Dartmouth College

Displaying 1-40 of 51 results

  • White Papers // Nov 2012

    XUTools: Unix Commands for Processing Next-Generation Structured Text

    Traditional Unix tools operate on sequences of characters, bytes, fields, lines, and files. However, modern practitioners often want to manipulate files in terms of a variety of language-specific constructs -C functions, Cisco IOS interface blocks, and XML elements, to name a few. These language-specific structures quite often lie beyond the...

    Provided By Dartmouth College

  • White Papers // Jun 2012

    Who Wears Me? Bioimpedance as a Passive Biometric

    Mobile and wearable systems for monitoring health are becoming common. If such an m-Health system knows the identity of its wearer, the system can properly label and store data collected by the system. Existing recognition schemes for such mobile applications and pervasive devices are not particularly usable - they require...

    Provided By Dartmouth College

  • White Papers // Jun 2012

    TARDIS: Time and Remanence Decay in SRAM to Implement Secure Protocols on Embedded Devices without Clocks

    Lack of a locally trustworthy clock makes security protocols challenging to implement on batteryless embedded devices such as contact smartcards, contactless smartcards, and RFID tags. A device that knows how much time has elapsed between queries from an untrusted reader could better protect against attacks that depend on the existence...

    Provided By Dartmouth College

  • White Papers // Jan 2012

    An Overview of Computer Viruses in a Research Environment

    The threat of attack by computer viruses is in reality a very small part of a much more general threat, specifically attacks aimed at subverting computer security. This paper examines computer viruses as malicious logic in a research and development environment, relates them to various models of security and integrity,...

    Provided By Dartmouth College

  • White Papers // Sep 2011

    Hide-n-Sense: Privacy-Aware Secure mHealth Sensing

    As healthcare in many countries faces an aging population and rising costs, mobile sensing technologies promise a new opportunity. Using mobile Health (mHealth) sensing, which uses medical sensors to collect data about the patients, and mobile phones to act as a gateway between sensors and electronic health record systems, caregivers...

    Provided By Dartmouth College

  • White Papers // Jul 2011

    Social Network Analysis Plugin (SNAP) for Mesh Networks

    In a network, bridging nodes are those nodes that from a topological perspective, are strategically located between highly connected regions of nodes. Thus, they have high values of the Bridging Centrality (BC) metric. The authors recently introduced the Localized Bridging Centrality (LBC) metric, which can identify such nodes via distributed...

    Provided By Dartmouth College

  • White Papers // Jul 2011

    Exposing Privacy Concerns in mHealth

    Mobile Health (mHealth) sensing devices can help individuals work towards a healthier lifestyle or allow them to share the collected information with their doctor to diagnose health issues or manage a chronic disease. If these sensors are collecting personal health information while patients are at home or at their workplace,...

    Provided By Dartmouth College

  • White Papers // Jun 2011

    Effects of Network Trace Sampling Methods on Privacy and Utility Metrics

    Researchers studying computer networks rely on the availability of traffic trace data collected from live production networks. Those choosing to share trace data with colleagues must first remove or otherwise anonymize sensitive information. This process, called sanitization, represents a tradeoff between the removal of information in the interest of identity...

    Provided By Dartmouth College

  • White Papers // Jun 2011

    Exploiting the Hard-Working DWARF: Trojan and Exploit Techniques Without Native Executable Code

    The paper of vulnerabilities and exploitation is one of finding mechanisms affecting the flow of computation and of finding new means to perform unexpected computation. In this paper, the authors show the extent to which exception handling mechanisms as implemented and used by gcc can be used to control program...

    Provided By Dartmouth College

  • White Papers // Jun 2011

    IEEE 802.15.4 Wireless Security: Self-Assessment Frameworks

    This paper analyzes the security of networks built upon the IEEE 802.15.4 standard, specifically in regard to the ability of an attacker to manipulate such networks under real-world conditions. The author presents a set of tools, both hardware and software, that advance the state-of-the-art in reconnaissance and site surveying, intelligent...

    Provided By Dartmouth College

  • White Papers // Apr 2011

    Exploiting the Hard-Working DWARF: Trojans With No Native Executable Code

    All binaries compiled by recent versions of GCC from C++ programs include complex data and dedicated code for exception handling support. The data structures describe the call stack frame layout in the DWARF format bytecode. The dedicated code includes an interpreter of this bytecode and logic to implement the call...

