We are grateful for the following support.

Visual Paradigm Academic Partner Program has made possible the use of VP at University of Massachusetts Lowell for educational purpose.

NIH Award # 5R01LM010942-03
New Technology to Preserve Patient Privacy and Data Quality in Health Research
PI: Xiaobai Li
Co-Investigators: Luvai Motiwalla, PhD in MIS; Patricia ranklin, MD; Wenjun Li, PhD in Biostatistics

Abstract Text:

DESCRIPTION (provided by applicant): Health information technology has enabled healthcare community to store and share a large amount of health and healthcare data electronically. While secondary use of this data has significantly enhanced the quality and efficiency of medical and healthcare research, there is a growing concern about privacy due to such use of personal data. The goal of this research, as a response to this challenge, is to develop and test a novel data- masking technology that can be used by healthcare organizations to prevent or limit privacy disclosure when sharing patient data for research. To protect patient privacy, the Health Insurance Portability and Accountability Act (HIPAA) has established a set of rules concerning what information cannot be released to a third party. However, studies have shown that the HIPAA rules lack the flexibility to adequately meet the diverse needs of data users; they can be under- protective in some cases and over-protective in others. Recognizing this limitation, HIPAA also provides guidelines that enable a scientific assessment of privacy disclosure risk to determine if the data is appropriate for release. This research focuses on this aspect of HIPAA and its related topics. The specific aims of this research are: (1) to identify weakness in the HIPAA rule-based privacy protection mechanism and demonstrate this problem using data available to users with different access levels; (2) to propose metrics for assessing and quantifying privacy disclosure risk and data utility; (3) to develop methods and techniques for privacy protection when sharing and disseminating data; and (4) to conduct experiments to evaluate the afore-mentioned risk and utility metrics, and data-masking techniques. The proposing team has identified an effective technique to systematically compromise data privacy. This provides a basis for a more thorough study to achieve specific aim 1. Methods grounded on statistics and information theory will be employed to construct the metrics for specific aim 2. The data-masking approach for specific aim 3 employs an innovative divide-and-counter strategy, which first partitions data into subsets and then masks the data within each subset. Experimental design for specific aim 4 involves performance evaluations in terms of disclosure risk, data utility, and computational scalability, using three categories of data: clinical data, Medicare claims, and publicly available personal data. This research is highly relevant to the mission of NIH. By adequately protecting privacy, the proposed technology will alleviate concerns about loss of participant confidentiality and enable improved quality and efficiency for research based on secondary use of data. This will greatly help design and develop "programs for the collection, dissemination, and exchange of information in medicine and health," thereby achieving NIH's goal to "expand the knowledge base in medical and associated sciences." This research will also offer valuable insights for policy makers to assess the tradeoff between privacy protection and data sharing and analysis.

Public Health Relevance Statement:

NEW TECHNOLOGY TO PRESERVE PATIENT PRIVACY AND DATA QUALITY IN HEALTH RESEARCH PROJECT NARRATIVE This research addresses privacy concerns due to secondary use of health and healthcare data. The goal of this research is to develop and test a novel data-masking technology that can be used by healthcare organizations to prevent or limit privacy disclosure when sharing patient data for research. This research is highly relevant to the mission of NIH in that it will alleviate concerns about loss of participant confidentiality and enable high quality research, which will greatly help design and develop "programs for the collection, dissemination, and exchange of information in medicine and health," thereby achieving NIH's goals to "expand the knowledge base in medical and associated sciences" and "promote the highest level of scientific integrity, public accountability, and social responsibility in the conduct of science."

NSF Award # 1116644
TC: Small: Collaborative Research: Membership Inference in a Differentially Private World and Beyond
PI: Xinwen Fu

The objective of the proposed research is to systematically understand, evaluate and contribute towards the problem of membership inference in aggregate data publishing, a generic, novel, and dangerous privacy threat in a wide variety of real-world applications. The main idea proposed to address the problem of membership inference is an information-theoretic model of privacy disclosure as a noisy communication channel. Based on the channel coding theory and the recent advance in multi-input multi-output (MIMO) communication channels, the proposed research studies novel techniques for membership inference and explores the corresponding privacy-preserving mechanisms.

