New York Times Features THaW Research Into Acoustic Device Hacking

14SOUNDWAVE1-master768

THaW researcher Kevin Fu’s work on acoustic device hacking has recently been featured in the New York Times. The article discusses the team’s work on using acoustic signals to fool sensors in mobile device, and create the potential for security violations. For more information beyond the article, click here for a quick video, or read the complete paper below.

WALNUT: Waging Doubt on the Integrity of MEMS Accelerometers with Acoustic Injection Attacks

Eric Johnson talks with Paul Connelly: Healthcare Analytics and Information Security

THaW contributor Eric Johnson recently sat down with VP and CISO of Hospital Corporation of America Paul Connelly to discuss advancements in healthcare analytics and information security. Over the course of the discussion the two touch on the sheer volume of data created by HCA, and how analytics can be used to give that data value in contributing to informed decision making, while at the same time protecting patient security.

Click here, or play the embedded video above, to hear the discussion in full.

Wanda – Securely introducing mobile devices

A few months ago we announced the results of our Wanda project, as published in INFOCOM 2016.  Today we’re excited to share this new video description of the project! Thanks to Abby Starr and Shiyao Peng of Dartmouth’s DALI lab, and Tim Pierson of the THaW team, for this fun and informative production.

Nearly every setting is increasingly populated with wireless and mobile devices – whether appliances in a home, medical devices in a health clinic, sensors in an industrial setting, or devices in an office or school. There are three fundamental operations when bringing a new device into any of these settings: (1) to configure the device to join the wireless local-area network, (2) to partner the device with other nearby devices so they can work together, and (3) to configure the device so it connects to the relevant individual or organizational account in the cloud. The challenge is to accomplish all three goals simply, securely, and consistent with user intent. We call our approach Wanda – a `magic wand’ that accomplishes all three of the above goals – and evaluate a prototype implementation.