Trustworthy Health and Wellness (THaW)

Traditional hospital information systems are built around the idea that there is a large computer in the hospital and terminals to access it throughout the hospital. However, this model of such systems is being challenged by the advantages of mobile computing with data managed in clouds and the idea that not all health data is collected in hospitals and clinics. These trends raise many issues about security and privacy; these issues generate research problems that threaten  adoption of a promising alternative architecture for health data. THaW is a NSF Frontier project that research issues in this areas. This page lists some of the THaW work being done by Illinois Security Lab. Some of our areas of focus include security and privacy for genomic data and for heath apps on smartphones. THaW is a collaboration between five universities; see its project page to learn more.


Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX,
Wenhao Wang, Guoxing Chen, Xiaorui Pan, Yinqian Zhang, XiaoFeng Wang, Vincent Bindschaedler, Haixu Tang, and Carl A. Gunter.
ACM Computer and Communications Security (CCS ’17), October, 2017.

Plausible Deniability for Privacy-Preserving Data Synthesis
Vincent Bindschaedler, Reza Shokri, Carl A. Gunter.
VLDB Endowment International Conference on Very Large Data Bases (VLDB ’17), Munich, Germany, August 28, 2017.

HanGuard: SDN-driven Protection of Smart Home WiFi Devices from Malicious Mobile Apps,
Soteris Demetriou, Nan Zhang, Yeonjoon Lee, XiaoFeng Wang, Carl A. Gunter, Xiaoyong Zhou, and Michael Grace.
ACM Conference Security and Wireless and Mobile Networks (WiSec ’17), Boston, MA, July 2017.

Analyzing Intentions from Big Data Traces of Human Activities,
Aston Zhang.
Doctoral Thesis, University of Illinois at Urbana-Champaign, May 2017.

Draco: A System for Uniform and Fine-grained Access Control for Web Code on Android.
Guliz Seray Tuncay, Soteris Demetriou, Carl A. Gunter.
ACM Computer and Communications Security (CCS ’16), October, 2016.

Privacy and Security in Mobile Health,
David Kotz, Carl A. Gunter, Santosh Kumar, Jonathan P. Weiner.
IEEE Computer 49(6), 2016.

Privacy Research and Best Practices: Summary of a Workshop for the Intelligence Community,
The National Academies of Sciences, Engineering, and Medicine, 

Secure and Practical Computation on Encrypted Data.
Muhammad Naveed,
Doctoral Thesis, University of Illinois at Urbana-Champaign, April 2016.

Free for All! Assessing User Data Exposure to Advertising Libraries on Android,
Soteris Demetriou, Whitney Merrill, Wei Yang, Aston Zhang and Carl A. Gunter.
ISOC Network and Distributed System Security (NDSS ’16), San Diego, February 2016.

Towards Mobile Query Auto-Completion: An Efficient Mobile Application-Aware Approach,
Aston Zhang, Amit Goyal, Ricardo Baeza-Yates, Yi Chang,  Jiawei Han, Carl A. Gunter, and Hongbo Deng.
25th International World Wide Web Conference (WWW ’16), April 2016.

Inferring Clinical Workflow Efficiency via Electronic Medical Record Utilization,
You Chen, Wei Xie, Carl A Gunter, David Liebovitz, Sanjay Mehrotra, He Zhang, and Bradley Malin.
AMIA Symposium, San Francisco, CA, November 2015.

Network-on-Chip Firewall: Countering Defective and Malicious System-on-Chip Hardware,
Michael LeMay and Carl A. Gunter.
Logic, Rewriting, and Concurrency, Essays Dedicated to José Meseguer on the Occasion of his 65th Birthday, Urbana, IL, September 2015.

Discovering De Facto Diagnosis Specialities,
Xun Lu, Aston Zhang, Carl A. Gunter, Daniel Fabbri, David Liebovitz, and Bradley Malin.
ACM Conference on Bioinformatics, Computational Biology, and Health Informatics (BCB), Atlanta, GA, September 2015. [PPT]

Security for Mobile and Cloud Frontiers in Healthcare,
David Kotz, Kevin Fu, Carl Gunter, and Avi Rubin.
Communications of the ACM, 58(8), August 2015.

