Abstract
The capabilities of the IoT to track entities, measure and analyze vital information captured by sensors, and to transmit data over a fleet of devices, has convincingly placed it best suited toward the realization of the future-ready smart hospitals and healthcare applications. Real time sensing and monitoring of vital signs of patients, efficient scheduling of medical procedures, effective tracking of scarce resources, and optimized supply chain management of drugs and medical devices help not only to significantly improve the quality of health services but also to lower healthcare costs. However, bringing the healthcare systems under the IoT network poses huge security challenges. Once the devices controlling the life supporting equipments are under attack, the damages are beyond imagination. The vulnerabilities in the IoT-based devices can pose serious threats to the IoT healthcare systems. In this work, we propose a graphical modeling of possible attacks through exploitation of such vulnerabilities. The proposed model helps to foresee the possible attack paths exist in a network and to design suitable defense mechanisms. We also propose strategies for improving the security of the IoT-assisted networks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Cisco white paper, IoT threat environment, published on 2015. https://www.cisco.com/c/en_in/solutions/security/iot-threat-defense/index.html
Huawei technologies, IoT security white paper-evolving security architecture, published on 2018. https://www.huawei.com/minisite/iot/img/iot_security_white_paper_2018_v2_en.pdf
FDA, US food and drugs administration, medical device recalls, published on 2018. https://www.fda.gov/MedicalDevices/Safety/ListofRecalls.html
Hipaa journal, pacific alliance medical center announces ransomware attack, published on 2017. https://www.hipaajournal.com/pacific-alliance-medical-center-announces-ransomware-attack
George, G., Thampi, S.M.: A graph-based security framework for securing industrial IoT networks from vulnerability exploitations. IEEE Access 6, 43586–43601 (2018)
Yu, T., Sekar, V., Seshan, S., Agarwal, Y., Xu, C.: Handling a trillion (unfixable) flaws on a billion devices: rethinking network security for the Internet-of-Things. In: Proceedings of the 14th ACM Workshop on Hot Topics in Networks, p. 5. ACM (2015)
Islam, S.R., Kwak, D., Kabir, M.H., Hossain, M., Kwak, K.-S.: The internet of things for health care: a comprehensive survey. IEEE Access 3, 678–708 (2015)
Chiuchisan, I., Costin, H.-N., Geman, O.: Adopting the internet of things technologies in health care systems. In: 2014 International Conference and Exposition on Electrical and Power Engineering (EPE), pp. 532–535. IEEE (2014)
Yang, G., et al.: A health-IoT platform based on the integration of intelligent packaging, unobtrusive bio-sensor, and intelligent medicine box. IEEE Trans. Ind. Inform. 10(4), 2180–2191 (2014)
Doukas, C., Maglogiannis, I.: Bringing IoT and cloud computing towards pervasive healthcare. In: 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp. 922–926. IEEE (2012)
Rohokale, V.M., Prasad, N.R., Prasad, R.: A cooperative internet of things (IoT) for rural healthcare monitoring and control. In: 2011 2nd International Conference on Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology (Wireless VITAE), pp. 1–6. IEEE (2011)
Catarinucci, L., et al.: An iot-aware architecture for smart healthcare systems. IEEE Internet Things J. 2(6), 515–526 (2015)
Zhang, Y., Sun, L., Song, H., Cao, X.: Ubiquitous wsn for healthcare: recent advances and future prospects. IEEE Internet Things J. 1(4), 311–318 (2014)
Xu, B., Da Xu, L., Cai, H., Xie, C., Hu, J., Bu, F., et al.: Ubiquitous data accessing method in IoT-based information system for emergency medical services. IEEE Trans. Ind. Inform. 10(2), 1578–1586 (2014)
Laplante, P.A., Laplante, N.: The internet of things in healthcare: potential applications and challenges. IT Prof. 3, 2–4 (2016)
Tarouco, L.M.R., et al.: Internet of things in healthcare: Interoperatibility and security issues. In: 2012 IEEE International Conference on Communications (ICC), pp. 6121–6125. IEEE (2012)
Gope, P., Hwang, T.: BSN-care: a secure IoT-based modern healthcare system using body sensor network. IEEE Sens. J. 16(5), 1368–1376 (2016)
Anil Chacko, T.H.: Security and privacy issues with IoT in healthcare. EAI Endorsed Trans. Pervasive Health Technol. 4, e2 (2018)
Simpson, A.K., Roesner, F., Kohno, T.: Securing vulnerable home IoT devices with an in-hub security manager. In: 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), pp. 551–556. IEEE (2017)
Ge, M., Hong, J.B., Guttmann, W., Kim, D.S.: A framework for automating security analysis of the Internet of Things. J. Netw. Comput. Appl. 83, 12–27 (2017)
George, G., Thampi, S.M.: A graph-based decision support model for vulnerability analysis in IoT networks. In: Thampi, S.M., Madria, S., Wang, G., Rawat, D.B., Alcaraz Calero, J.M. (eds.) SSCC 2018. CCIS, vol. 969, pp. 1–23. Springer, Singapore (2019). https://doi.org/10.1007/978-981-13-5826-5_1
Romero-Mariona, J., Hallman, R., Kline, M., San Miguel, J., Major, M., Kerr, L.: Security in the industrial internet of things-the C-SEC approach. In: Proceedings of the International Conference on Internet of Things and Big Data, vol. 1, pp. 421–428 (2016)
Jajodia, S., Noel, S., Kalapa, P., Albanese, M., Williams, J.: Cauldron mission-centric cyber situational awareness with defense in depth. In: MILCOM, pp. 1339–1344 (2011)
Noel, S., Harley, E., Tam, K., Limiero, M., Share, M.: Cygraph: graph-based analytics and visualization for cybersecurity. In: Handbook of Statistics, vol. 35, pp. 117–167. Elsevier (2016)
George, G., Thampi, S.M.: Vulnerability-based risk assessment and mitigation strategies for edge devices in the internet of things. In: Pervasive and Mobile Computing, p. 101068 (2019)
Mell, P., Scarfone, K., Romanosky, S.: Common vulnerability scoring system (CVSS) (2011). http://www.first.org/cvss/cvss-guide.html
Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 217–224. ACM (2002)
Acknowledgments
This project is sponsored by Dept. of Science and Technology, Govt. of India through WoS-A under sanction order No. SR/WOS-A/ET-97/2016(G).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
George, G., Thampi, S.M. (2019). Securing Smart Healthcare Systems from Vulnerability Exploitation. In: Wang, G., El Saddik, A., Lai, X., Martinez Perez, G., Choo, KK. (eds) Smart City and Informatization. iSCI 2019. Communications in Computer and Information Science, vol 1122. Springer, Singapore. https://doi.org/10.1007/978-981-15-1301-5_24
Download citation
DOI: https://doi.org/10.1007/978-981-15-1301-5_24
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-1300-8
Online ISBN: 978-981-15-1301-5
eBook Packages: Computer ScienceComputer Science (R0)