Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Discipline
- Publication Year
- Publication
- Publication Type
Articles 1 - 30 of 52
Full-Text Articles in Physical Sciences and Mathematics
Torsh: Obfuscating Consumer Internet-Of-Things Traffic With A Collaborative Smart-Home Router Network, Adam Vandenbussche
Torsh: Obfuscating Consumer Internet-Of-Things Traffic With A Collaborative Smart-Home Router Network, Adam Vandenbussche
Dartmouth College Undergraduate Theses
When consumers install Internet-connected "smart devices" in their homes, metadata arising from the communications between these devices and their cloud-based service providers enables adversaries privy to this traffic to profile users, even when adequate encryption is used. Internet service providers (ISPs) are one potential adversary privy to users’ incom- ing and outgoing Internet traffic and either currently use this insight to assemble and sell consumer advertising profiles or may in the future do so. With existing defenses against such profiling falling short of meeting user preferences and abilities, there is a need for a novel solution that empowers consumers to …
Information Provenance For Mobile Health Data, Taylor A. Hardin
Information Provenance For Mobile Health Data, Taylor A. Hardin
Dartmouth College Ph.D Dissertations
Mobile health (mHealth) apps and devices are increasingly popular for health research, clinical treatment and personal wellness, as they offer the ability to continuously monitor aspects of individuals' health as they go about their everyday activities. Many believe that combining the data produced by these mHealth apps and devices may give healthcare-related service providers and researchers a more holistic view of an individual's health, increase the quality of service, and reduce operating costs. For such mHealth data to be considered useful though, data consumers need to be assured that the authenticity and the integrity of the data has remained intact---especially …
Thaw Publications, Carl Landwehr, David Kotz
Thaw Publications, Carl Landwehr, David Kotz
Computer Science Technical Reports
In 2013, the National Science Foundation's Secure and Trustworthy Cyberspace program awarded a Frontier grant to a consortium of four institutions, led by Dartmouth College, to enable trustworthy cybersystems for health and wellness. As of this writing, the Trustworthy Health and Wellness (THaW) project's bibliography includes more than 130 significant publications produced with support from the THaW grant; these publications document the progress made on many fronts by the THaW research team. The collection includes dissertations, theses, journal papers, conference papers, workshop contributions and more. The bibliography is organized as a Zotero library, which provides ready access to citation materials …
Apparatus For Securely Configuring A Target Device And Associated Methods, Timothy J. Pierson, Xiaohui Liang, Ronald Peterson, David Kotz
Apparatus For Securely Configuring A Target Device And Associated Methods, Timothy J. Pierson, Xiaohui Liang, Ronald Peterson, David Kotz
Other Faculty Materials
Apparatus and method securely transfer first data from a source device to a target device. A wireless signal having (a) a higher speed channel conveying second data and (b) a lower speed channel conveying the first data is transmitted. The lower speed channel is formed by selectively transmitting the wireless signal from one of a first and second antennae of the source device based upon the first data. The first and second antenna are positioned a fixed distance apart and the target device uses a received signal strength indication (RSSI) of the first signal to decode the lower speed channel …
Proximity Detection With Single-Antenna Iot Devices, Timothy J. Pierson, Travis Peters, Ronald Peterson, David Kotz
Proximity Detection With Single-Antenna Iot Devices, Timothy J. Pierson, Travis Peters, Ronald Peterson, David Kotz
Dartmouth Scholarship
Providing secure communications between wireless devices that encounter each other on an ad-hoc basis is a challenge that has not yet been fully addressed. In these cases, close physical proximity among devices that have never shared a secret key is sometimes used as a basis of trust; devices in close proximity are deemed trustworthy while more distant devices are viewed as potential adversaries. Because radio waves are invisible, however, a user may believe a wireless device is communicating with a nearby device when in fact the user’s device is communicating with a distant adversary. Researchers have previously proposed methods for …
