A team featuring THaW PI Carl Gunter and led by his student Guliz Seray Tuncay recently won “Best Paper” at NDSS. Resolving the Predicament of Android Custom Permissions was so well received at the conference it took home highest honors. To check out the full text, and what the team discovered about conflicting trust levels in regard to Android permissions, click through on the link below.
PDF: Resolving the Predicament of Android Custom Permissions
THaW researcher Kevin Fu, along with colleagues Chen Yan and Wenyuan Xu, recently released a technical report on a mysterious ailment at the United States embassy in Cuba. After exploring a wide variety of options, the trio concluded that the ailment may in fact have inadvertently been caused by interfering ultrasonic waves in the environment. Click through below to see some press coverage their discoveries have received, in addition to the full technical report.
The Conversation – Can Sound Be Used As A Weapon?
IEEE Spectrum – Finally, A Likely Explanation for the “Sonic Weapon” Used At The US Embassy In Cuba
PDF: On Cuba, Diplomats, Ultrasound, and Intermodulation Distortion
As part of THaW’s efforts towards community outreach and education, we have developed a curriculum based on the FitBit technology platform. This curriculum has been successfully deployed in two pilot groups let by THaW associates over the past two years.
Now, THaW researcher Joseph Carrigan, along with PI’s David Kotz and Avi Rubin, has formalized the curriculum into a technical report to allow others to use our implementation. Said Carrigan, “We developed an outreach activity that is engaging, informative, and repeatable. We are interested to see how it will be used at other locations.” To peruse the technical report and access the curriculum guidelines, please click below.
STEM Outreach Activity with Fitbit Wearable Devices
THaW member Eric Johnson (along with co-author Sung Choi) recently published at the 14th Workshop on The Economics of Information Security. In the paper, the two explore the ramifications of hospital data breaches, and if these breaches have an effect on quality of care. To learn more, click through to the paper below.
PDF: Do Hospital Data Breaches Reduce Patient Care Quality?
THaW leader Kevin Fu was recently named a fellow by the Institute of Electrical and Electronics Engineers (IEEE) for his contributions to embedded and medical device security. The honor comes as part of the 2018 class, and is “a distinction reserved for select IEEE members whose extraordinary accomplishments in any of the IEEE fields of interest are deemed fitting of this prestigious grade elevation”. To read more about Kevin’s award and accomplishments, click through below.
Kevin Fu Elected IEEE Fellow for Contributions to Embedded and Medical Device Security
In a recent Viewpoint article in JAMA, THaW member Kevin Fu explored a recent pacemaker vulnerability, and its ramifications for medical device security in general. In the post, he discusses both the full extent of the vulnerabilities, as well as the practical considerations to be taken as a result. To read the full text of the article, click the link below.
Cybersecurity Concerns and Medical Devices – Lessons From a Pacemaker Advisory
THaW member Eric Johnson recently published an article at the website Third Certainty about how Security Executives can best achieve their goals. In the article, he delves into approaches executives can take, and how they can achieve optimal leadership. To read more, click through below.
Eric Johnson – Security executives must lead through influence rather than control
THaW researcher Kevin Fu recently joined his colleague Harold Thimbleby to discuss the challenges and obstacles created by ransomware. Read their comprehensive assessment of the problem, as well as possible solutions, at the link below.
HealthcareITNews — Ransomware:
How we can climb out of this mess
THaW Researchers Xiaohui Liang, Tianlong Yun, Ronald Peterson, and David Kotz have been researching new methods for connecting wearables to external screens. Their paper, LightTouch: Securely Connecting Wearables to Ambient Displays with User Intent, has been accepted to INFOCOM 2017. In it, they explore a security system that uses a screen’s brightness level to ensure secure connection between screen and device. Moreover, they also address additional screen-based counter measures that can be taken to further secure the protocol. For more information and to read the paper, click the link below.
THaW contributor Eric Johnson’s conversations from the CISO conference continued with VP and CISO of Kindred Healthcare, Charles Lebo. The two had a conversation to discuss some of the emerging challenges of healthcare security. The topics ranged from the scope of large healthcare datasets, to the emergence of ransomware and maintaining data security.
Click here, or play the embedded video above, to hear the discussion in full.