Privacy in the Genomic Era,
Muhammad Naveed, Erman Ayday, Ellen W. Clayton, Jacques Fellay, Carl A. Gunter, Jean-Pierre Hubaux, Bradley A. Malin, and XiaoFeng Wang.
ACM Computing Surveys 48, 1, Article 6, August, 2015.
Associated online tutorial on genomics for computer scientists.

Building Bridges Across Electronic Health Record Systems through Inferred Phenotypic Topics,
You Chen, Joydeep Ghosh, Cosmin Adrian Bejan, Carl A. Gunter, Siddharth Gupta, Abel Kho, David Liebovitz, Jimeng Sun, Joshua Denny, and Bradley Malin.
Journal of Biomedical Informatics, Volume 55 (2015), pages 82-93. Appendix.

What’s in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources,
Soteris Demetriou , Xiaoyong Zhouz, Muhammad Naveed, Yeonjoon Lee, Kan Yuan, XiaoFeng Wang, and Carl A Gunter.
ISOC Network and Distributed System Security (NDSS ’15), San Diego, February 2015.

Toward a Science of Learning Systems: a Research Agenda for the High-Functioning Learning Health System,
Charles Friedman. Joshua Rubin, Jeffrey Brown, Melinda Buntin, Milton Corn, Lynn Etheredge, Carl Gunter, Mark Musen, Richard Platt, William Stead, Kevin Sullivan, Douglas Van Houweling.
Journal of the American Medical Informatics Association (JAMIA), 22(1), 2015.

Decide Now or Decide Later? Quantifying the Tradeoff between Prospective and Retrospective Access Decisions,
Wen Zhang, You Chen, Thaddeus R. Cybulski, Daniel Fabbri, Carl A. Gunter, Patrick Lawlor, David Liebovitz, Bradley Malin.
ACM Computer and Communication Security (CCS), Scottsdale AZ, November 2014.

Controlled Functional Encryption,
Muhammad Naveed, Shashank Agrawal, Manoj Prabhakaran, Xiaofeng Wang, Erman Ayday, Jean-Pierre Hubaux, and Carl A. Gunter.
ACM Computer and Communication Security (CCS), Scottsdale AZ, November 2014.

Detecting Privacy-Sensitive Events in Medical Text,
Prateek Jindal, Carl A. Gunter, and Dan Roth.
ACM Bioinformatics, Computational Biology, and Health Informatics (BCB),  Newport Beach, CA, September 2014. (Technical Report.)

Decision Support for Data Segmentation (DS2): Application to Pull Architectures for HIE,
Carl A. Gunter, Mike Berry, and Martin French.
USENIX Safety, Security, Privacy, and Interoperability of Health Information Technologies (HealthTech ’14), San Diego, August 2014.

Security Concerns in Android mHealth Apps
Dongjing He, Muhammad Naveed, Carl A. Gunter, and Klara Nahrstedt
AMIA Symposium, Washington DC, November 2014

Android at Risk: Current Threats Stemming from Unprotected Local and External Resources
Soteris Demetriou
Master of Science Thesis, University of Illinois at Urbana-Champaign, August 2014.

The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations,
Xiaoyong Zhou, Yeonjoon Lee, Nan Zhang, Muhammad Naveed, and XiaoFeng Wang.
IEEE Symposium on Security and Privacy, San Jose, CA, May 2014.

Diagnosis Based Specialist Identification in the Hospital,
Xun Lu.
Master of Science Thesis, University of Illinois at Urbana-Champaign, May 2014.

Privacy-Preserving Audit for Broker-Based Health Information Exchange,
Se Eun Oh.
Masters of Science Thesis, University of Illinois at Urbana-Champaign, May 2014.

Security Threats to Android Apps,
Dongjing He.
Master of Science Thesis, University of Illinois at Urbana-Champaign, May 2014.

Hurdles for Genomic Data Usage Management,
Muhammad Naveed.
IEEE Workshop on Data Usage Management (DUMA ’14), San Jose, CA, May 2014.

Last updated on Sunday, May 18, 2014, 2:56 pm