Automated Security Assessment Framework for Wearable BLE-enabled Health Monitoring Devices

The growth of IoT technology, increasing prevalence of embedded devices, and advancements in biomedical technology have led to the emergence of numerous wearable health monitoring devices (WHMDs) in clinical settings and in the community. The majority of these devices are Bluetooth Low Energy (BLE) enabled. Though the advantages offered by BLE-enabled WHMDs in tracking, diagnosing, and intervening with patients are substantial, the risk of cyberattacks on these devices is likely to increase with device complexity and new communication protocols. Furthermore, vendors face risk and financial tradeoffs between speed to market and ensuring device security in all situations. Previous research has explored the security and privacy of such devices by manually testing popular BLE-enabled WHMDs in the market and generally discussed categories of possible attacks, while mostly focused on IP devices. In this work, we propose a new semi-automated framework that can be used to identify and discover both known and unknown vulnerabilities in WHMDs. To demonstrate its implementation, we validate it with a number of commercially available BLE-enabled enabled wearable devices. Our results show that the devices are vulnerable to a number of attacks, including eavesdropping, data manipulation, and denial of service attacks. The proposed framework could therefore be used to evaluate potential devices before adoption into a secure network or, ideally, during the design and implementation of new devices.

If habitat heterogeneity is effective for conservation of butterflies in urban landscapes of Delhi, India? Unethical publication based on data manipulation: Response of original authors

NA

S1: Step-by-step-guide using image J in the work flow. v1

How to use ImageJ in our 3D-workflow from data manipulation, import, segmentation and export as OBJ-file.

If habitat heterogeneity is effective for conservation of butterflies in urban landscapes of Delhi, India?’ Unethical publication based on data manipulation

NA

treedata.table: a wrapper for data.table that enables fast manipulation of large phylogenetic trees matched to data

The number of terminals in phylogenetic trees has significantly increased over the last decade. This trend reflects recent advances in next-generation sequencing, accessibility of public data repositories, and the increased use of phylogenies in many fields. Despite R being central to the analysis of phylogenetic data, manipulation of phylogenetic comparative datasets remains slow, complex, and poorly reproducible. Here, we describe the first R package extending the functionality and syntax of data.table to explicitly deal with phylogenetic comparative datasets. treedata.table significantly increases speed and reproducibility during the data manipulation steps involved in the phylogenetic comparative workflow in R. The latest release of treedata.table is currently available through CRAN (https://cran.r-project.org/web/packages/treedata.table/). Additional documentation can be accessed through rOpenSci (https://ropensci.github.io/treedata.table/).

Using genderize.io to infer the gender of first names: how to improve the accuracy of the inference

Objective: We recently showed that genderize.io is not a sufficiently powerful gender detection tool due to a large number of nonclassifications. In the present study, we aimed to assess whether the accuracy of inference by genderize.io can be improved by manipulating the first names in the database.Methods: We used a database containing the first names, surnames, and gender of 6,131 physicians practicing in a multicultural country (Switzerland). We uploaded the original CSV file (file #1), the file obtained after removing all diacritic marks, such as accents and cedilla (file #2), and the file obtained after removing all diacritic marks and retaining only the first term of the compound first names (file #3). For each file, we computed three performance metrics: proportion of misclassifications (errorCodedWithoutNA), proportion of nonclassifications (naCoded), and proportion of misclassifications and nonclassifications (errorCoded).Results: naCoded, which was high for file #1 (16.4%), was reduced after data manipulation (file #2: 11.7%, file #3: 0.4%). As the increase in the number of misclassifications was small, the overall performance of genderize.io (i.e., errorCoded) improved, especially for file #3 (file #1: 17.7%, file #2: 13.0%, and file #3: 2.3%).Conclusions: A relatively simple manipulation of the data improved the accuracy of gender inference by genderize.io. We recommend using genderize.io only with files that were modified in this way.

An Improved PMU Data Manipulation Attack Model

The importance of Phasor Manipulation Unit (PMU) in the smart grid makes it a target for attackers who can create PMU Data Manipulation Attacks (PDMA) by adding a small constant to change the magnitude and angle of the voltage and current captured by the PMU. To prevent the attack result from being detected by PDMA detection based on the properties of equivalent impedance, this paper proposes a collaborative step attack. In this attack, the equivalent impedance’s value on the end of the transmission line is equal whether before or after been attack, which is taken as the constraint condition. The objective function of it is to minimize the number of the elements which is not 0 in attack vector but this number is not 0. Turn a vector construction problem into an optimization problem by building objective functions and constraints and then we use the Alternating Direction Method of Multipliers (ADMM) and Convex Relaxation (CR) to solve. The experiment verifies the feasibility of using the CR-ADMM algorithm to construct attack vectors from two aspects of attack vector construction time and vector sparsity. Further, it uses the constructed attack vectors to carry out attacks on PMU. The experimental results show that the measurement value of PMU will change after the attack, but the equivalent impedance value at both ends of the transmission line remains the same. The attack vector successfully bypasses the PDMA detection method based on the property of equivalent impedance and the attack model constructed based on this method was more covert than the original model.

Has Third-Party Monitoring Improved Water Pollution Data Quality? Evidence from National Surface Water Assessment Sections in China

In China, the central government assesses local governments based on data monitored and reported by local agencies, and the accuracy of local statistics has been controversial. In order to further guarantee the authenticity and reliability of surface water monitoring data, the central government will gradually withdraw the local monitoring powers of the national surface water assessment section and implement third-party monitoring to achieve “national assessment and national monitoring.” This paper is based on the time-point water data of important national water quality automatic monitoring stations from 2015 to 2020, using the McCrary (2008) density test to infer possible data manipulation phenomena, and analyze whether third-party monitoring has improved the accuracy of China’s environmental data. The results of the study show that between 2015 and 2020, the observed 81 monitoring sites had varying degrees of data discontinuity. The discontinuity of the data after third-party monitoring was reduced in dissolved oxygen (DO) measurement, an important indicator in the assessment, implying that third-party monitoring has improved the quality of water environment data and the accuracy of the data. The research in this article provides a reference for third-party participation in environmental governance and proves that the participation of these organizations can reduce data manipulation behaviors of local governments and ensure the effectiveness of environmental data.