    Provided By Dartmouth College

  • White Papers // Apr 2011

    Using Hierarchal Change Mining to Manage Network Security Policy Evolution

    Managing the security of complex cloud and networked computing environments requires crafting security policy - ranging from natural-language text to highly-structured configuration rules, sometimes multi-layered - specifying correct system behavior in an adversarial environment. Since environments change and evolve, managing security requires managing evolution of policies, which adds another layer,...

    Provided By Dartmouth College

  • White Papers // Mar 2011

    Recognizing Whether Sensors Are on the Same Body

    As personal health sensors become ubiquitous, the authors also expect them to become interoperable. That is, instead of closed, end-to-end personal health sensing systems, the authors envision standardized sensors wirelessly communicating their data to a device many people already carry today, the cellphone. In an open personal health sensing system,...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    Opportunistic and Delay-Tolerant Networks

    Today, people predominately rely on the Internet and cellular network, as well as the plain old telephone system, to communicate with each other. Typically, these communication services are built from fixed wired or wireless infrastructure, where the "Next hop" is known in advance, well engineered and its performance in terms...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    Privacy Analysis of User Association Logs in a Large-Scale Wireless LAN

    User association logs collected from a large-scale wireless LAN record where and when a user has used the network. Such information plays an important role in wireless network research. One concern of sharing these data with other researchers, however, is that the logs pose potential privacy risks for the network...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    Simulation Modeling of Large-Scale Ad-Hoc Sensor Networks

    In the scenario of a natural catastrophe or a terrorist attack, a large number of self-organizing, low-cost sensor devices can be deployed over the affected area. Each device equipped with its own power source, sensor, processing unit and low-power radio, can be imbued with the intelligence to seek out its...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    Secure Context-Sensitive Authorization

    There is a recent trend toward rule-based authorization systems to achieve flexible security policies. Also, new sensing technologies in pervasive computing make it possible to define context-sensitive rules, such as "Allow Database Access Only to Staff Who Are Currently Located in the Main Office." However, these rules, or the facts...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    VirtualWalls: Protecting Digital Privacy in Pervasive Environments

    As pervasive environments become more commonplace, the privacy of users is placed at increased risk. The numerous and diverse sensors in these environments can record users' contextual information, leading to users unwittingly leaving "Digital Footprints." Users must thus be allowed to control how their digital footprints are reported to third...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    Group-Aware Stream Filtering

    In this paper the authors are concerned with disseminating high-volume data streams to many simultaneous context-aware applications over a low-bandwidth wireless mesh network. For bandwidth efficiency, they propose a group-aware stream filtering approach, used in conjunction with multicasting, that exploits two overlooked, yet important, properties of these applications: Many applications...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    Application-Controlled Loss-Tolerant Data Dissemination

    Reactive or proactive mobile applications require continuous monitoring of their physical and computational environment to make appropriate decisions in time. These applications need to monitor data streams produced by sensors and react to changes. When mobile sensors and applications are connected by low-bandwidth wireless networks, sensor data rates may overwhelm...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    A Meeting Detector and Its Applications

    In this paper the authors present a context-sensing component that recognizes meetings in a typical office environment. The prototype detects the meeting start and end by combining outputs from pressure and motion sensors installed on the chairs. They developed a telephone controller application that transfers incoming calls to voice-mail when...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    Finding Holes in Sensor Networks

    The authors consider the problem of detecting holes in a sensor network. A hole occurs when several adjacent nodes in a sensor network fail, and is defined as the convex hull of the region containing the failed sensors. The presence of holes in sensor networks has important consequences on the...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    Risks of Using AP Locations Discovered Through War Driving

    Many pervasive-computing applications depend on knowledge of user location. Because most current location-sensing techniques work only either indoors or outdoors, researchers have started using 802.11 beacon frames from Access Points (APs) to provide broader coverage. To use 802.11 beacons, they need to know AP locations. Because the actual locations are...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    Pastures: Towards Usable Security Policy Engineering

    Whether a particular computing installation meets its security goals depends on whether the administrators can create a policy that expresses these goals - security in practice requires effective policy engineering. The authors have found that the reigning SELinux model fares poorly in this regard, partly because typical isolation goals are...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    Testing the Greenpass Wireless Security System

    Greenpass, developed by Nick Goffee, Sung Hoon Kim, Meiyuan Zhao and John Marchesini under the supervision of Sean Smith and Punch Taylor, is a wireless security solution that implements SPKI/SDSI delegation on top of X.509 keypairs within the EAP-TLS authentication protocol. This system aims to model the decentralized way that...