Intellectual Merit: The following salient features distinguish the proposed work from existing studies: (1) the proposed research studies a novel problem of membership inference in aggregate data publishing which stands in sharp contrast to the traditional inference control problem. In particular, the sensitive information in danger of disclosure in the proposed problem definition is the selection attributes of an aggregate query instead of its measure attributes which is the focus on traditional inference control. (2) This novel problem also leads to a set of novel solutions based on information theory. In particular, the propose research studies a model of membership inference attacks as modulation techniques in time and frequency domains for various types of communication channels, e.g., single-input single-output (SISO), multiple-input and single-output (MISO), single-input and multiple-output (SIMO), and multiple-input and multiple-output (MIMO) channels. This proposed channel model enables a uniform evaluation of the effectiveness of both membership inference and privacy-preserving techniques.

Broader Impact: The outcome of this research has broader impacts on the nation?s higher education system and high-tech industries. The prospect of sensitive membership information disclosure techniques and privacy-preserving techniques can help the providers of aggregated data publishing, including national health organizations, Internet security service providers, etc., to secure their published data. The broader impact of this project also extends to academia. Parts of this project is carried out by students of George Washington University (GWU), Towson University (TU), and University of Massachusetts, Lowell (UML) as part of advanced class projects or individual research projects.

NSF Award # 0953620
CAREER: Coverage, Capacity, and Connectivity of Wireless Sensor Networks
PI: Benyuan Liu

Wireless sensor networks play an important role in a wide variety of applications such as environment monitoring and battlefield surveillance. The basic function of a wireless sensor network is to monitor its deployed region and transport sensor data to certain designated nodes. Therefore, coverage, capacity, and connectivity are three most fundamental properties for the operation and performance of a wireless sensor network. A deep understanding of these properties and their interrelationship is of great importance for the network planning, algorithm design, and performance of wireless sensor networks.

This project aims to establish a strong theoretical foundation and design practical protocols to provide high performance coverage, capacity, and connectivity in wireless sensor networks. Wireless sensor networks have many unique characteristics differing from other wireless networks, including heterogeneous sensing, communication, and mobility capabilities of sensor nodes, limited infrastructure and power supply, and traffic pattern where data mainly flow from sensors to data sinks rather than between peer nodes. This research integrates the concepts and techniques in wireless communications, stochastic modeling, geometry, and combinatorial optimizations to construct analytical models and develop practical solutions.

The expected outcomes include: (i) fundamental limits of the coverage, capacity, and connectivity under various network scenarios; (ii) efficient algorithms for robust coverage, connectivity, and data transportation; (iii) a test-bed to validate the analytical results and evaluate the performance of algorithms via real experiments. This project also includes a strong educational component that promotes teaching, training, and learning through the active involvement of research students.

NSF Award # 1252643
TC: Small: Security Provisioning for Cognitive Radio Networks
PI: Chunxiao Chigan

The emerging wireless paradigm of dynamic spectrum access via cognitive radio technology has been increasingly recognized for its great potential in drastically enhancing spectrum utilization efficiency. The basic requirements of cognitive radio networks (CRNs) are to protect licensed primary users and provide reliable dynamic spectrum access to secondary cognitive users, which give rise to a new fundamental issue in spectrum access related security. This project develops a comprehensive security system that lays down a secure backbone for CRNs that coexist with primary networks under various network architectures and spectrum coexistence paradigms. The developed security measures are coherently embedded into the entire CRN, from the very beginning of the spectrum sensing stage to the dynamic spectrum access process until the data communication stage.

