An ACM CCS Workshop …

“CYBERSECURITY IN HEALTHCARE”
(HealthSec) 2024

Monday, October 14th, 2024 in Salt Lake City, Utah USA (location to be announced)
An interdisciplinary workshop to be held in conjunction with the 31st ACM Conference on Computer and Communications Security (CCS 2024)

Call for Papers

In its most basic form, healthcare is gathering data, interpreting data into information, and transforming information into current human knowledge that can be acted upon, with each of these stages open to unintended errors and/or malicious subversion. These stages do not occur within a vacuum but rather within our existing infrastructures and social system with all their current limitations, systemic bias, and exploitable vulnerabilities. While a similar characterization can be made about security in other applied domains, healthcare is undergoing a dramatic transformation, arguably the next technological revolution, presenting immediate opportunities for improvement along with corresponding challenges in security.

Our desire is to bring together diverse researchers from academia, government, and the healthcare industry to report on latest research efforts. As this is the inaugural workshop focusing on cybersecurity in healthcare, we aim to encourage, jumpstart, and grow excellent interdisciplinary contributions at the forefront of research. Papers with demonstrated results will be given priority. We seek submissions from researchers and practitioners on a list of potential topics which includes, but is not limited to:

  • Cybersecurity issues (including risks, challenges, incidences, solutions, approaches)
    • Healthcare as critical national infrastructure
    • AI in healthcare (e.g. clinical decision support software, ambient clinical documentation)
    • Big data/high performance computing (HPC) in healthcare
    • Encryption, authentication, provenance of storage in healthcare environments
    • Healthcare supply chains
    • Online health communities
    • Health information exchanges (HIEs)
    • Electronic health records (EHRs)
    • Telehealth and/or patient portals
    • Internet of (medical) Things (MIoT)
    • Medical devices, medical implants, and/or medical wearables
    • Wireless/mobile healthcare and/or remote patient monitoring
    • Digital healthcare tools to improve patient safety
    • Safety engineering in clinical facility settings
    • Healthcare insider threats
    • Software-controlled robotic medical systems
    • Updating/patching software and re-certification of medical devices
  • Ransomware attacks on healthcare especially hospitals *
  • Events resulting in (HIPAA/GDPR) healthcare privacy breaches **
  • Comparisons of IT infrastructure in different types of healthcare facilities/services
  • Empirical study of cybersecurity in a specific healthcare IT environment
  • Research specifically addressing the Conficker worm/botnet medical device air gap
  • Policy/Economics/Legal/Ethical position papers – addressing cybersecurity issues in healthcare
  • Technical efforts by governmental entities to improve cybersecurity in healthcare

Papers with the following as their only foci are discouraged:

  • Cybersecurity best practice recommendations for healthcare organizations
  • * Longitudinal studies showing increasing cyberattacks on healthcare
  • ** Papers mixing analysis of privacy breaches with ransomware outages

Workshop Chairs / Organizing Committee:

  • CHAIR – William (Bill) Yurcik, Centers for Medicare & Medicaid Services (CMS HQ) (healthsec DOT 2024 DOT chair AT gmail DOT com)
  • VICE-CHAIR – Gregory Pluta, U of Illinois at Urbana-Champaign (gpluta AT illinois DOT edu)
  • VICE-CHAIR – Toan Luong, MITRE (tluong AT mitre DOT org)
  • VICE-CHAIR & LOCAL SITE COORDINATOR – Luis Garcia, U of Utah (lgarcia AT cs DOT utah DOT edu)
  • KEYNOTE SPEAKER – Erik Decker/CISO Intermountain Health, Salt Lake City, UT

Important Dates

  • Paper Submission Deadline: Thursday June 20th 2024 (before 23:59 6/20/24 ANYWHERE ON EARTH!)
  • Paper Review Deadline for PC Members: Thursday July 18th 2024
  • Paper Acceptance Notification: Thursday August 8th 2024
  • Camera-Ready Accepted Paper Deadline: Thursday September 5th 2024 (Firm Deadline)
  • HealthSec 2024 Workshop Date: Monday, October 14th , 2024 (Columbus Day, Federal Holiday in USA)

Submission Guidelines:

  • Regular paper submissions should be between 4-8 pages in double-column ACM format including references and appendices (the latest sigconf template is here https://www.acm.org/publications/proceedings-template authors should not change the font or the margins of the ACM format. Papers should be in English and describe original work that is not previously published or concurrently submitted elsewhere. Submissions should NOT be anonymized.
  • Submissions are to be made to the CCS-2024 Workshop submission HotCRP website here ->> https://healthsec-2024.hotcrp.com/. You will be requested to upload the file of your paper (in PDF format only). Submissions not meeting these guidelines risk rejection without consideration of their merits. Proceedings of the workshop will be published by ACM on a CD, available to the workshop attendees. Papers will be included in the ACM Digital Library, with a specific ISBN.
  • At least one author of each accepted regular paper is required to register to attend the ACM CCS HealthSec Workshop by the early-bird registration deadline. It is expected that each regular paper will be presented in-person at the HealthSec workshop.
  • Position Papers. Please email your position paper topic idea directly to the workshop chair for feedback and instructions before you submit a draft. Position papers can be up to 12 pages in length with the title starting with “Position Paper: ”.
  • Proposals for panels are also solicited. Panel proposals are to be concise, up to 2 pages in length, name potential panelists, and describe the topics to be discussed. Disruptive and controversial panels are particularly encouraged. Please email your panel proposal as a PDF attachment directly to the workshop chair.
  • Optional pre-submission assistive review for authors:
    • To support authors preparing to submit their work to HealthSec-2024, select members of our program committee are generously offering assistive feedback to help improve papers before the submission deadline!   To request feedback, email healthsec24@assistivereview.org and either attach a copy of your draft or (better) a link to a URL that will be updated to your latest draft. Please also specify the content upon which you would like reviewers to focus their feedback.
    • One reason we are experimenting with pre-submission author-assistive feedback this year is to help level the playing field for authors who do not have experience submitting to ACM CCS workshops themselves or access to peers with this experience. For example, such feedback may be helpful to medical professionals new to cybersecurity or to cybersecurity researchers new to healthcare. Regardless, all authors may take advantage of this optional service, though we cannot guarantee that we will be able to provide feedback to every request. 