    Provided By Dartmouth College

  • White Papers // Oct 2010

    On the Reliability of Wireless Fingerprinting Using Clock Skews

    Determining whether a client station should trust an access point is a known problem in wireless security. Traditional approaches to solving this problem resort to cryptography. But cryptographic exchange protocols are complex and therefore induce potential vulnerabilities in themselves. The authors show that measurement of clock skews of access points...

    Provided By Dartmouth College

  • White Papers // Oct 2010

    Distributed Monitoring of Conditional Entropy for Anomaly Detection in Streams

    In this paper the authors consider the problem of monitoring information streams for anomalies in a scalable and efficient manner. They study the problem in the context of network streams where the problem has received significant attention. Monitoring the empirical Shannon entropy of a feature in a network packet stream...

    Provided By Dartmouth College

  • White Papers // Oct 2010

    A Stackelberg Strategy for Routing Flow Over Time

    Routing games are used to understand the impact of individual users' decisions on network efficiency. Most prior work on routing games uses a simplified model of network flow where all flow exists simultaneously, and users care about either their maximum delay or their total delay. Both of these measures are...

    Provided By Dartmouth College

  • White Papers // Sep 2010

    BLAC: Revoking Repeatedly Misbehaving Anonymous Users Without Relying on TTPs

    Several credential systems have been proposed in which users can authenticate to service providers anonymously. Since anonymity can give users the license to misbehave, some variants allow the selective deanonymization (or linking) of misbehaving users upon a complaint to a Trusted Third Party (TTP). The ability of the TTP to...

    Provided By Dartmouth College

  • White Papers // Aug 2010

    On Usable Authentication for Wireless Body Area Networks

    The authors examine a specific security problem in wireless body area networks (WBANs), what they call the one body authentication problem. That is, how can they ensure that the wireless sensors in a WBAN are collecting data about one individual and not several individuals. They explore existing solutions to this...

    Provided By Dartmouth College

  • White Papers // Aug 2010

    Is Bluetooth the Right Technology for mHealth?

    Many people believe mobile Healthcare (mHealth) would help alleviate the rising cost of healthcare and improve the quality of service. Bluetooth, which is the most popular wireless technology for personal medical devices, is used for most of the mHealth sensing applications. This paper raises the question - Is Bluetooth the...

    Provided By Dartmouth College

  • White Papers // Jul 2010

    Saluki: A High-Performance Wi-Fi Sniffing Program

    Building a campus-wide wireless LAN measurement system faces many efficiency, scalability and security challenges. To address these challenges, the authors developed a distributed Wi-Fi sniffing program called Saluki. Compared to their previous implementation and to other available sniffing programs, Saluki has the following advantages: its small footprint makes it suitable...

    Provided By Dartmouth College

  • White Papers // Jul 2010

    Information Security in the Ecosystem of Healthcare

    Jekyll and Hyde embodies how information security affects today's healthcare ecosystem. When security works, it promotes patient health and a smooth operating ecosystem (Dr. Jekyll); when it doesn't, privacy and health compromises can occur (Mr. Hyde). In this paper, the authors argue that unusable security triggers this split personality and...

    Provided By Dartmouth College

  • White Papers // Jun 2010

    Can I Access Your Data? Privacy Management in MHealth

    Mobile health (mHealth) has become important in the field of healthcare information technology, as patients begin to use mobile medical sensors to record their daily activities and vital signs. Since their medical data is collected by their sensors, the patients may wish to control data collection and distribution, so as...

    Provided By Dartmouth College

  • White Papers // Jun 2010

    The Impact of Information Security Rating on Vendor Competition

    Security breaches often stem from business partner failures within the value chain. There have been several recent efforts to develop a common reference for rating the information risk posed by partners. The authors develop a simple analytical model to examine the impact of such information security ratings on service providers,...

