Eric Johnson Comments On The Roles Of Security Executives

THaW member Eric Johnson recently published an article at the website Third Certainty about how Security Executives can best achieve their goals. In the article, he delves into approaches executives can take, and how they can achieve optimal leadership. To read more, click through below.

Eric Johnson – Security executives must lead through influence rather than control

WearSys papers, MobiSys posters

THaW researchers are showing off some cool research at this week’s MobiSys conference in Niagara Falls, with three papers at MobiSys workshops and a poster in the poster session.

  • Aarathi Prasad and David Kotz. ENACT: Encounter-based Architecture for Contact Tracing. In ACM Workshop on Physical Analytics (WPA), pages 37-42, June 2017. ACM Press. DOI 10.1145/3092305.3092310.
  • Rui Liu, Reza Rawassizadeh, and David Kotz. Toward Accurate and Efficient Feature Selection for Speaker Recognition on Wearables. InProceedings of the ACM Workshop on Wearable Systems and Applications (WearSys), pages 41-46, 2017. ACM Press. DOI 10.1145/3089351.3089352.
  • Rui Liu, Cory Cornelius, Reza Rawassizadeh, Ron Peterson, and David Kotz. Poster: Vocal Resonance as a Passive Biometric. In Proceedings of the ACM International Conference on Mobile Systems, Applications, and Services (MobiSys), pages 160, 2017. ACM Press. DOI 10.1145/3081333.3089304.
  • Xiaohui Liang and David Kotz. AuthoRing: Wearable User-presence Authentication. In Proceedings of the ACM Workshop on Wearable Systems and Applications (WearSys), pages 5-10, 2017. ACM Press. DOI 10.1145/3089351.3089357.

Kevin Fu Discusses The Challenges of Ransomware

THaW researcher Kevin Fu recently joined his colleague Harold Thimbleby to discuss the challenges and obstacles created by ransomware. Read their comprehensive assessment of the problem, as well as possible solutions, at the link below.

HealthcareITNews — Ransomware:
 How we can climb out of this mess

THaW Project LightTouch Selected For INFOCOM

THaW Researchers Xiaohui Liang, Tianlong Yun, Ronald Peterson, and David Kotz have been researching new methods for connecting wearables to external screens. Their paper, LightTouch: Securely Connecting Wearables to Ambient Displays with User Intent, has been accepted to INFOCOM 2017. In it, they explore a security system that uses a screen’s brightness level to ensure secure connection between screen and device. Moreover, they also address additional screen-based counter measures that can be taken to further secure the protocol. For more information and to read the paper, click the link below.


Eric Johnson Talks with Charles Lebo: Healthcare Data Security

THaW contributor Eric Johnson’s conversations from the CISO conference continued with VP and CISO of Kindred Healthcare, Charles Lebo. The two had a conversation to discuss some of the emerging challenges of healthcare security. The topics ranged from the scope of large healthcare datasets, to the emergence of ransomware and maintaining data security.

Click here, or play the embedded video above, to hear the discussion in full.

New York Times Features THaW Research Into Acoustic Device Hacking


THaW researcher Kevin Fu’s work on acoustic device hacking has recently been featured in the New York Times. The article discusses the team’s work on using acoustic signals to fool sensors in mobile device, and create the potential for security violations. For more information beyond the article, click here for a quick video, or read the complete paper below.

WALNUT: Waging Doubt on the Integrity of MEMS Accelerometers with Acoustic Injection Attacks

Interactive Map Of US Healthcare Breaches

interactive map
The Health Information Technology for Economic and Clinical Health (HITECH) Act requires health care providers and health plans that experienced a data breach of unsecured protected health information affecting more than 500 persons to notify the U.S. Department of Health and Human Services (HHS). HHS maintains a public database of the reported breaches submitted from October 2009 to the present. THaW researchers recently constructed an interactive map to visualize the HHS database of health data breaches.

CENTURION Explores New Methods In Crowd-Sourced Data Collection

THaW researchers Haiming Jin and Klara Nahrstedt of UIUIC, in collaboration with Lu Su of SUNY Buffalo, recently had a paper accepted to IEEE INFOCOM 2017. Entitled CENTURION, the research explores the incentivization of participants in crowd sourced data collection. Notably, CENTURION rethinks the existing model of crowd sourced data collection (one consumer, one set of incentives), and instead takes the novel approach of applying a double auction model with multiple consumers and multiple incentives. The result is a system that can guarantee non-negative social welfare impact, among other benefits. To explore CENTURION further, click below.