Using Vibrations From A Smartring As An Out-Of-Band Channel For Sharing Secret Keys, Sougata Sen, Varun Mishra, David Kotz
Using Vibrations From A Smartring As An Out-Of-Band Channel For Sharing Secret Keys, Sougata Sen, Varun Mishra, David Kotz
Dartmouth Scholarship
With the rapid growth in the number of Internet of Things (IoT) devices with wireless communication capabilities, and sensitive information collection capabilities, it is becoming increasingly necessary to ensure that these devices communicate securely with only authorized devices. A major requirement of this secure communication is to ensure that both the devices share a secret, which can be used for secure pairing and encrypted communication. Manually imparting this secret to these devices becomes an unnecessary overhead, especially when the device interaction is transient. In this work, we empirically investigate the possibility of using an out-of-band communication channel – vibration, generated …
Closetalker: Secure, Short-Range Ad Hoc Wireless Communication, Timothy J. Pierson, Travis Peters, Ronald Peterson, David Kotz
Closetalker: Secure, Short-Range Ad Hoc Wireless Communication, Timothy J. Pierson, Travis Peters, Ronald Peterson, David Kotz
Dartmouth Scholarship
Secure communication is difficult to arrange between devices that have not previously shared a secret. Previous solutions to the problem are susceptible to man-in-the-middle attacks, require additional hardware for out-of-band communication, or require an extensive public-key infrastructure. Furthermore, as the number of wireless devices explodes with the advent of the Internet of Things, it will be impractical to manually configure each device to communicate with its neighbors. Our system, CloseTalker, allows simple, secure, ad hoc communication between devices in close physical proximity, while jamming the signal so it is unintelligible to any receivers more than a few centimeters away. CloseTalker …
Continuous Smartphone Authentication Using Wristbands, Shrirang Mare, Reza Rawassizadeh, Ronald Peterson, David Kotz
Continuous Smartphone Authentication Using Wristbands, Shrirang Mare, Reza Rawassizadeh, Ronald Peterson, David Kotz
Dartmouth Scholarship
Many users find current smartphone authentication methods (PINs, swipe patterns) to be burdensome, leading them to weaken or disable the authentication. Although some phones support methods to ease the burden (such as fingerprint readers), these methods require active participation by the user and do not verify the user’s identity after the phone is unlocked. We propose CSAW, a continuous smartphone authentication method that leverages wristbands to verify that the phone is in the hands of its owner. In CSAW, users wear a wristband (a smartwatch or a fitness band) with built-in motion sensors, and by comparing the wristband’s motion with …
Saw: Wristband-Based Authentication For Desktop Computers, Shrirang Mare, Reza Rawassizadeh, Ronald Peterson, David Kotz
Saw: Wristband-Based Authentication For Desktop Computers, Shrirang Mare, Reza Rawassizadeh, Ronald Peterson, David Kotz
Dartmouth Scholarship
Token-based proximity authentication methods that authenticate users based on physical proximity are effortless, but lack explicit user intentionality, which may result in accidental logins. For example, a user may get logged in when she is near a computer or just passing by, even if she does not intend to use that computer. Lack of user intentionality in proximity-based methods makes them less suitable for multi-user shared computer environments, despite their desired usability benefits over passwords. \par We present an authentication method for desktops called Seamless Authentication using Wristbands (SAW), which addresses the lack of intentionality limitation of proximity-based methods. SAW …
Application Memory Isolation On Ultra-Low-Power Mcus, Taylor Hardin, Ryan Scott, Patrick Proctor, Josiah Hester, Jacob Sorber, David Kotz
Application Memory Isolation On Ultra-Low-Power Mcus, Taylor Hardin, Ryan Scott, Patrick Proctor, Josiah Hester, Jacob Sorber, David Kotz
Dartmouth Scholarship