    Provided By Dartmouth College

  • White Papers // Jun 2010

    Creating Large Disturbances in the Power Grid: Methods of Attack After Cyber Infiltration

    Researchers are pursuing methods of securing the cyber aspect of the U.S. power grid, one of the country's most critical infrastructures. An attacker who is able to infiltrate an Energy Management System (EMS) can instruct elements of the grid to function improperly or can skew the state information received by...

    Provided By Dartmouth College

  • White Papers // Apr 2010

    Do Tariffs Affect The Terms Of Trade? Evidence From U.S. Tariff Shocks

    A classic economic question concerns the incidence of import duties and the extent to which domestic consumers or foreign exporters bear the burden of the tariff, yet direct empirical evidence on this question is scarce. This paper studies the impact of two large tariff shocks - the Smoot-Hawley increase in...

    Provided By Dartmouth College

  • White Papers // Apr 2010

    MetroTrack: Predictive Tracking of Mobile Events Using Mobile Phones

    This paper proposes to use mobile phones carried by people in their everyday lives as mobile sensors to track mobile events. The authors argue that sensor-enabled mobile phones are best suited to deliver sensing services (e.g., Tracking in urban areas) than more traditional solutions, such as static sensor networks, which...

    Provided By Dartmouth College

  • White Papers // Jan 2010

    Scalability of Network Simulators Revisited

    As interest in the networking community turns to increasingly complicated networks run over increasingly long simulation times, performance differences in network simulators increasingly matter. Characteristics of concern include execution speed, size of model that can be simulated, and scalability - how those abilities change as the problem size and simulation...

    Provided By Dartmouth College

  • White Papers // Nov 2009

    TOCTOU, Traps, and Trusted Computing

    The security of the standard TCG architecture depends on whether the values in the PCRs match the actual platform configuration. However, this design admits potential for time-of-check time-of-use vulnerabilities: A PCR reflects the state of code and data when it was measured, not when the TPM uses a credential or...

    Provided By Dartmouth College

  • White Papers // Apr 2010

    Do Tariffs Affect The Terms Of Trade? Evidence From U.S. Tariff Shocks

    A classic economic question concerns the incidence of import duties and the extent to which domestic consumers or foreign exporters bear the burden of the tariff, yet direct empirical evidence on this question is scarce. This paper studies the impact of two large tariff shocks - the Smoot-Hawley increase in...

    Provided By Dartmouth College

  • White Papers // Aug 2009

    Responsive Audiences, Responsive Speakers

    Expecting more from audiences in any speech classrooms will not only lead to better speeches, but also more closely mirror the type of collaborative communication that underscores a healthy democratic society. With an active audience, public speaking moves from monologue to dialogue, and as Pericles once observed, discussion is "An...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    Privacy Analysis of User Association Logs in a Large-Scale Wireless LAN

    User association logs collected from a large-scale wireless LAN record where and when a user has used the network. Such information plays an important role in wireless network research. One concern of sharing these data with other researchers, however, is that the logs pose potential privacy risks for the network...

    Provided By Dartmouth College

  • White Papers // Jun 2010

    The Impact of Information Security Rating on Vendor Competition

    Security breaches often stem from business partner failures within the value chain. There have been several recent efforts to develop a common reference for rating the information risk posed by partners. The authors develop a simple analytical model to examine the impact of such information security ratings on service providers,...

    Provided By Dartmouth College

  • White Papers // Sep 2009

    The Impact of Professional Information Security Ratings on Vendor Competition

    Security breaches often stem from business partner failures within the value chain. There have been several recent efforts to develop a common reference for rating the information risk posed by partners. The authors develop a simple analytical model to examine the impact of such information security ratings on service providers,...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    Simulation Modeling of Large-Scale Ad-Hoc Sensor Networks

    In the scenario of a natural catastrophe or a terrorist attack, a large number of self-organizing, low-cost sensor devices can be deployed over the affected area. Each device equipped with its own power source, sensor, processing unit and low-power radio, can be imbued with the intelligence to seek out its...

