Author Archives: David Kotz

Unknown's avatar

About David Kotz

David Kotz is the Provost, the Pat and John Rosenwald Professor in the Department of Computer Science, and the Director of Emerging Technologies and Data Analytics in the Center for Technology and Behavioral Health, all at Dartmouth College. He previously served as Associate Dean of the Faculty for the Sciences and as the Executive Director of the Institute for Security Technology Studies. His research interests include security and privacy in smart homes, pervasive computing for healthcare, and wireless networks. He has published over 240 refereed papers, obtained $89m in grant funding, and mentored nearly 100 research students. He is an ACM Fellow, an IEEE Fellow, a 2008 Fulbright Fellow to India, a 2019 Visiting Professor at ETH Zürich, and an elected member of Phi Beta Kappa. He received his AB in Computer Science and Physics from Dartmouth in 1986, and his PhD in Computer Science from Duke University in 1991.

DHS to investigate medical device security

Posted on by
Reply

The Department of Homeland Security (specifically the agency’s Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT) is starting to investigate cyber-security vulnerabilities in medical devices, according to recent news reports.

THaW co-PI Kevin Fu commented on the story: “It’s very easy to sort of sensationalize these problems,” said Kevin Fu, who runs the Archimedes Research Center for Medical Device Security at the University of Michigan.

THaW’s Kevin Fu and Darren Lacey were both key players in this week’s FDA workshop “Collaborative Approaches for Medical Device and Healthcare Cybersecurity”.

THaW leads panel at Grace Hopper Conference

Posted on by
Reply

Two THaW researchers led a panel on designing mobile and wearable devices for health and wellness at the Grace Hopper Conference in Phoenix, Arizona on October 10th, 2014. The panel was co-hosted by Dr. Klara Nahrstedt (THaW Co-PI and Professor of Computer Science at UIUC), and Aarathi Prasad (Ph.D. Candidate at Dartmouth College). Panelists included Ruzena Bajcsy (Professor of EECS at UC Berkeley), Jung Ook Hong (research scientist at Fitbit), and Janet Campbell (product lead at Epic). The panel discussed issues related to usability, security, and privacy that mobile and wearable health and wellness application developers should be aware of. Jung discussed the effect that data presentation has on user’s behavior; for example, users are more likely to take 10,000 steps than 8,000 steps because they receive an encouraging message to take a few more steps to cross the daily 10,000 step-count goal. Ruzena talked about the challenges faced by elderly users of mHealth technologies, such as small fonts and complicated buttons on a device. Klara presented the security and privacy issues that arise when people use mobile and wearable health and wellness devices and discussed the different THaW projects briefly. Finally, Janet talked about the issues of sending data to an EHR, such as identifying the patient whose data is in the EHR.

photo of 5 panelists

Jung Ook Hong, Klara Nahrstedt, Ruzena Bajcsy, Janet Campbell, Aarathi Prasad

 

ZEBRA press

Posted on by
Reply

THaW’s article about Zero-Effort Bilateral Recurring Authentication (ZEBRA) triggered a lot of press coverage: such as Communications of the ACM (CACM)VICE Motherboard, Dartmouth NowGizmagThe Register UKPlanet Biometrics*, Computer Business Review*,  Fierce Health ITDaily Science NewsSenior Tech Insider, Motherboard, Homeland Security Newswire, and NFC World. They’re all intrigued by ZEBRA’s ability to continuously authenticate the user of a desktop terminal and to log them out if they leave or if someone else steps in to use the keyboard. Some(*) mistakenly believe our ZEBRA method uses biometrics; quite the contrary, ZEBRA is designed to be user-agnostic and thus requires no per-user training period. (ZEBRA correlates the bracelet wearer’s movements with the keyboard and mouse movements, not with a prior model of the wearer’s movements as do methods built on behavioral biometrics.)  ZEBRA could be combined with a biometric authentication of the wearer to the bracelet, and can be combined with other methods of initial authentication of wearer to system (such as username/password, or fingerprints) making it an extremely versatile tool that adds strength to existing approaches. The Dartmouth THaW team continues to refine ZEBRA. [Note: since the time this paper was published we have learned of a relevant trademark on the name “Zebra”. Thus, we have renamed our approach “BRACE” and will use that name in future publications.]

photo of Shimmer device on a wrist, wherein the hand is using a mouse and the other hand is using a keyboard

Our experiments used the Shimmer research device, though in principle it could work with any fitness band.