Cybersecurity in Healthcare (HealthSec) 2024 Program Committee:

  • Jenny Amos, University of Illinois-UC
  • Spiros Antonatos, Aegis Technologies
  • Zahid Anwar, North Dakota State University
  • Stefan Axelsson, Stockholm University
  • James Barlow, Yahoo!
  • Roelof Boonstra, Physician Software Systems
  • Debra Bruemmer, MedSec
  • Christopher Bunnell, UniteGPS
  • Roy Campbell, University of Illinois-UC (Emeritus)
  • George Cantwell, University of Cambridge
  • Guenevere Chen, University of Texas San Antonio
  • Sung Choi, University of Central Florida
  • Michael Collins, USC ISI
  • Christian Dameff MD, UCSD Health ***
  • Marek Druzdzel, Bialystok University of Technology
  • Robert F. Erbacher, Army Research Lab
  • Wade Fagen-Ulmschneider, University of Illinois-UC
  • Francisco Fonseca, BitSight
  • Allan Friedman, CISA
  • Deborah Frincke, Sandia National Lab
  • Kevin Fu, Northeastern University (fmr FDA Med Devices)
  • Simson Garfinkel, BasisTech
  • Michael T. Gastner, Singapore Inst of Technology
  • Carrie Gates, Bank of America
  • Dan Geer, In-Q-Tel
  • Carl Gunter, University of Illinois-UC
  • Jaiwei Han, University of Illinois-UC
  • Dan Harkness, Argonne National Lab
  • Ragib Hasan, University of Alabama at Birmingham
  • Colton Hood MD, George Washington U Hospital ***
  • Tadd Hopkins, BitSight
  • Allen Householder, CMU SEI CERT
  • Haochen Huang, Whova
  • Cynthia Irvine, Naval Postgraduate School
  • Anupam B. Jena MD, Harvard Medical School ***
  • Eric Johnson, Vanderbilt University
  • James Joshi, University of Pittsburgh
  • Nikolai Joukov, modelizeIT
  • Nadir Kiyanclar, Oracle
  • Gregory Koenig, Arkstro
  • Scott Kruse, Texas State University
  • Kiran Lakkaraju, Sandia National Lab
  • Tom Linehan, BitSight
  • Kwan-Liu Ma, UC-Davis
  • John McHugh, AssuranceLabs, Inc.
  • Forrest Xin Meng, DragonPass
  • Ethan Miller, UC-Santa Cruz
  • Jacki Monson, Sutter Health
  • Suvda Myagmar, Salesforce
  • Peter G. Neumann, SRI
  • Stephen North, Infovisible
  • Godwin Odia, Captain USPHS (Ret), Applied Health Informatics ***
  • Rhonda O’Kane, BitSight
  • Sean Peisert, Lawrence Berkeley National Lab
  • Eric Perakslis, Pluto Health
  • Jim Prewett, University of New Mexico
  • Ronald Pulivarti, NIST
  • Raj Rajagopalan, Resideo
  • Ram Ramadoss
  • Esa M. Rantanen, Rochester Inst of Technology
  • Daniel Reed, University of Utah
  • Will Ricciardi, BitSight
  • Nichols Romero, AMD
  • Jeremy Rossi, Binary Data Engineering
  • Avi Rubin, Harbor Labs
  • Marcus Sachs, Center for Internet Security
  • Rami Saydjari MD, Ronin Institute ***
  • Sami Saydjari, Dartmouth University
  • Stuart Schechter, Harvard University
  • Andreas Schick, FDA
  • Naomi Schwartz, Medcrypt
  • Cigdem Sengul, Brunel University
  • Aashish Sharma, Lawrence Berkeley National Lab
  • Bryan Smith, Boldend
  • Natalie Sullivan MD, George Washington U Hospital ***
  • Jeff Tully MD, UCSD Health ***
  • Eugene Vasserman, Kansas State University
  • Jun Wang, Rackspace Hosting
  • David Wiegandt, Sandia National Lab
  • Christopher Worsham MD, Mass General & Harvard Medical School ***
  • Felix Wu, UC-Davis
  • Xiaoxin Yin, Airbnb
  • Erez Zadok, Stony Brook University

*** medical professional