    Provided By Dartmouth College

  • White Papers // Apr 2010

    MetroTrack: Predictive Tracking of Mobile Events Using Mobile Phones

    This paper proposes to use mobile phones carried by people in their everyday lives as mobile sensors to track mobile events. The authors argue that sensor-enabled mobile phones are best suited to deliver sensing services (e.g., Tracking in urban areas) than more traditional solutions, such as static sensor networks, which...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    Secure Context-Sensitive Authorization

    There is a recent trend toward rule-based authorization systems to achieve flexible security policies. Also, new sensing technologies in pervasive computing make it possible to define context-sensitive rules, such as "Allow Database Access Only to Staff Who Are Currently Located in the Main Office." However, these rules, or the facts...

    Provided By Dartmouth College

  • White Papers // Aug 2010

    On Usable Authentication for Wireless Body Area Networks

    The authors examine a specific security problem in wireless body area networks (WBANs), what they call the one body authentication problem. That is, how can they ensure that the wireless sensors in a WBAN are collecting data about one individual and not several individuals. They explore existing solutions to this...

    Provided By Dartmouth College

  • White Papers // Jun 2010

    Can I Access Your Data? Privacy Management in MHealth

    Mobile health (mHealth) has become important in the field of healthcare information technology, as patients begin to use mobile medical sensors to record their daily activities and vital signs. Since their medical data is collected by their sensors, the patients may wish to control data collection and distribution, so as...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    VirtualWalls: Protecting Digital Privacy in Pervasive Environments

    As pervasive environments become more commonplace, the privacy of users is placed at increased risk. The numerous and diverse sensors in these environments can record users' contextual information, leading to users unwittingly leaving "Digital Footprints." Users must thus be allowed to control how their digital footprints are reported to third...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    Group-Aware Stream Filtering

    In this paper the authors are concerned with disseminating high-volume data streams to many simultaneous context-aware applications over a low-bandwidth wireless mesh network. For bandwidth efficiency, they propose a group-aware stream filtering approach, used in conjunction with multicasting, that exploits two overlooked, yet important, properties of these applications: Many applications...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    Application-Controlled Loss-Tolerant Data Dissemination

    Reactive or proactive mobile applications require continuous monitoring of their physical and computational environment to make appropriate decisions in time. These applications need to monitor data streams produced by sensors and react to changes. When mobile sensors and applications are connected by low-bandwidth wireless networks, sensor data rates may overwhelm...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    A Meeting Detector and Its Applications

    In this paper the authors present a context-sensing component that recognizes meetings in a typical office environment. The prototype detects the meeting start and end by combining outputs from pressure and motion sensors installed on the chairs. They developed a telephone controller application that transfers incoming calls to voice-mail when...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    Finding Holes in Sensor Networks

    The authors consider the problem of detecting holes in a sensor network. A hole occurs when several adjacent nodes in a sensor network fail, and is defined as the convex hull of the region containing the failed sensors. The presence of holes in sensor networks has important consequences on the...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    Risks of Using AP Locations Discovered Through War Driving

    Many pervasive-computing applications depend on knowledge of user location. Because most current location-sensing techniques work only either indoors or outdoors, researchers have started using 802.11 beacon frames from Access Points (APs) to provide broader coverage. To use 802.11 beacons, they need to know AP locations. Because the actual locations are...

    Provided By Dartmouth College

  • White Papers // Oct 2010

    A Stackelberg Strategy for Routing Flow Over Time

    Routing games are used to understand the impact of individual users' decisions on network efficiency. Most prior work on routing games uses a simplified model of network flow where all flow exists simultaneously, and users care about either their maximum delay or their total delay. Both of these measures are...

    Provided By Dartmouth College

  • White Papers // Nov 2009

    TOCTOU, Traps, and Trusted Computing

    The security of the standard TCG architecture depends on whether the values in the PCRs match the actual platform configuration. However, this design admits potential for time-of-check time-of-use vulnerabilities: A PCR reflects the state of code and data when it was measured, not when the TPM uses a credential or...

    Provided By Dartmouth College

  • White Papers // Dec 2008

    Nymble: Blocking Misbehaving Users in Anonymizing Networks

    Anonymizing networks such as Tor allow users to access Internet services privately by using a series of routers to hide the client's IP address from the server. The success of such networks, however, has been limited by users employing this anonymity for abusive purposes such as defacing popular websites. Website...