The proliferation of applications that handle sensitive user data on wearable platforms generates a critical need for embedded systems that offer strong security without sacrificing flexibility and long battery life. To secure sensitive information, such as health data, ultra-low-power wearables must isolate applications from each other and protect the underlying system from errant or malicious application code. These platforms typically use microcontrollers that lack sophisticated Memory Management Units (MMU). Some include a Memory Protection Unit (MPU), but current MPUs are inadequate to the task, leading platform developers to software-based memory-protection solutions. In this paper, we present our memory isolation technique, …
Workshop On Emerging Technology And Data Analytics For Behavioral Health, David Kotz, Sarah E. Lord, A. James O'Malley, Luke Stark, Lisa Marsch
Workshop On Emerging Technology And Data Analytics For Behavioral Health, David Kotz, Sarah E. Lord, A. James O'Malley, Luke Stark, Lisa Marsch
Dartmouth Scholarship
Wearable and portable digital devices can support self-monitoring for patients with chronic medical conditions, individuals seeking to reduce stress, and people seeking to modify health-related behaviors such as substance use or overeating. The resulting data may be used directly by a consumer, or shared with a clinician for treatment, a caregiver for assistance, or a health coach for support. The data can also be used by researchers to develop and evaluate just-in-time interventions that leverage mobile technology to help individuals manage their symptoms and behavior in real time and as needed. Such wearable systems have huge potential for promoting delivery …
Lighttouch: Securely Connecting Wearables To Ambient Displays With User Intent, Xiaohui Liang, Tianlong Yun, Ronald Peterson, David Kotz
Lighttouch: Securely Connecting Wearables To Ambient Displays With User Intent, Xiaohui Liang, Tianlong Yun, Ronald Peterson, David Kotz
Dartmouth Scholarship
Wearables are small and have limited user interfaces, so they often wirelessly interface with a personal smartphone/computer to relay information from the wearable for display or other interactions. In this paper, we envision a new method, LightTouch, by which a wearable can establish a secure connection to an ambient display, such as a television or a computer monitor, while ensuring the user's intention to connect to the display. LightTouch uses standard RF methods (like Bluetooth) for communicating the data to display, securely bootstrapped via the visible-light communication (the brightness channel) from the display to the low-cost, low-power, ambient light sensor …
The Amulet Wearable Platform: Demo Abstract, Josiah Hester, Travis Peters, Tianlong Yun, Ronald Peterson, Joseph Skinner, Bhargav Golla, Kevin Storer, Steven Hearndon, Sarah Lord, Ryan Halter, David Kotz, Jacob Sorber
The Amulet Wearable Platform: Demo Abstract, Josiah Hester, Travis Peters, Tianlong Yun, Ronald Peterson, Joseph Skinner, Bhargav Golla, Kevin Storer, Steven Hearndon, Sarah Lord, Ryan Halter, David Kotz, Jacob Sorber
Dartmouth Scholarship
In this demonstration we present the Amulet Platform; a hardware and software platform for developing energy- and resource-efficient applications on multi-application wearable devices. This platform, which includes the Amulet Firmware Toolchain, the Amulet Runtime, the ARP-View graphical tool, and open reference hardware, efficiently protects applications from each other without MMU support, allows developers to interactively explore how their implementation decisions impact battery life without the need for hardware modeling and additional software development, and represents a new approach to developing long-lived wearable applications. We envision the Amulet Platform enabling long-duration experiments on human subjects in a wide variety of studies.
Privacy And Security In Mobile Health – A Research Agenda, David Kotz, Carl A. Gunter, Santosh Kumar, Jonathan P. Weiner
Privacy And Security In Mobile Health – A Research Agenda, David Kotz, Carl A. Gunter, Santosh Kumar, Jonathan P. Weiner
Dartmouth Scholarship
Mobile health technology has great potential to increase healthcare quality, expand access to services, reduce costs, and improve personal wellness and public health. However, mHealth also raises significant privacy and security challenges.
