Abstract
Implantable Medical Devices (IMDs) are used to monitor and treat physiological conditions within the body. They communicate telemetry data to external reader/programmer device and receive control commands using wireless medium. Wireless communication for IMDs increases cost effectiveness, flexibility, ease of use and also enables remote configuration and monitoring. However, it makes the IMDs vulnerable to passive and active attacks. While passive attacks on IMDs can be addressed using encryption techniques, active attacks like replay, massage injection and MITM need more advanced techniques to be detected and prevented. In case of other wireless devices one can deal with these security issues by installing one or more security mechanisms, but the same cannot be applied to IMDs. This is due to their positioning inside human body which makes replacement and power charging extremely difficult, their miniaturization which makes them storage, processing and power scarce, their unusual access requirements during device or patient emergency and their incapability of renewing shared secrets. It is advisable to use the resources of IMDs for life critical medical care and minimalist communication. This leads to the implied option of using an external proxy device which can offload security related processing from IMDs. Therefore, to address the problem of active attacks, we propose use of RF-signal based localization technique which leverages multi-antenna Proxy Device to profile the directions at which reader/programmer signal arrives and use of triangulation techniques to construct a signature that uniquely distinguishes an authorized reader/programmer from unauthorized one.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Maisel, W.H.: Safety issues involving medical devices. Journal of the American Medical Association (August 2005)
Garcia-Morchon, O., Keoh, S., Kumar, S., Hummen, R., Struik, R.: Security Considerations in the IP-based Internet of Things, draft-garcia-core-security-02 (work in progress) (July 2011)
Li, C., Raghunathan, A., Jha, N.K.: Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system. In: Proceedings of the 13th IEEE International Conference on e-Health Networking, Applications, and Services, Healthcom 2011 (June 2011)
Xiong, J., Jamieson, K.: SecureAngle: improving wireless security using angle-of-arrival information. In: Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks (Hotnets-IX). ACM, New York (2010)
Liu, H., Darabi, H., Banerjee, P., Liu, J.: Survey of Wireless Indoor Positioning Techniques and Systems. IEEE Transactions on Systems, Man and Cybernetics, Part C (Applications and Reviews) (2007)
Lieckfeldt, D.: Efficient Localization of Users and Devices in Smart Environments. Dissertation, University of Rostock (2010)
Schechter, S.: Security that is Meant to be Skin Deep: Using Ultraviolet Micropigmentation to Store Emergency-Access Keys for Implantable Medical Devices. In: USENIX Workshop on Health Security and Privacy (2010)
Bergamasco, S., Bon, M., Inchingolo, P.: Medical data protection with a new generation of hardware authentication tokens. In: Mediterranean Conference on Medical and Biological Engineering and Computing (MEDICON), Pula, Croatia, pp. 82–85 (2001)
Rasmussen, K.B., Castelluccia, C., Heydt-Benjamin, T.S., Capkun, S.: Proximity-based access control for implantable medical devices. In: CCS 2009: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 410–419. ACM, New York (2009)
Halperin, D., Heydt-Benjamin, T.S., Ransford, B., Clark, S.S., Defend, B., Morgan, W., Fu, K., Kohno, T., Maisel, W.H.: Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses. In: IEEE Symposium on Security and Privacy (2008)
Denning, T., Fu, K., Kohno, T.: Absence Makes the Heart Grow Fonder: New Directions for Implantable Medical Device Security. In: HotSec (2008)
Gollakota, S., Hassanieh, H., Ransford, B., Katabi, D., Fu, K.: They Can Hear Your Heartbeats: Non-Invasive Security for Implanted Medical Devices. In: ACM SIGCOMM (2011)
Xu, F., Qin, Z., Tan, C.C., Wang, B., Li, Q.: IMDGuard: Securing implantable medical devices with the external wearable guardian. In: Proceedings of the 30th IEEE International Conference on Computer Communications, INFOCOM 2011, pp. 1862–1870 (April 2011)
Sorber, J., Shin, M., Peterson, R., Cornelius, C., Mare, S., Prasad, A., Marois, Z., Smithayer, E., Kotz, D.: An amulet for trustworthy wearable mHealth. In: Proceedings of the Twelfth Workshop on Mobile Computing Systems & Applications (HotMobile 2012). ACM, New York (2012)
Hei, X., Du, X., Wu, J., Hu, F.: Defending resource depletion attacks on implantable medical devices. In: Proc. of the IEEE Globecom 2010, pp. 1–5 (2010)
Rostami, M., Burleson, W., Koushanfar, F., Juels, A.: Balancing security and utility in medical devices? In: Proc. of Automation Coference, pp. 1–6 (2013)
Bahl, P., Chandra, R., Greenberg, A., Kandula, S., Maltz, D., Zhang, M.: Towards highly reliable enterprise network services via inference of multi-level dependencies. In: Proc. of ACM SIGCOMM (2007)
Kandula, S., Mahajan, R., Verkaik, P., Agarwal, S., Padhye, J., Bahl, P.: Detailed diagnosis in enterprise networks. In: Proc. of ACM SIGCOMM (2009)
Li, C., Raghunathan, A., Jha, N.K.: Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system. In: Proc. IEEE Int. Conf. e-Health Networking, Applications and Services (June 2011)
Hosseini-Khayat, S.: A lightweight security protocol for ultra-low power ASIC implementation for wireless implantable medical devices. In: Proceedings of the 5th International Symposium on Medical Information Communication Technology, ISMICT 2011, pp. 6–9 (March 2011)
Beck, C., Masny, D., Geiselmann, W., Bretthauer, G.: Block cipher based security for severely resource-constrained implantable medical devices. In: Proceedings of 4th International Symposium on Applied Sciences in Biomedical and Communication Technologies, ISABEL 2011, pp. 62:1–62:5. ACM (October 2011)
Zhang, M., Raghunathan, A., Jha, N.K.: MedMon: Securing medical devices through wireless monitoring and anomaly detection. IEEE Trans. Biomedical Circuits and Systems (2013)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Darji, M., Trivedi, B.H. (2014). Detection of Active Attacks on Wireless IMDs Using Proxy Device and Localization Information. In: Mauri, J.L., Thampi, S.M., Rawat, D.B., Jin, D. (eds) Security in Computing and Communications. SSCC 2014. Communications in Computer and Information Science, vol 467. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-44966-0_34
Download citation
DOI: https://doi.org/10.1007/978-3-662-44966-0_34
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-44965-3
Online ISBN: 978-3-662-44966-0
eBook Packages: Computer ScienceComputer Science (R0)