    Provided By Dartmouth College

  • White Papers // Mar 2009

    Authenticated Streamwise On-Line Encryption

    In Blockwise On-line Encryption, encryption and decryption return an output block as soon as the next input block is received. In this paper, the authors introduce Authenticated Streamwise Online Encryption (ASOE), which operates on plaintexts and ciphertexts as streams of arbitrary length (as opposed to fixed-sized blocks), and thus significantly...

    Provided By Dartmouth College

  • White Papers // Jan 2011

    Pastures: Towards Usable Security Policy Engineering

    Whether a particular computing installation meets its security goals depends on whether the administrators can create a policy that expresses these goals - security in practice requires effective policy engineering. The authors have found that the reigning SELinux model fares poorly in this regard, partly because typical isolation goals are...

    Provided By Dartmouth College

  • White Papers // Jul 2010

    Information Security in the Ecosystem of Healthcare

    Jekyll and Hyde embodies how information security affects today's healthcare ecosystem. When security works, it promotes patient health and a smooth operating ecosystem (Dr. Jekyll); when it doesn't, privacy and health compromises can occur (Mr. Hyde). In this paper, the authors argue that unusable security triggers this split personality and...

    Provided By Dartmouth College

  • White Papers // Jun 2009

    ABUSE: PKI for Real-World Email Trust

    Current PKI-based email systems (such as X.509 S/MIME and PGP/ MIME) potentially enable a recipient to determine a name and organizational affiliation of the sender. This information can suffice for a trust decision when the recipient already knows the sender - but how can a recipient decide whether or not...

    Provided By Dartmouth College

  • White Papers // Sep 2010

    BLAC: Revoking Repeatedly Misbehaving Anonymous Users Without Relying on TTPs

    Several credential systems have been proposed in which users can authenticate to service providers anonymously. Since anonymity can give users the license to misbehave, some variants allow the selective deanonymization (or linking) of misbehaving users upon a complaint to a Trusted Third Party (TTP). The ability of the TTP to...

    Provided By Dartmouth College

  • White Papers // Apr 2011

    Using Hierarchal Change Mining to Manage Network Security Policy Evolution

    Managing the security of complex cloud and networked computing environments requires crafting security policy - ranging from natural-language text to highly-structured configuration rules, sometimes multi-layered - specifying correct system behavior in an adversarial environment. Since environments change and evolve, managing security requires managing evolution of policies, which adds another layer,...

    Provided By Dartmouth College

  • White Papers // Aug 2009

    A Computational Framework for Certificate Policy Operations

    The trustworthiness of any Public Key Infrastructure (PKI) rests upon the expectations for trust, and the degree to which those expectations are met. Policies, whether implicit as in PGP and SDSI/SPKI or explicitly required as in X.509, document expectations for trust in a PKI. The widespread use of X.509 in...

    Provided By Dartmouth College

  • White Papers // Nov 2012

    XUTools: Unix Commands for Processing Next-Generation Structured Text

    Traditional Unix tools operate on sequences of characters, bytes, fields, lines, and files. However, modern practitioners often want to manipulate files in terms of a variety of language-specific constructs -C functions, Cisco IOS interface blocks, and XML elements, to name a few. These language-specific structures quite often lie beyond the...

    Provided By Dartmouth College

  • White Papers // Jun 2012

    Who Wears Me? Bioimpedance as a Passive Biometric

    Mobile and wearable systems for monitoring health are becoming common. If such an m-Health system knows the identity of its wearer, the system can properly label and store data collected by the system. Existing recognition schemes for such mobile applications and pervasive devices are not particularly usable - they require...

    Provided By Dartmouth College

  • White Papers // Jun 2009

    HIPAA Compliance: An Examination of Institutional and Market Forces

    One would think that the enactment of the HIPAA, with its mandates on data security and privacy, would have brought a major shift in the security management practices within the US healthcare. Unfortunately, recent industry reports indicate low levels of regulatory compliance, thus raising security concerns for the US health...