THaW annual meeting

Posted on by
Reply

Our team held its annual in-person meeting, this year on the edge of the Green on the beautiful campus of Dartmouth College. Two days of enriching technical talks about work in progress, brainstorming sessions about upcoming programs, and valued feedback from our NSF program officers… plus opportunities for our five-university group to build connections and collaborative bonds. A few hardy souls hiked to the top of nearby Mount Cardigan the morning after the meeting, in a stiff breeze that reminded us all Fall is approaching.

Group photo at the Dartmouth meeting, September 2014

Group photo at the Dartmouth meeting, September 2014

THaW hikers atop Mount Cardigan on a blustery NH day (AJ, Carl, Shrirang, David, Faraz).

THaW hikers atop Mount Cardigan on a blustery NH day (AJ, Carl, Shrirang, David, Faraz).

Jenna Wiens joins THaW team

Posted on by
Reply

Jenna Wiens is an Assistant Professor in EECS at the University of Michigan. In the fall of 2014, she joined the CSE division after completing her PhD at MIT.

Professor Wiens primary research interests lie at the intersection of machine learning and medicine. She especially enjoys solving the technical challenges that arise when considering the practical application of machine learning in clinical settings. Currently, she is focused on developing accurate patient risk stratification approaches that leverage data across time and space, with the ultimate goal of reducing the rate of healthcare-associated infections among patients admitted to hospitals in the US.

Privacy and Security in the Genomic Era (preprint)

Posted on by
Reply

Carl Gunter’s THaW group has released an article on “Privacy and Security in the Genomic Era”, submitted to ACM Computing Surveys. This article has a lot more information than a mere literature survey, and it may be beneficial for newcomers in this area. For convenience, a preprint is available on arXiv, and the abstract is below.

They also created an online tutorial (with text, images and videos) to learn the basic biology required to understand this (and in general other) genomic privacy papers.

Authors: Muhammad Naveed, Erman Ayday, Ellen W. Clayton, Jacques Fellay, Carl A. Gunter, Jean-Pierre Hubaux, Bradley A. Malin, XiaoFeng Wang

Abstract:

Genome sequencing technology has advanced at a rapid pace and it is now possible to generate highly-detailed genotypes inexpensively. The collection and analysis of such data has the potential to support various applications, including personalized medical services. While the benefits of the genomics revolution are trumpeted by the biomedical community, the increased availability of such data has major implications for personal privacy; notably because the genome has certain essential features, which include (but are not limited to) (i) an association with certain diseases, (ii) identification capability (e.g., forensics), and (iii) revelation of family relationships. Moreover, direct-to-consumer DNA testing increases the likelihood that genome data will be made available in less regulated environments, such as the Internet and for-profit companies. The problem of genome data privacy thus resides at the crossroads of computer science, medicine, and public policy. While the computer scientists have addressed data privacy for various data types, there has been less attention dedicated to genomic data. Thus, the goal of this paper is to provide a systematization of knowledge for the computer science community. In doing so, we address some of the (sometimes erroneous) beliefs of this field and we report on a survey we conducted about genome data privacy with biomedical specialists. Then, after characterizing the genome privacy problem, we review the state-of-the-art regarding privacy attacks on genomic data and strategies for mitigating such attacks, as well as contextualizing these attacks from the perspective of medicine and public policy. This paper concludes with an enumeration of the challenges for genome data privacy and presents a framework to systematize the analysis of threats and the design of countermeasures as the field moves forward.

Does “Meaningful-Use” Attestation Improve Information Security Performance?

Posted on by
Reply

We’re pleased to announce a new THaW paper, to appear in the Workshop on the Economics of Information Security (WEIS), June 23-24, to be held at Penn State.

Juhee Kwon and M. Eric Johnson.  Meaningful Healthcare Security: Does “Meaningful-Use” Attestation Improve Information Security Performance?

Abstract:
Voluntary mechanisms are often employed to signal performance of difficult-to-observe management practices. In the healthcare sector, financial incentives linked to “meaningful-use” attestation have been a key policy initiative of the Obama administration to accelerate electronic health record (EHR) system adoption while also focusing providers on protecting sensitive healthcare data. As one of the core requirements, meaningful-use attestation requires healthcare providers to attest to having implemented security mechanisms for assessing the potential risks and vulnerabilities to their data. In this paper, we examine whether meaningful-use attestation is achieving its security objective. Using a propensity score matching technique, we analyze a matched sample of 925 U.S. hospitals. We find that external breaches motivate hospitals to pursue meaningful use and that achieving meaningful use does indeed reduce such breaches. We also find that hospitals that achieve meaningful use observe short-term increases in accidental breaches, but see longer-term reductions. These results have implications for managers and policy makers as well as researchers interested in organizational theory and quality management.