Targeting three main sources of CRN security vulnerability, our research objectives and thrusts include: 1) systematically identify the unique primary user related attacks in CRNs and develop a suite of attack detection and defense mechanisms; 2) develop secure and robust strategies of dynamic spectrum access for benign cognitive users; 3) design confidential and anonymous mechanisms to solve the distinct challenges in privacy protection, taking full advantage of the unprecedented flexibility that CRNs offer in dynamic spectrum utilization. This project lays out the foundation for the development of enabling security technologies for the new paradigm of dynamic spectrum sharing, which in turn can substantially improve the spectrum utilization efficiency of wireless networks, offering a multitude of new cognitive radio devices and wireless services with secure and reliable spectrum access.

NSF Award #1264047
I-Corps: Commercialization Feasibility Research and Demonstration Preparation for Third-Party Localization Toolkits
PI: Xinwen Fu

The ability to localize mobile targets without the help of existing positioning infrastructures is needed by a wide variety of search and rescue tasks performed by corporations, governments, and security agencies. Those tasks can be law enforcement searching for missing victims or criminals committing crimes via wireless networks, and various rescue teams including park rangers searching for lost travelers and hikers. Network managers can use these toolkits to pinpoint rogue access points, and malfunctioned mobile devices. Impacts of this project may also extend to academia and education. The market studies conducted in the project may enhance scientific and technological understanding of the localization problems with portable devices.

NSF Award #0958477
II-New: A Network Forensics Lab for Integrated Research and Education at University of Massachusetts Lowell
PI: Xinwen Fu
Co-PI: Benyuan Liu, Jie Wang

This proposal aims to establish a network forensics lab at University of Massachusetts Lowell. This proposed research and education infrastructure consists of network devices, such as network analyzers, Cisco routers, spectrum analyzer, and software for collecting and analyzing wired and wireless data.

The requested infrastructure will support three projects focusing on network forensics:
(1) Tracing Anonymous Criminals on the Internet
(2) Localizing and Locking Anonymous Malicious Wireless Mobiles
(3) Fingerprinting Wireless Mobiles for Forensics Purpose

These projects will address issues that are critical to the nation's security and will train students who will be sought out by industrial companies and research laboratories. The proposed research will also position UMass Lowell among the leaders in network forensics research and education.

The three projects in this proposal have the following broader impact:
(i) The proposed infrastructure will enhance the research and education of network forensics, and will create an opportunity for developing new courses on network forensics and data recovery and analysis in UMass Lowell.
(ii) The proposed infrastructure will also enhance the collaborations that already exist between UMass Lowell, regional security industry, and the other UMass campuses.

NSF Award #0942113
Creating Learning Materials and Strategies for Network Forensics Education
PI: Xinwen Fu
Co-PI: Benyuan Liu

The objectives of this project include (1) developing a sophisticated and realistic educational infrastructure which provides interesting and realistic cyber-crime scenes for undergraduate and graduate network forensics curricula, and (2) developing systematic laboratory projects with innovative educational toolkits such as wireless positioning robots for collecting evidence in a 3-dimensional space. Comprehensive formative and summative evaluations are used to ensure the success of this project.

The project uses realistic network platforms and provides a wide coverage of cyber-crime scenes such as distributed anonymous communication systems and wireless networks. It utilizes PlanetLab, a global research network that provides overlay services and supports the development of new network services. The proposer designed a set of toolkits for teaching network forensics in this environment, including DeAnonymizer toolkit which traces suspects by watermarking the suspect network traffic through professional anonymous communication networks such as Anonymizer and Tor. Another toolkit, 3DLoc, searches the suspect mobile device in a 3-dimensional space.

The developed network forensics projects and supporting materials create a repository at the National Science Digital Library (NSDL). The PI provides detailed documents and free consulting for schools of different sizes and disseminates the outcomes of this project via various venues such as computer education and research journals, international and national conferences, and a web portal. The industry and law enforcement partners standardize the hardware and aid in the technical transfer process.

Center for Cyber Forensics, Office of the Vice Provost for Research, University of Massachusetts Lowell

The mission of the center is to research and develop cyber forensics theory, techniques and toolkits that will play a critical role in public safety and security response by enterprise campuses, federal and state law enforcement, and national cyber-defense forces including military.