Standardizing the evaluation framework for ECG-based authentication in IoT devices

IF 4.3 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computer Communications Pub Date : 2025-05-10 DOI:10.1016/j.comcom.2025.108201

Bonan Zhang , Lin Li , Chao Chen , Ickjai Lee , Kyungmi Lee , Kok-Leong Ong

{"title":"Standardizing the evaluation framework for ECG-based authentication in IoT devices","authors":"Bonan Zhang , Lin Li , Chao Chen , Ickjai Lee , Kyungmi Lee , Kok-Leong Ong","doi":"10.1016/j.comcom.2025.108201","DOIUrl":null,"url":null,"abstract":"<div><div>Devices on the Internet of Things (IoT) often have constrained resources and operate in diverse environments, making them vulnerable to unauthorized access and cyber threats. Electrocardiogram (ECG) signals have emerged as a promising biometric for authenticating users in such settings. However, current ECG-based authentication studies lack a standardized evaluation framework tailored to resource-limited IoT contexts and long-term usage, making it difficult to assess their practical reliability. In this paper, we introduce a new evaluation framework for ECG-based authentication on IoT devices and construct a standardized dataset to facilitate rigorous testing. We categorize performance metrics into four key dimensions: scalability, adaptability, efficiency, and cancelability. Using this framework, we evaluate four representative ECG authentication algorithms for IoT devices. The results show that these algorithms struggle to maintain consistent performance under cross-session authentication scenarios. These findings highlight the critical importance of addressing the temporal variability of ECG signals and the current gap in robust ECG-based authentication for IoT devices. We believe the proposed framework will guide future research toward more resilient and secure ECG authentication systems for the IoT.</div></div>","PeriodicalId":55224,"journal":{"name":"Computer Communications","volume":"240 ","pages":"Article 108201"},"PeriodicalIF":4.3000,"publicationDate":"2025-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Communications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0140366425001586","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Devices on the Internet of Things (IoT) often have constrained resources and operate in diverse environments, making them vulnerable to unauthorized access and cyber threats. Electrocardiogram (ECG) signals have emerged as a promising biometric for authenticating users in such settings. However, current ECG-based authentication studies lack a standardized evaluation framework tailored to resource-limited IoT contexts and long-term usage, making it difficult to assess their practical reliability. In this paper, we introduce a new evaluation framework for ECG-based authentication on IoT devices and construct a standardized dataset to facilitate rigorous testing. We categorize performance metrics into four key dimensions: scalability, adaptability, efficiency, and cancelability. Using this framework, we evaluate four representative ECG authentication algorithms for IoT devices. The results show that these algorithms struggle to maintain consistent performance under cross-session authentication scenarios. These findings highlight the critical importance of addressing the temporal variability of ECG signals and the current gap in robust ECG-based authentication for IoT devices. We believe the proposed framework will guide future research toward more resilient and secure ECG authentication systems for the IoT.

查看原文本刊更多论文

标准化物联网设备中基于ecg的认证评估框架

物联网（IoT）上的设备通常资源有限，并且在不同的环境中运行，这使得它们容易受到未经授权的访问和网络威胁。在这种情况下，心电图（ECG）信号已经成为一种很有前途的生物识别技术，用于验证用户的身份。然而，目前基于ecg的认证研究缺乏针对资源有限的物联网环境和长期使用量身定制的标准化评估框架，因此难以评估其实际可靠性。在本文中，我们引入了一种新的基于ecg的物联网设备认证评估框架，并构建了一个标准化的数据集，以方便严格的测试。我们将性能指标分为四个关键维度：可伸缩性、适应性、效率和可取消性。利用该框架，我们评估了物联网设备的四种代表性心电认证算法。结果表明，这些算法很难在跨会话身份验证场景下保持一致的性能。这些发现强调了解决心电信号的时间变异性的重要性，以及目前物联网设备基于心电的鲁棒认证的差距。我们相信，提出的框架将指导未来的研究朝着更有弹性和更安全的物联网心电认证系统发展。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Communications 工程技术-电信学

CiteScore

14.10

自引率

5.00%

发文量

397

审稿时长

66 days

期刊介绍： Computer and Communications networks are key infrastructures of the information society with high socio-economic value as they contribute to the correct operations of many critical services (from healthcare to finance and transportation). Internet is the core of today''s computer-communication infrastructures. This has transformed the Internet, from a robust network for data transfer between computers, to a global, content-rich, communication and information system where contents are increasingly generated by the users, and distributed according to human social relations. Next-generation network technologies, architectures and protocols are therefore required to overcome the limitations of the legacy Internet and add new capabilities and services. The future Internet should be ubiquitous, secure, resilient, and closer to human communication paradigms. Computer Communications is a peer-reviewed international journal that publishes high-quality scientific articles (both theory and practice) and survey papers covering all aspects of future computer communication networks (on all layers, except the physical layer), with a special attention to the evolution of the Internet architecture, protocols, services, and applications.