David Kotz is the International Paper Professor in the Department of Computer Science and, presently, Visiting Professor in the Center for Digital Health Interventions at ETH Zurich. He previously served as Interim Provost, as Associate Dean of the Faculty for the Sciences, as the Executive Director of the Institute for Security Technology Studies, and on the US Healthcare IT Policy Committee. His research interests include security and privacy, pervasive computing for healthcare, and wireless networks. He has published over 200 refereed papers, obtained over $67m in grant funding, and mentored nearly 100 research students. He is a Fellow of the IEEE, a Distinguished Member of the ACM, a 2008 Fulbright Fellow to India, and an elected member of Phi Beta Kappa.
After receiving his A.B. in Computer Science and Physics from Dartmouth in 1986, he completed his Ph.D in Computer Science from Duke University in 1991 and returned to Dartmouth to join the faculty. For more information see http://www.cs.dartmouth.edu/~dfk/.
THaW researchers recently presented a new paper at the Workshop on Decentralized IoT Systems and Security (DISS). [PDF]
Abstract: Medical Body Area Networks (MBAN) are created when Wireless Sensor Nodes (WSN) are either embedded into the patient’s body or strapped onto it. MBANs are used to monitor the health of patients in real-time in their homes. Many cyber protection mechanisms exist for the infrastructure that interfaces with MBANs; however, not many effective cyber security mechanisms exist for MBANs. We introduce a low-overhead security mechanism for MBANs based on having nodes infer anomalous power dissipation in their neighbors to detect compromised nodes. Nodes will infer anomalous power dissipation in their neighbors by detecting a change in their packet send rate. After two consecutive violations, the node will “Tattle” on its neighbor to the gateway, which will alert the Telemedicine administrator and notify all other nodes to ignore the compromised node.
This one-hour talk by David Kotz was presented at ARM Research in Austin, TX at the end of January 2019. The first half covers some recent THaW research about Wanda and SNAP and the second half lays out some security challenges in the Internet of Things. Watch the video below.
Abstract: The homes, offices, and vehicles of tomorrow will be embedded with numerous “Smart Things,” networked with each other and with the Internet. Many of these Things interact with their environment, with other devices, and with human users – and yet most of their communications occur invisibly via wireless networks.How can users express their intent about which devices should communicate – especially in situations when those devices have never encountered each other before? We present our work exploring novel combinations of physical proximity and user interaction to ensure user intent in establishing and securing device interactions.
What happens when an occupant moves out or transfers ownership of her Smart Environment?How does an occupant identify and decommission all the Things in an environment before she moves out?How does a new occupant discover, identify, validate, and configure all the Things in the environment he adopts?When a person moves from smart home to smart office to smart hotel, how is a new environment vetted for safety and security, how are personal settings migrated, and how are they securely deleted on departure?When the original vendor of a Thing (or the service behind it) disappears, how can that Thing (and its data, and its configuration) be transferred to a new service provider?What interface can enable lay people to manage these complex challenges, and be assured of their privacy, security, and safety? We present a list of key research questions to address these important challenges.
Juhee Kwon and Eric Johnson recently published an article aimed at the question Does “meaningful-use” attestation improve information security performance?
Certification mechanisms are often employed to assess and signal difficult-to-observe management practices and foster improvement. In the U.S. healthcare sector, a certification mechanism called meaningful-use attestation was recently adopted as part of an effort to encourage electronic health record (EHR) adoption while also focusing healthcare providers on protecting sensitive healthcare data. This new regime motivated us to examine how meaningful-use attestation influences the occurrence of data breaches. Using a propensity score matching technique combined with a difference-in-differences (DID) approach, our study shows that the impact of meaningful-use attestation is contingent on the nature of data breaches and the time frame. Hospitals that attest to having reached Stage 1 meaningful-use standards observe fewer external breaches in the short term, but do not see continued improvement in the following year. On the other hand, attesting hospitals observe short-term increases in accidental internal breaches but eventually see long-term reductions. We do not find any link between malicious internal breaches and attestation. Our findings offer theoretical and practical insights into the effective design of certification mechanisms.
THaW’s A.J. Burns and Eric Johnson recently published a piece in IT Professional:
ABSTRACT: Cyberthreats create unique risks for organizations and individuals, especially regarding breaches of personally identifiable information (PII). However, relatively little research has examined hackings distinct impact on privacy. The authors analyze cyber breaches of PII and found that they are significantly larger compared to other breaches, showing that past breaches are useful for predicting future breaches.
