Nguyen, Hung

Email Address
ORCID
Disciplines
Research Projects
Organizational Units
Position
Introduction
Research Interests

Search Results

Now showing 1 - 5 of 5
  • Publication
    OpenICE-lite: Towards a Connectivity Platform for the Internet of Medical Things
    (2018-05-01) Ivanov, Radoslav; Nguyen, Hung; Weimer, James; Sokolsky, Oleg; Lee, Insup
    The Internet of Medical Things (IoMT) is poised to revolutionize medicine. However, medical device communication, coordination, and interoperability present challenges for IoMT applications due to safety, security, and privacy concerns. These challenges can be addressed by developing an open platform for IoMT that can provide guarantees on safety, security and privacy. As a first step, we introduce OpenICE-lite, a middleware for medical device interoperability that also provides security guarantees and allows other IoMT applications to view/analyze the data in real time. We describe two applications that currently utilize OpenICE-lite, namely (i) a critical pulmonary shunt predictor for infants during surgery; (ii) a remote pulmonary monitoring systems (RePulmo). Implementations of both systems are utilized by the Children’s Hospital of Philadelphia (CHOP) as quality improvements to patient care.
  • Publication
    LogSafe: Secure and Scalable Data Logger for IoT Devices
    (2018-04-01) Nguyen, Hung; Ivanov, Radoslav; Phan, Linh T.X.; Sokolsky, Oleg; Weimer, James; Lee, Insup
    As devices in the Internet of Things (IoT) increase in number and integrate with everyday lives, large amounts of personal information will be generated. With multiple discovered vulnerabilities in current IoT networks, a malicious attacker might be able to get access to and misuse this personal data. Thus, a logger that stores this information securely would make it possible to perform forensic analysis in case of such attacks that target valuable data. In this paper, we propose LogSafe, a scalable, fault-tolerant logger that leverages the use of Intel Software Guard Extensions (SGX) to store logs from IoT devices efficiently and securely. Using the security guarantees of SGX, LogSafe is designed to run on an untrusted cloud infrastructure and satisfies Confidentiality, Integrity, and Availability (CIA) security properties. Finally, we provide an exhaustive evaluation of LogSafe in order to demonstrate that it is capable of handling logs from a large number of IoT devices and at a very high data transmission rate.
  • Publication
    Reducing Pulse Oximetry False Alarms Without Missing Life-Threatening Events
    (2018-09-01) Nguyen, Hung; Jang, Sooyong; Ivanov, Radoslav; Bonafide, Christopher P.; Weimer, James; Lee, Insup
    Alarm fatigue has been increasingly recognized as one of the most significant problems in the hospital environment. One of the major causes is the excessive number of false physiologic monitor alarms. An underlying problem is the inefficient traditional threshold alarm system for physiologic parameters such as low blood oxygen saturation (SpO2). In this paper, we propose a robust classification procedure based on the AdaBoost algorithm with reject option that can identify and silence false SpO2 alarms, while ensuring zero misclassified clinically significant alarms. Alarms and vital signs related to SpO2 such as heart rate and pulse rate, within monitoring interval are extracted into different numerical features for the classifier. We propose a variant of AdaBoost with reject option by allowing a third decision (i.e., reject) expressing doubt. Weighted outputs of each weak classifier are input to a softmax function optimizing to satisfy a desired false negative rate upper bound while minimizing false positive rate and indecision rate. We evaluate the proposed classifier using a dataset collected from 100 hospitalized children at Children's Hospital of Philadelphia and show that the classifier can silence 23.12% of false SpO2 alarms without missing any clinically significant alarms.
  • Publication
    RePulmo: A Remote Pulmonary Monitoring System
    (2018-04-01) Nguyen, Hung; Ivanov, Radoslav; DeMauro, Sara B.; Weimer, James
    Remote physiological monitoring is increasing in popularity with the evolution of technologies in the healthcare industry. However, the current solutions for remote monitoring of blood-oxygen saturation, one of the most common continuously monitored vital signs, either have inconsistent accuracy or are not secure for transmitting over the network. In this paper, we propose RePulmo, an open-source platform for secure and accurate remote pulmonary data monitoring. RePulmo satisfies both robustness and security requirements by utilizing hospital-grade pulse oximeter devices with multiple layers of security enforcement. We describe two applications of RePulmo, namely (1) a remote pulmonary monitoring system for infants to support the Children’s Hospital of Philadelphia (CHOP) clinical trial; (2) a proof-of-concept of a low SpO2 smart alarm system.
  • Publication
    Cloud-Based Secure Logger for Medical Devices
    (2016-06-01) Nguyen, Hung; Ivanov, Radoslav; Haeberlen, Andreas; Phan, Linh T.X.; Sokolsky, Oleg; Weimer, James; Hanson III, C. William; Acharya, Bipeen; Lee, Insup; Walker, Jesse
    A logger in the cloud capable of keeping a secure, time-synchronized and tamper-evident log of medical device and patient information allows efficient forensic analysis in cases of adverse events or attacks on interoperable medical devices. A secure logger as such must meet requirements of confidentiality and integrity of message logs and provide tamper-detection and tamper-evidence. In this paper, we propose a design for such a cloud-based secure logger using the Intel Software Guard Extensions (SGX) and the Trusted Platform Module (TPM). The proposed logger receives medical device information from a dongle attached to a medical device. The logger relies on SGX, TPM and standard encryption to maintain a secure communication channel even on an untrusted network and operating system. We also show that the logger is resilient against different kinds of attacks such as Replay attacks, Injection attacks and Eavesdropping attacks.