    Provided By Dartmouth College

  • White Papers // Nov 2009

    HIPAA Compliance in Home Health: A Neo-Institutional Theoretic Perspective

    As the baby boomers age and the focus of healthcare shifts from acute care to chronic care, home healthcare will become increasingly important in controlling cost and improving quality. Health IT will undoubtedly play critical role toward these goals. Yet, growing adoption of Health IT raises important questions related to...

    Provided By Dartmouth College

  • White Papers // Dec 2008

    Which Hospitals Are Complying With HIPAA: An Empirical Investigation of US Hospitals

    Since the passage of HIPAA regulation, US hospitals have gone on a high gear by investing organizational resources on HIPAA policy and procedures, information technologies, and information privacy & security safeguards to achieve compliance status by the enforcement dates. Yet, recent industry report, conducted post HIPAA enforcement deadlines, presents a...

    Provided By Dartmouth College

  • White Papers // Jan 2010

    Scalability of Network Simulators Revisited

    As interest in the networking community turns to increasingly complicated networks run over increasingly long simulation times, performance differences in network simulators increasingly matter. Characteristics of concern include execution speed, size of model that can be simulated, and scalability - how those abilities change as the problem size and simulation...

    Provided By Dartmouth College

  • White Papers // Aug 2010

    Is Bluetooth the Right Technology for mHealth?

    Many people believe mobile Healthcare (mHealth) would help alleviate the rising cost of healthcare and improve the quality of service. Bluetooth, which is the most popular wireless technology for personal medical devices, is used for most of the mHealth sensing applications. This paper raises the question - Is Bluetooth the...

    Provided By Dartmouth College

  • White Papers // Mar 2011

    Recognizing Whether Sensors Are on the Same Body

    As personal health sensors become ubiquitous, the authors also expect them to become interoperable. That is, instead of closed, end-to-end personal health sensing systems, the authors envision standardized sensors wirelessly communicating their data to a device many people already carry today, the cellphone. In an open personal health sensing system,...

    Provided By Dartmouth College

  • White Papers // Oct 2010

    On the Reliability of Wireless Fingerprinting Using Clock Skews

    Determining whether a client station should trust an access point is a known problem in wireless security. Traditional approaches to solving this problem resort to cryptography. But cryptographic exchange protocols are complex and therefore induce potential vulnerabilities in themselves. The authors show that measurement of clock skews of access points...

    Provided By Dartmouth College

  • White Papers // Jun 2011

    Effects of Network Trace Sampling Methods on Privacy and Utility Metrics

    Researchers studying computer networks rely on the availability of traffic trace data collected from live production networks. Those choosing to share trace data with colleagues must first remove or otherwise anonymize sensitive information. This process, called sanitization, represents a tradeoff between the removal of information in the interest of identity...

    Provided By Dartmouth College

  • White Papers // Apr 2011

    Exploiting the Hard-Working DWARF: Trojans With No Native Executable Code

    All binaries compiled by recent versions of GCC from C++ programs include complex data and dedicated code for exception handling support. The data structures describe the call stack frame layout in the DWARF format bytecode. The dedicated code includes an interpreter of this bytecode and logic to implement the call...

    Provided By Dartmouth College

  • White Papers // Jun 2011

    Exploiting the Hard-Working DWARF: Trojan and Exploit Techniques Without Native Executable Code

    The paper of vulnerabilities and exploitation is one of finding mechanisms affecting the flow of computation and of finding new means to perform unexpected computation. In this paper, the authors show the extent to which exception handling mechanisms as implemented and used by gcc can be used to control program...

    Provided By Dartmouth College

  • White Papers // Jun 2011

    IEEE 802.15.4 Wireless Security: Self-Assessment Frameworks

    This paper analyzes the security of networks built upon the IEEE 802.15.4 standard, specifically in regard to the ability of an attacker to manipulate such networks under real-world conditions. The author presents a set of tools, both hardware and software, that advance the state-of-the-art in reconnaissance and site surveying, intelligent...

    Provided By Dartmouth College

  • White Papers // Jun 2010

    Creating Large Disturbances in the Power Grid: Methods of Attack After Cyber Infiltration

    Researchers are pursuing methods of securing the cyber aspect of the U.S. power grid, one of the country's most critical infrastructures. An attacker who is able to infiltrate an Energy Management System (EMS) can instruct elements of the grid to function improperly or can skew the state information received by...

    Provided By Dartmouth College