Abstract
Rapid advances in personal healthcare systems based on implantable and wearable medical devices promise to greatly improve the quality of diagnosis and treatment for a range of medical conditions. However, the increasing programmability and wireless connectivity of medical devices also open up opportunities for malicious attackers. Unfortunately, implantable/wearable medical devices come with extreme size and power constraints, and unique usage models, making it infeasible to simply borrow conventional security solutions such as cryptography. We propose a general framework for securing medical devices based on wireless channel monitoring and anomaly detection. Our proposal is based on a medical security monitor (MedMon) that snoops on all the radio-frequency wireless communications to/from medical devices and uses multi-layered anomaly detection to identify potentially malicious transactions. Upon detection of a malicious transaction, MedMon takes appropriate response actions, which could range from passive (notifying the user) to active (jamming the packets so that they do not reach the medical device). A key benefit of MedMon is that it is applicable to existing medical devices that are in use by patients, with no hardware or software modifications to them. Consequently, it also leads to zero power overheads on these devices. We demonstrate the feasibility of our proposal by developing a prototype implementation for an insulin delivery system using off-the-shelf components (USRP software-defined radio). We evaluate its effectiveness under several attack scenarios. Our results show that MedMon can detect virtually all naive attacks and a large fraction of more sophisticated attacks, suggesting that it is an effective approach to enhancing the security of medical devices.
| Original language | English (US) |
|---|---|
| Article number | 6507636 |
| Journal | IEEE Transactions on Biomedical Circuits and Systems |
| Volume | 7 |
| Issue number | 6 |
| DOIs | |
| State | Published - Dec 1 2013 |
Fingerprint
All Science Journal Classification (ASJC) codes
- Electrical and Electronic Engineering
- Biomedical Engineering
Keywords
- Anomaly detection
- medical devices
- monitor
- personal healthcare systems
- security
- wireless
Cite this
}
MedMon : Securing medical devices through wireless monitoring and anomaly detection. / Zhang, Meng; Raghunathan, Anand; Jha, Niraj Kumar.
In: IEEE Transactions on Biomedical Circuits and Systems, Vol. 7, No. 6, 6507636, 01.12.2013.Research output: Contribution to journal › Article
TY - JOUR
T1 - MedMon
T2 - Securing medical devices through wireless monitoring and anomaly detection
AU - Zhang, Meng
AU - Raghunathan, Anand
AU - Jha, Niraj Kumar
PY - 2013/12/1
Y1 - 2013/12/1
N2 - Rapid advances in personal healthcare systems based on implantable and wearable medical devices promise to greatly improve the quality of diagnosis and treatment for a range of medical conditions. However, the increasing programmability and wireless connectivity of medical devices also open up opportunities for malicious attackers. Unfortunately, implantable/wearable medical devices come with extreme size and power constraints, and unique usage models, making it infeasible to simply borrow conventional security solutions such as cryptography. We propose a general framework for securing medical devices based on wireless channel monitoring and anomaly detection. Our proposal is based on a medical security monitor (MedMon) that snoops on all the radio-frequency wireless communications to/from medical devices and uses multi-layered anomaly detection to identify potentially malicious transactions. Upon detection of a malicious transaction, MedMon takes appropriate response actions, which could range from passive (notifying the user) to active (jamming the packets so that they do not reach the medical device). A key benefit of MedMon is that it is applicable to existing medical devices that are in use by patients, with no hardware or software modifications to them. Consequently, it also leads to zero power overheads on these devices. We demonstrate the feasibility of our proposal by developing a prototype implementation for an insulin delivery system using off-the-shelf components (USRP software-defined radio). We evaluate its effectiveness under several attack scenarios. Our results show that MedMon can detect virtually all naive attacks and a large fraction of more sophisticated attacks, suggesting that it is an effective approach to enhancing the security of medical devices.
AB - Rapid advances in personal healthcare systems based on implantable and wearable medical devices promise to greatly improve the quality of diagnosis and treatment for a range of medical conditions. However, the increasing programmability and wireless connectivity of medical devices also open up opportunities for malicious attackers. Unfortunately, implantable/wearable medical devices come with extreme size and power constraints, and unique usage models, making it infeasible to simply borrow conventional security solutions such as cryptography. We propose a general framework for securing medical devices based on wireless channel monitoring and anomaly detection. Our proposal is based on a medical security monitor (MedMon) that snoops on all the radio-frequency wireless communications to/from medical devices and uses multi-layered anomaly detection to identify potentially malicious transactions. Upon detection of a malicious transaction, MedMon takes appropriate response actions, which could range from passive (notifying the user) to active (jamming the packets so that they do not reach the medical device). A key benefit of MedMon is that it is applicable to existing medical devices that are in use by patients, with no hardware or software modifications to them. Consequently, it also leads to zero power overheads on these devices. We demonstrate the feasibility of our proposal by developing a prototype implementation for an insulin delivery system using off-the-shelf components (USRP software-defined radio). We evaluate its effectiveness under several attack scenarios. Our results show that MedMon can detect virtually all naive attacks and a large fraction of more sophisticated attacks, suggesting that it is an effective approach to enhancing the security of medical devices.
KW - Anomaly detection
KW - medical devices
KW - monitor
KW - personal healthcare systems
KW - security
KW - wireless
UR - http://www.scopus.com/inward/record.url?scp=84893849701&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84893849701&partnerID=8YFLogxK
U2 - https://doi.org/10.1109/TBCAS.2013.2245664
DO - https://doi.org/10.1109/TBCAS.2013.2245664
M3 - Article
C2 - 24473551
VL - 7
JO - IEEE Transactions on Biomedical Circuits and Systems
JF - IEEE Transactions on Biomedical Circuits and Systems
SN - 1932-4545
IS - 6
M1 - 6507636
ER -