Amulet: A Secure Architecture For Mhealth Applications For Low-Power Wearable Devices, Andrés Molina-Markham, Ronald Peterson, Joseph Skinner, Tianlong Yun, Bhargav Golla, Kevin Freeman, Travis Peters, Jacob Sorber, Ryan Halter, David Kotz
Amulet: A Secure Architecture For Mhealth Applications For Low-Power Wearable Devices, Andrés Molina-Markham, Ronald Peterson, Joseph Skinner, Tianlong Yun, Bhargav Golla, Kevin Freeman, Travis Peters, Jacob Sorber, Ryan Halter, David Kotz
Dartmouth Scholarship
Interest in using mobile technologies for health-related applications (mHealth) has increased. However, none of the available mobile platforms provide the essential properties that are needed by these applications. An mHealth platform must be (i) secure; (ii) provide high availability; and (iii) allow for the deployment of multiple third-party mHealth applications that share access to an individual's devices and data. Smartphones may not be able to provide property (ii) because there are activities and situations in which an individual may not be able to carry them (e.g., while in a contact sport). A low-power wearable device can provide higher availability, remaining …
A Wearable System That Knows Who Wears It, Cory Cornelius, Ronald Peterson, Joseph Skinner, Ryan Halter, David Kotz
A Wearable System That Knows Who Wears It, Cory Cornelius, Ronald Peterson, Joseph Skinner, Ryan Halter, David Kotz
Dartmouth Scholarship
Body-area networks of pervasive wearable devices are increasingly used for health monitoring, personal assistance, entertainment, and home automation. In an ideal world, a user would simply wear their desired set of devices with no configuration necessary: the devices would discover each other, recognize that they are on the same person, construct a secure communications channel, and recognize the user to which they are attached. In this paper we address a portion of this vision by offering a wearable system that unobtrusively recognizes the person wearing it. Because it can recognize the user, our system can properly label sensor data or …
Zebra: Zero-Effort Bilateral Recurring Authentication, Shrirang Mare, Andrés Molina-Markham, Cory Cornelius, Ronald Peterson, David Kotz
Zebra: Zero-Effort Bilateral Recurring Authentication, Shrirang Mare, Andrés Molina-Markham, Cory Cornelius, Ronald Peterson, David Kotz
Dartmouth Scholarship
Common authentication methods based on passwords, tokens, or fingerprints perform one-time authentication and rely on users to log out from the computer terminal when they leave. Users often do not log out, however, which is a security risk. The most common solution, inactivity timeouts, inevitably fail security (too long a timeout) or usability (too short a timeout) goals. One solution is to authenticate users continuously while they are using the terminal and automatically log them out when they leave. Several solutions are based on user proximity, but these are not sufficient: they only confirm whether the user is nearby but …
From Map To Dist: The Evolution Of A Large-Scale Wlan Monitoring System, Keren Tan, Chris Mcdonald, Bennet Vance, Chrisil Arackaparambil, Sergey Bratus, David Kotz
From Map To Dist: The Evolution Of A Large-Scale Wlan Monitoring System, Keren Tan, Chris Mcdonald, Bennet Vance, Chrisil Arackaparambil, Sergey Bratus, David Kotz
Dartmouth Scholarship
The edge of the Internet is increasingly becoming wireless. Therefore, monitoring the wireless edge is important to understanding the security and performance aspects of the Internet experience. We have designed and implemented a large-scale WLAN monitoring system, the Distributed Internet Security Testbed (DIST), at Dartmouth College. It is equipped with distributed arrays of “sniffers” that cover 210 diverse campus locations and more than 5,000 users. In this paper, we describe our approach, designs and solutions for addressing the technical challenges that have resulted from efficiency, scalability, security, and management perspectives. We also present extensive evaluation results on a production network, …
Securing Information Technology In Healthcare, Denise Anthony, Andrew T. Campbell, Thomas Candon, Andrew Gettinger, David Kotz, Lisa A. Marsch, Andrés Molina-Markham, Karen M. Page, Sean W. Smith, Carl A. Gunter, M. Eric Johnson
Securing Information Technology In Healthcare, Denise Anthony, Andrew T. Campbell, Thomas Candon, Andrew Gettinger, David Kotz, Lisa A. Marsch, Andrés Molina-Markham, Karen M. Page, Sean W. Smith, Carl A. Gunter, M. Eric Johnson
Dartmouth Scholarship
