Trustworthy Health and Wellness (THaW) | Illinois Computer Security Laboratory

Traditional hospital information systems are built around the idea that there is a large computer in the hospital and terminals to access it throughout the hospital. However, this model of such systems is being challenged by the advantages of mobile computing with data managed in clouds and the idea that not all health data is collected in hospitals and clinics. These trends raise many issues about security and privacy; these issues generate research problems that threaten adoption of a promising alternative architecture for health data. THaW is a NSF Frontier project that research issues in this areas. This page lists some of the THaW work being done by Illinois Security Lab. Some of our areas of focus include security and privacy for genomic data and for heath apps on smartphones. THaW is a collaboration between five universities; see its project page to learn more.

Publications

Securing Emerging IoT Systems Through Systematic Analysis and Design.
Qi Wang.
Doctoral Dissertation, University of Illinois at Urbana-Champaign, November, 2020.

A Pragmatic Approach to Membership Inferences on Machine Learning Models.
Yunhui Long, Lei Wang, Diyue Bu, Vincent Bindschaedler, Xiaofeng Wang, Haixu Tang, Carl A. Gunter, and Kai Chen.
IEEE European Symposium on Security and Privacy (EuroS&P), September, 2020.

Grand Challenges for Embedded Security Research in a Connected World.
Wayne Burleson, Kevin Fu, Denise Anthony, Jorge Guajardo, Carl Gunter, Kyle Ingols, Jean-Baptiste Jeannin, Farinaz Koushanafar, Carl Landwehr, and Susan Squires.
arXiv:2005.06585 [cs.CY], May 2020.

Understanding and Mitigating Privacy Risk in Machine Learning Systems.
Yunhui Long.
Doctoral Dissertation, University of Illinois at Urbana-Champaign, May, 2020.

A Hypothesis Testing Approach to Sharing Logs with Confidence,
Yunhui Long, Le Xu, and Carl A. Gunter.
ACM Conference on Data and Application Security and Privacy (CODASPY ’20), New Orleans, LA, March 2020.

Charting the Attack Surface of Trigger-Action IoT Platforms.
Qi Wang, Pubali Datta,Wei Yang, Si Liu, Adam Bates, and Carl A. Gunter.
ACM Computer and Communications Security (CCS ’19), United Kingdom, November, 2019.

Practical Least Privilege for Cross-Origin Interactions on Mobile Operating Systems.
Güliz Seray Tuncay.
Doctoral Dissertation, University of Illinois at Urbana-Champaign, July, 2019.

BEEER: Distributed Record and Replay for Medical Devices in Hospital Operating Rooms,
Avesta Hojjati, Yunhui Long, Soteris Demetriou, and Carl A. Gunter.
ACM Hot Topics in the Science of Security Symposium (HotSoS), April, 2019, Nashville, TN, [PPT]

Distributed and Secure ML with Self-tallying Multi-party Aggregation,
Yunhui Long, Tanmay Gangwani, Muhammad Haris Mughees, and Carl A. Gunter.
NeurIPS Workshop on Privacy Preserving Machine Learning, Montréal, Canada, December 2018. [VIDEO]

ReSPonSe: Real-time, Secure, and Privacy-aware Video Redaction System,
Bo Chen, Klara Nahrstedt, and Carl A. Gunter.
ACM Mobile and Ubiquitous Systems: Computing, Networking and Services (MobiQuitous ’18), November, 2018, New York, NY.

ReSPonSe: Real-time, Secure, and Privacy-aware Video Redaction System.
Bo Chen, Klara Nahrstedt, and Carl Gunter. 2018.
EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services (MobiQuitous ’18), New York, NY, November 2018,

Property Inference Attacks on Fully Connected Neural Networks using Permutation Invariant Representations,
Karan Ganju, Qi Wang, Wei Yang, Carl A. Gunter, and Nikita Borisov.
ACM Computer and Communications Security (CCS ’18), Toronto Canada, October 2018.

NRF: A Naive Re-identification Framework,
Shubhra Kanti, Karmaker Santu, Vincent Bindschadler, ChengXiang Zhai, and Carl A. Gunter.
ACM Workshop on Privacy in an Electronic Society (WPES ’18), Toronto, Canada, October 2018.

Privacy-Preserving Seedbased Data Structures,
Vincent Bindschaedler.
Doctoral Dissertation, University of Illinois at Urbana-Champaign, July 2018.

De Facto Diagnosis Specialties: Recognition and Discovery,
Aston Zhang, Xun Lu, Carl A. Gunter, Shuochao Yao, Fangbo Tao, Rongda Zhu, Huan Gui, Daniel Fabbri, David Liebovitz, and Bradley Malin.
Learning Health Systems, 2018:e10057, 2018.

Inferring Properties of Neural Networks with Intelligent Designs,
Karan Ganju.
Master of Science Thesis, University of Illinois at Urbana-Champaign, May 2018.

