Skip to main content
SpringerLink
Log in

Securing Smart Healthcare Systems from Vulnerability Exploitation

  • Conference paper
  • First Online:
Smart City and Informatization (iSCI 2019)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1122))

Included in the following conference series:

Abstract

The capabilities of the IoT to track entities, measure and analyze vital information captured by sensors, and to transmit data over a fleet of devices, has convincingly placed it best suited toward the realization of the future-ready smart hospitals and healthcare applications. Real time sensing and monitoring of vital signs of patients, efficient scheduling of medical procedures, effective tracking of scarce resources, and optimized supply chain management of drugs and medical devices help not only to significantly improve the quality of health services but also to lower healthcare costs. However, bringing the healthcare systems under the IoT network poses huge security challenges. Once the devices controlling the life supporting equipments are under attack, the damages are beyond imagination. The vulnerabilities in the IoT-based devices can pose serious threats to the IoT healthcare systems. In this work, we propose a graphical modeling of possible attacks through exploitation of such vulnerabilities. The proposed model helps to foresee the possible attack paths exist in a network and to design suitable defense mechanisms. We also propose strategies for improving the security of the IoT-assisted networks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Cisco white paper, IoT threat environment, published on 2015. https://www.cisco.com/c/en_in/solutions/security/iot-threat-defense/index.html

  2. Huawei technologies, IoT security white paper-evolving security architecture, published on 2018. https://www.huawei.com/minisite/iot/img/iot_security_white_paper_2018_v2_en.pdf

  3. FDA, US food and drugs administration, medical device recalls, published on 2018. https://www.fda.gov/MedicalDevices/Safety/ListofRecalls.html

  4. Hipaa journal, pacific alliance medical center announces ransomware attack, published on 2017. https://www.hipaajournal.com/pacific-alliance-medical-center-announces-ransomware-attack

  5. George, G., Thampi, S.M.: A graph-based security framework for securing industrial IoT networks from vulnerability exploitations. IEEE Access 6, 43586–43601 (2018)

    Article  Google Scholar 

  6. Yu, T., Sekar, V., Seshan, S., Agarwal, Y., Xu, C.: Handling a trillion (unfixable) flaws on a billion devices: rethinking network security for the Internet-of-Things. In: Proceedings of the 14th ACM Workshop on Hot Topics in Networks, p. 5. ACM (2015)

    Google Scholar 

  7. Islam, S.R., Kwak, D., Kabir, M.H., Hossain, M., Kwak, K.-S.: The internet of things for health care: a comprehensive survey. IEEE Access 3, 678–708 (2015)

    Article  Google Scholar 

  8. Chiuchisan, I., Costin, H.-N., Geman, O.: Adopting the internet of things technologies in health care systems. In: 2014 International Conference and Exposition on Electrical and Power Engineering (EPE), pp. 532–535. IEEE (2014)

    Google Scholar 

  9. Yang, G., et al.: A health-IoT platform based on the integration of intelligent packaging, unobtrusive bio-sensor, and intelligent medicine box. IEEE Trans. Ind. Inform. 10(4), 2180–2191 (2014)

    Article  Google Scholar 

  10. Doukas, C., Maglogiannis, I.: Bringing IoT and cloud computing towards pervasive healthcare. In: 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp. 922–926. IEEE (2012)

    Google Scholar 

  11. Rohokale, V.M., Prasad, N.R., Prasad, R.: A cooperative internet of things (IoT) for rural healthcare monitoring and control. In: 2011 2nd International Conference on Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology (Wireless VITAE), pp. 1–6. IEEE (2011)

    Google Scholar 

  12. Catarinucci, L., et al.: An iot-aware architecture for smart healthcare systems. IEEE Internet Things J. 2(6), 515–526 (2015)

    Article  Google Scholar 

  13. Zhang, Y., Sun, L., Song, H., Cao, X.: Ubiquitous wsn for healthcare: recent advances and future prospects. IEEE Internet Things J. 1(4), 311–318 (2014)