Information technology (IT) has great potential to improve healthcare quality while also improving efficiency, and thus has been a major focus of recent healthcare reform efforts. However, developing, deploying and using IT that is both secure and genuinely effective in the complex clinical, organizational and economic environment of healthcare is a significant challenge. Further, it is imperative that we better understand the privacy concerns of patients and providers, as well as the ability of current technologies, policies, and laws to adequately protect privacy. The Securing Information Technology in Healthcare (SITH) workshops were created to provide a forum to discuss security …
Provenance Framework For Mhealth, Aarathi Prasad, Ronald Peterson, Shrirang Mare, Jacob Sorber, Kolin Paul, David Kotz
Provenance Framework For Mhealth, Aarathi Prasad, Ronald Peterson, Shrirang Mare, Jacob Sorber, Kolin Paul, David Kotz
Dartmouth Scholarship
Mobile health technologies allow patients to collect their health information outside the hospital and share this information with others. But how can data consumers know whether to trust the sensor-collected and human-entered data they receive? Data consumers might be able to verify the accuracy and authenticity of the data if they have information about its origin and about changes made to it, i.e., the \emphprovenance\/ of the data. We propose a provenance framework for mHealth devices, to collect and share provenance metadata and help the data consumer verify whether certain provenance properties are satisfied by the data they receive. This …
Privacy In Mobile Technology For Personal Healthcare, Sasikanth Avancha, Amit Baxi, David Kotz
Privacy In Mobile Technology For Personal Healthcare, Sasikanth Avancha, Amit Baxi, David Kotz
Dartmouth Scholarship
Information technology can improve the quality, efficiency, and cost of healthcare. In this survey, we examine the privacy requirements of \emphmobile\/ computing technologies that have the potential to transform healthcare. Such \emphmHealth\/ technology enables physicians to remotely monitor patients' health, and enables individuals to manage their own health more easily. Despite these advantages, privacy is essential for any personal monitoring technology. Through an extensive survey of the literature, we develop a conceptual privacy framework for mHealth, itemize the privacy properties needed in mHealth systems, and discuss the technologies that could support privacy-sensitive mHealth systems. We end with a list of …
Passive Biometrics For Pervasive Wearable Devices (Poster Paper), Cory Cornelius, Zachary Marois, Jacob Sorber, Ron Peterson, Shrirang Mare, David Kotz
Passive Biometrics For Pervasive Wearable Devices (Poster Paper), Cory Cornelius, Zachary Marois, Jacob Sorber, Ron Peterson, Shrirang Mare, David Kotz
Dartmouth Scholarship
Wearable devices – like the FitBit, MOTOACTV, and Jawbone UP – are increasingly becoming more pervasive whether for monitoring health and fitness, personal assistance, or home automation. While pervasive wearable devices have long been researched, we are now beginning to see the fruits of this research in the form of commercial offerings. Today, many of these commercial wearable devices are closed systems that do not interoperate with other devices a person might carry. We believe, however, these commercial offerings signal the coming of wireless body-area networks that will connect these pervasive wearable devices and leverage existing devices a user already …
An Amulet For Trustworthy Wearable Mhealth, Jacob Sorber, Minho Shin, Ronald Peterson, Cory Cornelius, Shrirang Mare, Aarathi Prasad, Zachary Marois, Emma N. Smithayer, David Kotz
An Amulet For Trustworthy Wearable Mhealth, Jacob Sorber, Minho Shin, Ronald Peterson, Cory Cornelius, Shrirang Mare, Aarathi Prasad, Zachary Marois, Emma N. Smithayer, David Kotz
Dartmouth Scholarship
Mobile technology has significant potential to help revolutionize personal wellness and the delivery of healthcare. Mobile phones, wearable sensors, and home-based tele-medicine devices can help caregivers and individuals themselves better monitor and manage their health. While the potential benefits of this “mHealth” technology include better health, more effective healthcare, and reduced cost, this technology also poses significant security and privacy challenges. In this paper we propose \emphAmulet, an mHealth architecture that provides strong security and privacy guarantees while remaining easy to use, and outline the research and engineering challenges required to realize the Amulet vision.