We’ll post the paper itself after the workshop.

Hurdles for Genomic Data Usage Management

Posted on by
Reply

We are pleased to share an upcoming THaW paper to appear next month at  IEEE Workshop on Data Usage Management, a workshop colocated with the IEEE Symposium on Security & Privacy in May 2014.

Abstract: Our genome determines our appearance, gender, diseases, reaction to drugs, and much more. It not only contains information about us but also about our relatives, past generations, and future generations. This creates many policy and technology challenges to protect privacy and manage usage of genomic data. In this paper, we identify various features of genomic data that make its usage management very challenging and different from other types of data. We also describe some ideas about potential solutions and propose some recommendations for the usage of genomic data. [pdf]

ZEBRA: Zero-Effort Bilateral Recurring Authentication

Posted on by
6

The THaW team is pleased to announce the third of its three papers to be presented at the IEEE Symposium on Security & Privacy (aka ‘Oakland’) in May.

ZEBRA: Zero-Effort Bilateral Recurring Authentication
Shrirang Mare, Andrés Molina-Markham, Cory Cornelius, Ronald Peterson, and David Kotz

Abstract: Common authentication methods based on passwords, tokens, or fingerprints perform one-time authentication and rely on users to log out from the computer terminal when they leave. Users often do not log out, however, which is a security risk. The most common solution, inactivity timeouts, inevitably fail security (too long a timeout) or usability (too short a timeout) goals. One solution is to authenticate users continuously while they are using the terminal and automatically log them out when they leave. Several solutions are based on user proximity, but these are not sufficient: they only confirm whether the user is nearby but not whether the user is actually using the terminal. Proposed solutions based on behavioral biometric authentication (e.g., keystroke dynamics) may not be reliable, as a recent study suggests.

To address this problem we propose ZEBRA. In ZEBRA, a user wears a bracelet (with a built-in accelerometer, gyroscope, and radio) on her dominant wrist. When the user interacts with a computer terminal, the bracelet records the wrist movement, processes it, and sends it to the terminal. The terminal compares the wrist movement with the inputs it receives from the user (via keyboard and mouse), and confirms the continued presence of the user only if they correlate. Because the bracelet is on the same hand that provides inputs to the terminal, the accelerometer and gyroscope data and input events received by the terminal should correlate because their source is the same – the user’s hand movement. In our experiments ZEBRA performed continuous authentication with 85% accuracy in verifying the correct user and identified all adversaries within 11 s. For a different threshold that trades security for usability, ZEBRA correctly verified 90% of users and identified all adversaries within 50 s.

Note: since the time this paper was published we have learned of a relevant trademark on the name “Zebra”. Thus, we have renamed our approach “BRACE” and will use that name in future publications.

[view pdf]

Dynamic Searchable Encryption via Blind Storage

Posted on by
Reply

The THaW team is pleased to announce the second of its three papers to be presented at the IEEE Symposium on Security & Privacy (aka ‘Oakland’) in May.

Dynamic Searchable Encryption via Blind Storage
Muhammad Naveed, Manoj Prabhakaran, Carl A. Gunter

Abstract: Dynamic Searchable Symmetric Encryption allows a client to store a dynamic collection of encrypted documents with a server, and later quickly carry out keyword searches on these encrypted documents, while revealing minimal information to the server. In this paper we present a new dynamic SSE scheme that is simpler and more efficient than existing schemes while revealing less information to the server than prior schemes, achieving fully adaptive security against honest-but-curious servers.

We implemented a prototype of our scheme and demonstrated its efficiency on datasets from prior work. Apart from its concrete efficiency, our scheme is also simpler: in particular, it does not require the server to support any operation other than upload and download of data. Thus the server in our scheme can be based solely on a cloud storage service, rather than a cloud computation service as well, as in prior work.

In building our dynamic SSE scheme, we introduce a new primitive called Blind Storage, which allows a client to store a set of files on a remote server in such a way that the server does not learn how many files are stored, or the lengths of the individual files; as each file is retrieved, the server learns about its existence(and can notice the same file being downloaded subsequently), but the file’s name and contents are not revealed. This is a primitive with several applications other than SSE, and is of independent interest.

[view pdf]