Scott Breece, VP and CISO of Community Health Systems, discusses the rising security threat in healthcare with M. Eric Johnson, Dean of Vanderbilt University’s Owen Graduate School of Management. Scott highlights how health IT is transforming healthcare, improving the patient experience and outcomes. However, digitization of healthcare data also creates new risks for the healthcare system. Scott discusses how Community Health Systems is staying ahead of those threats and securing patient data. This video was partially supported by the THaW project, which is co-led by Eric Johnson.
Tim Pierson’s dissertation work resulted in an innovative method for single-antenna Wi-Fi devices (like many mHealth devices, medical devices, or those in the IoT) to determine with strong confidence whether a Wi-Fi transmitter is close by (within a few centimeters). This proximity detector can be the basis for trustworthy relationships between devices. A poster paper about this idea just won the best-poster award at MobiCom 2018, and the full paper was just accepted for presentation at MobiCom 2019. See below for the abstract, or check out the corresponding three-page paper.
Authentication has become an integral part of computer usage, but it still remains an interruptive step in people’s workflow. To authenticate to a computer, depending on the authentication method, users must exert mental effort (e.g., recall their password) and/or physical effort (e.g., type their password). These factors increase the cost of context switch for users – cost of switching attention from a primary task to the authentication step and back to the task – disrupting users’ workflow. Clinical staff have often told us they are frustrated by the need to repeatedly log into their clinical desktop computers – sometimes hundreds of times in a day.
In this paper, presented by David Kotz at Ubicomp’18 in Singapore, we propose Seamless Authentication using Wristbands (SAW). SAW is an authentication method designed to address this shortcoming of proximity-based authentication methods, and we do so by adding a quick low-effort user input step that explicitly captures user intentionality for authentication. In SAW, the user’s wristband (e.g., fitness tracker, smartwatch) acts as the user’s authentication token. Read more below, and in the paper.
THaW welcomes Professor Kevin Kornegayand his students from Morgan State University in Baltimore MD. Kevin’s lab brings deep expertise in Medical IoT device security assessment, profiling, and hardening to an exploration of voice-based assistants.
Voice-assisted IoT devices such as Alexa, Siri, and Google Assistant are gaining use as portals for medical services. However, the potential safety and security issues they pose are not well understood by patients and consumers. In this collaboration, we will investigate some of the potential security issues of these devices using reverse engineering techniques to expose the vulnerabilities and propose recommendations for secure usage.
At the Joint Conference on Pervasive and Ubiquitous Computing conference, Ubicomp, David Kotz presented THaW’s work to develop a novel biometric approach to identifying and verifying who is wearing a device – an important consideration for a medical device that may be collecting diagnostic information that is fed into an electronic health record. Their novel approach is to use vocal resonance, i.e., the sound of your voice as it passes through bones and tissues, for a device to recognize its wearer and verify that it is physically in contact with the wearer… not just nearby. They implemented the method on a wearable-class computing device and showed high accuracy and low energy consumption.
Rui Liu, Cory Cornelius, Reza Rawassizadeh, Ron Peterson, and David Kotz. Vocal Resonance: Using Internal Body Voice for Wearable Authentication. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies (IMWUT) (UbiComp), 2(1), March 2018. DOI 10.1145/3191751.
Abstract: We observe the advent of body-area networks of pervasive wearable devices, whether for health monitoring, personal assistance, entertainment, or home automation. For many devices, it is critical to identify the wearer, allowing sensor data to be properly labeled or personalized behavior to be properly achieved. In this paper we propose the use of vocal resonance, that is, the sound of the person’s voice as it travels through the person’s body – a method we anticipate would be suitable for devices worn on the head, neck, or chest. In this regard, we go well beyond the simple challenge of speaker recognition: we want to know who is wearing the device. We explore two machine-learning approaches that analyze voice samples from a small throat-mounted microphone and allow the device to determine whether (a) the speaker is indeed the expected person, and (b) the microphone-enabled device is physically on the speaker’s body. We collected data from 29 subjects, demonstrate the feasibility of a prototype, and show that our DNN method achieved balanced accuracy 0.914 for identification and 0.961 for verification by using an LSTM-based deep-learning model, while our efficient GMM method achieved balanced accuracy 0.875 for identification and 0.942 for verification.
Professor David Kotz attended the NSF INCLUDES Summit on Broadening Participation and presented a poster about THaW engagement and broadening participation activities. The workshop was a great opportunity to share ideas and to learn from the best practices of others.