Analyzing & Designing the Security of Shared Resources on Smartphone Operating systems,
Soteris Demetriou.
Doctoral Thesis, University of Illinois at Urbana-Champaign, May 2018.

Adversarial-Resilience Assurance for Mobile Security Systems,
Wei Yang.
Doctoral Thesis, University of Illinois at Urbana-Champaign, May 2018.

Analyzing & Designing the Security of Shared Resources on Smartphone Operating Systems.
Soteris Demetriou,
Doctoral Dissertation, University of Illinois at Urbana-Champaign, May 2018.

Analyzing & Designing the Security of Shared Resources on Smartphone Operating Systems.
Soteris Demetriou.
Doctoral Dissertation, University of Illinois at Urbana-Champaign, May, 2018.

Toward an Extensible Framework for Redaction,
Soteris Demetriou, Nathaniel D. Kaufman, Jonah Baim, Adam J. Goldsher and Carl A. Gunter.
Workshop on Security and Privacy for the Internet-of-Things (IoTSec), Orlando, FL, April 2018.

Fear and Logging in the Internet of Things,
Qi Wang, Wajih Ul Hassan, Adam Bates, and Carl A. Gunter.
ISOC Network and Distributed System Symposium (NDSS ’18), San Diego, CA, February 2018.

Resolving the Predicament of Android Custom Permissions,
Guliz Seray Tuncay, Soteris Demetriou, Karan Ganju, and Carl A. Gunter.
ISOC Network and Distributed System Security (NDSS ’18), San Diego, CA, February 2018. (Distinguished Paper Award)
Video

Towards Measuring Membership Privacy,
Yunhui Long, Vincent Bindschaedler, and Carl A. Gunter.
arXiv:1712.09136 [cs.CR], December 2017.

Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX,
Wenhao Wang, Guoxing Chen, Xiaorui Pan, Yinqian Zhang, XiaoFeng Wang, Vincent Bindschaedler, Haixu Tang, and Carl A. Gunter.
ACM Computer and Communications Security (CCS ’17), October, 2017.

Plausible Deniability for Privacy-Preserving Data Synthesis
Vincent Bindschaedler, Reza Shokri, Carl A. Gunter.
VLDB Endowment International Conference on Very Large Data Bases (VLDB ’17), Munich, Germany, August 28, 2017.

HanGuard: SDN-driven Protection of Smart Home WiFi Devices from Malicious Mobile Apps,
Soteris Demetriou, Nan Zhang, Yeonjoon Lee, XiaoFeng Wang, Carl A. Gunter, Xiaoyong Zhou, and Michael Grace.
ACM Security and Wireless and Mobile Networks (WiSec ’17), Boston, MA, July 2017. [PPT]

Analyzing Intentions from Big Data Traces of Human Activities,
Aston Zhang.
Doctoral Thesis, University of Illinois at Urbana-Champaign, May 2017.

Understanding IoT Security Through the Data Crystal Ball: Where We Are Now and Where We Are Going to Be,
Nan Zhang, Soteris Demetriou, XiangHang Mi, Wenrui Diao, Kan Yuan, Peiyuan Zong, Feng Qian, Xiaofeng Wang, Kai Chen, Yuan Tian, Carl A. Gunter, Kehuan Zhang, Patrick Tague, and Yue-Hsun Lin.
arXiv:1703.09809v1 [cs.CR], March 2017.

Draco: A System for Uniform and Fine-grained Access Control for Web Code on Android.
Guliz Seray Tuncay, Soteris Demetriou, Carl A. Gunter.
ACM Computer and Communications Security (CCS ’16), October, 2016.

Privacy and Security in Mobile Health,
David Kotz, Carl A. Gunter, Santosh Kumar, Jonathan P. Weiner.
IEEE Computer 49(6), 2016.

Privacy Research and Best Practices: Summary of a Workshop for the Intelligence Community,
The National Academies of Sciences, Engineering, and Medicine, 2016.

Secure and Practical Computation on Encrypted Data.
Muhammad Naveed,
Doctoral Thesis, University of Illinois at Urbana-Champaign, April 2016.

Free for All! Assessing User Data Exposure to Advertising Libraries on Android,
Soteris Demetriou, Whitney Merrill, Wei Yang, Aston Zhang and Carl A. Gunter.
ISOC Network and Distributed System Security (NDSS ’16), San Diego, February 2016.

Towards Mobile Query Auto-Completion: An Efficient Mobile Application-Aware Approach,
Aston Zhang, Amit Goyal, Ricardo Baeza-Yates, Yi Chang, Jiawei Han, Carl A. Gunter, and Hongbo Deng.
25th International World Wide Web Conference (WWW ’16), April 2016.

Inferring Clinical Workflow Efficiency via Electronic Medical Record Utilization,
You Chen, Wei Xie, Carl A Gunter, David Liebovitz, Sanjay Mehrotra, He Zhang, and Bradley Malin.
AMIA Symposium, San Francisco, CA, November 2015.

