美国国家科学基金会资助，3项是由美国陆军研究局资助, 2项是由美国空军研究局资助。 杜博士目前是IEEE高级会员（Senior Member），以及ACM终身会员(Life Member)。