Adapt-Lite: Privacy-Aware, Secure, And Efficient Mhealth Sensing, Shrirang Mare, Jacob Sorber, Minho Shin, Cory Cornelius, David Kotz
Adapt-Lite: Privacy-Aware, Secure, And Efficient Mhealth Sensing, Shrirang Mare, Jacob Sorber, Minho Shin, Cory Cornelius, David Kotz
Dartmouth Scholarship
As healthcare in many countries faces an aging population and rising costs, mobile sensing technologies promise a new opportunity. Using mobile health (mHealth) sensing, which uses medical sensors to collect data about the patients, and mobile phones to act as a gateway between sensors and electronic health record systems, caregivers can continuously monitor the patients and deliver better care. Although some work on mHealth sensing has addressed security, achieving strong security and privacy for low-power sensors remains a challenge. \par We make three contributions. First, we propose Adapt-lite, a set of two techniques that can be applied to existing wireless …
Recognizing Whether Sensors Are On The Same Body, Cory Cornelius, David Kotz
Recognizing Whether Sensors Are On The Same Body, Cory Cornelius, David Kotz
Dartmouth Scholarship
As personal health sensors become ubiquitous, we also expect them to become interoperable. That is, instead of closed, end-to-end personal health sensing systems, we envision standardized sensors wirelessly communicating their data to a device many people already carry today, the cellphone. In an open personal health sensing system, users will be able to seamlessly pair off-the-shelf sensors with their cellphone and expect the system to ıt just work. However, this ubiquity of sensors creates the potential for users to accidentally wear sensors that are not necessarily paired with their own cellphone. A husband, for example, might mistakenly wear a heart-rate …
Anonysense: A System For Anonymous Opportunistic Sensing, Minho Shin, Cory Cornelius, Dan Peebles, Apu Kapadia, David Kotz, Nikos Triandopoulos
Anonysense: A System For Anonymous Opportunistic Sensing, Minho Shin, Cory Cornelius, Dan Peebles, Apu Kapadia, David Kotz, Nikos Triandopoulos
Dartmouth Scholarship
We describe AnonySense, a privacy-aware system for realizing pervasive applications based on collaborative, opportunistic sensing by personal mobile devices. AnonySense allows applications to submit sensing \emphtasks\/ to be distributed across participating mobile devices, later receiving verified, yet anonymized, sensor data \emphreports\/ back from the field, thus providing the first secure implementation of this participatory sensing model. We describe our security goals, threat model, and the architecture and protocols of AnonySense. We also describe how AnonySense can support extended security features that can be useful for different applications. We evaluate the security and feasibility of AnonySense through security analysis and prototype …
A Threat Taxonomy For Mhealth Privacy, David Kotz
A Threat Taxonomy For Mhealth Privacy, David Kotz
Dartmouth Scholarship
Networked mobile devices have great potential to enable individuals (and their physicians) to better monitor their health and to manage medical conditions. In this paper, we examine the privacy-related threats to these so-called \emphmHealth\/ technologies. We develop a taxonomy of the privacy-related threats, and discuss some of the technologies that could support privacy-sensitive mHealth systems. We conclude with a brief summary of research challenges.
Is Bluetooth The Right Technology For Mhealth?, Shrirang Mare, David Kotz
Is Bluetooth The Right Technology For Mhealth?, Shrirang Mare, David Kotz
Dartmouth Scholarship
Many people believe mobile healthcare (mHealth) would help alleviate the rising cost of healthcare and improve the quality of service. Bluetooth, which is the most popular wireless technology for personal medical devices, is used for most of the mHealth sensing applications. In this paper we raise the question – Is Bluetooth the right technology for mHealth? To instigate the discussion we discuss some shortcomings of Bluetooth and also point out an alternative solution.
On Usable Authentication For Wireless Body Area Networks, Cory Cornelius, David Kotz
On Usable Authentication For Wireless Body Area Networks, Cory Cornelius, David Kotz
Dartmouth Scholarship
We examine a specific security problem in wireless body area networks (WBANs), what we call the ıt one body authentication problem. That is, how can we ensure that the wireless sensors in a WBAN are collecting data about one individual and not several individuals. We explore existing solutions to this problem and provide some analysis why these solutions are inadequate. Finally, we provide some direction towards a promising solution to the problem and how it can be used to create a usably secure WBAN.
Can I Access Your Data? Privacy Management In Mhealth, Aarathi Prasad, David Kotz
Can I Access Your Data? Privacy Management In Mhealth, Aarathi Prasad, David Kotz
Dartmouth Scholarship
Mobile health (mHealth) has become important in the field of healthcare information technology, as patients begin to use mobile medical sensors to record their daily activities and vital signs. Since their medical data is collected by their sensors, the patients may wish to control data collection and distribution, so as to protect their data and share it only when the need arises. It must be possible for patients to grant or deny access to the data on the storage unit (mobile phones or personal health records (PHR)). Thus, an efficient framework is required for managing patient consent electronically, i.e.to allow …