Network-on-Chip Firewall: Countering Defective and Malicious System-on-Chip Hardware,
Michael LeMay and Carl A. Gunter.
Logic, Rewriting, and Concurrency, Essays Dedicated to José Meseguer on the Occasion of his 65th Birthday, Urbana, IL, September 2015.

Discovering De Facto Diagnosis Specialities,
Xun Lu, Aston Zhang, Carl A. Gunter, Daniel Fabbri, David Liebovitz, and Bradley Malin.
ACM Conference on Bioinformatics, Computational Biology, and Health Informatics (BCB), Atlanta, GA, September 2015. [PPT]

Security for Mobile and Cloud Frontiers in Healthcare,
David Kotz, Kevin Fu, Carl Gunter, and Avi Rubin.
Communications of the ACM, 58(8), August 2015.

Privacy in the Genomic Era,
Muhammad Naveed, Erman Ayday, Ellen W. Clayton, Jacques Fellay, Carl A. Gunter, Jean-Pierre Hubaux, Bradley A. Malin, and XiaoFeng Wang.
ACM Computing Surveys 48, 1, Article 6, August, 2015.
Associated online tutorial on genomics for computer scientists.

Building Bridges Across Electronic Health Record Systems through Inferred Phenotypic Topics,
You Chen, Joydeep Ghosh, Cosmin Adrian Bejan, Carl A. Gunter, Siddharth Gupta, Abel Kho, David Liebovitz, Jimeng Sun, Joshua Denny, and Bradley Malin.
Journal of Biomedical Informatics, Volume 55 (2015), pages 82-93. Appendix.

What’s in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources,
Soteris Demetriou , Xiaoyong Zhouz, Muhammad Naveed, Yeonjoon Lee, Kan Yuan, XiaoFeng Wang, and Carl A Gunter.
ISOC Network and Distributed System Security (NDSS ’15), San Diego, February 2015.

Toward a Science of Learning Systems: a Research Agenda for the High-Functioning Learning Health System,
Charles Friedman. Joshua Rubin, Jeffrey Brown, Melinda Buntin, Milton Corn, Lynn Etheredge, Carl Gunter, Mark Musen, Richard Platt, William Stead, Kevin Sullivan, Douglas Van Houweling.
Journal of the American Medical Informatics Association (JAMIA), 22(1), 2015.

Decide Now or Decide Later? Quantifying the Tradeoff between Prospective and Retrospective Access Decisions,
Wen Zhang, You Chen, Thaddeus R. Cybulski, Daniel Fabbri, Carl A. Gunter, Patrick Lawlor, David Liebovitz, Bradley Malin.
ACM Computer and Communication Security (CCS), Scottsdale AZ, November 2014.

Controlled Functional Encryption,
Muhammad Naveed, Shashank Agrawal, Manoj Prabhakaran, Xiaofeng Wang, Erman Ayday, Jean-Pierre Hubaux, and Carl A. Gunter.
ACM Computer and Communication Security (CCS), Scottsdale AZ, November 2014.

Detecting Privacy-Sensitive Events in Medical Text,
Prateek Jindal, Carl A. Gunter, and Dan Roth.
ACM Bioinformatics, Computational Biology, and Health Informatics (BCB), Newport Beach, CA, September 2014. (Technical Report.)

Decision Support for Data Segmentation (DS2): Application to Pull Architectures for HIE,
Carl A. Gunter, Mike Berry, and Martin French.
USENIX Safety, Security, Privacy, and Interoperability of Health Information Technologies (HealthTech ’14), San Diego, August 2014.

Security Concerns in Android mHealth Apps
Dongjing He, Muhammad Naveed, Carl A. Gunter, and Klara Nahrstedt
AMIA Symposium, Washington DC, November 2014

Android at Risk: Current Threats Stemming from Unprotected Local and External Resources
Soteris Demetriou
Master of Science Thesis, University of Illinois at Urbana-Champaign, August 2014.

The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations,
Xiaoyong Zhou, Yeonjoon Lee, Nan Zhang, Muhammad Naveed, and XiaoFeng Wang.
IEEE Symposium on Security and Privacy, San Jose, CA, May 2014.

Diagnosis Based Specialist Identification in the Hospital,
Xun Lu.
Master of Science Thesis, University of Illinois at Urbana-Champaign, May 2014.

Privacy-Preserving Audit for Broker-Based Health Information Exchange,
Se Eun Oh.
Masters of Science Thesis, University of Illinois at Urbana-Champaign, May 2014.

Security Threats to Android Apps,
Dongjing He.
Master of Science Thesis, University of Illinois at Urbana-Champaign, May 2014.

Hurdles for Genomic Data Usage Management,
Muhammad Naveed.
IEEE Workshop on Data Usage Management (DUMA ’14), San Jose, CA, May 2014.

Last updated on Sunday, May 18, 2014, 2:56 pm