    Article  Google Scholar 

  14. Xu, B., Da Xu, L., Cai, H., Xie, C., Hu, J., Bu, F., et al.: Ubiquitous data accessing method in IoT-based information system for emergency medical services. IEEE Trans. Ind. Inform. 10(2), 1578–1586 (2014)

    Article  Google Scholar 

  15. Laplante, P.A., Laplante, N.: The internet of things in healthcare: potential applications and challenges. IT Prof. 3, 2–4 (2016)

    Article  Google Scholar 

  16. Tarouco, L.M.R., et al.: Internet of things in healthcare: Interoperatibility and security issues. In: 2012 IEEE International Conference on Communications (ICC), pp. 6121–6125. IEEE (2012)

    Google Scholar 

  17. Gope, P., Hwang, T.: BSN-care: a secure IoT-based modern healthcare system using body sensor network. IEEE Sens. J. 16(5), 1368–1376 (2016)

    Article  Google Scholar 

  18. Anil Chacko, T.H.: Security and privacy issues with IoT in healthcare. EAI Endorsed Trans. Pervasive Health Technol. 4, e2 (2018)

    Google Scholar 

  19. Simpson, A.K., Roesner, F., Kohno, T.: Securing vulnerable home IoT devices with an in-hub security manager. In: 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), pp. 551–556. IEEE (2017)

    Google Scholar 

  20. Ge, M., Hong, J.B., Guttmann, W., Kim, D.S.: A framework for automating security analysis of the Internet of Things. J. Netw. Comput. Appl. 83, 12–27 (2017)

    Article  Google Scholar 

  21. George, G., Thampi, S.M.: A graph-based decision support model for vulnerability analysis in IoT networks. In: Thampi, S.M., Madria, S., Wang, G., Rawat, D.B., Alcaraz Calero, J.M. (eds.) SSCC 2018. CCIS, vol. 969, pp. 1–23. Springer, Singapore (2019). https://doi.org/10.1007/978-981-13-5826-5_1

    Chapter  Google Scholar 

  22. Romero-Mariona, J., Hallman, R., Kline, M., San Miguel, J., Major, M., Kerr, L.: Security in the industrial internet of things-the C-SEC approach. In: Proceedings of the International Conference on Internet of Things and Big Data, vol. 1, pp. 421–428 (2016)

    Google Scholar 

  23. Jajodia, S., Noel, S., Kalapa, P., Albanese, M., Williams, J.: Cauldron mission-centric cyber situational awareness with defense in depth. In: MILCOM, pp. 1339–1344 (2011)

    Google Scholar 

  24. Noel, S., Harley, E., Tam, K., Limiero, M., Share, M.: Cygraph: graph-based analytics and visualization for cybersecurity. In: Handbook of Statistics, vol. 35, pp. 117–167. Elsevier (2016)

    Google Scholar 

  25. George, G., Thampi, S.M.: Vulnerability-based risk assessment and mitigation strategies for edge devices in the internet of things. In: Pervasive and Mobile Computing, p. 101068 (2019)

    Google Scholar 

  26. Mell, P., Scarfone, K., Romanosky, S.: Common vulnerability scoring system (CVSS) (2011). http://www.first.org/cvss/cvss-guide.html

  27. Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 217–224. ACM (2002)

    Google Scholar 

Download references

Acknowledgments

This project is sponsored by Dept. of Science and Technology, Govt. of India through WoS-A under sanction order No. SR/WOS-A/ET-97/2016(G).

Author information

Authors and Affiliations

  1. Center for Research and Innovation in Cyber Threat Resilience, Indian Institute of Information Technology and Management-Kerala, Thiruvananthapuram, 695581, India

    Gemini George & Sabu M. Thampi

  2. Cochin University of Science and Technology, Kochi, 682022, India

    Gemini George

Authors
  1. Gemini George
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sabu M. Thampi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sabu M. Thampi .

Editor information

Editors and Affiliations

  1. Guangzhou University, Guangzhou, China

    Guojun Wang

  2. University of Ottawa, Ottawa, ON, Canada

    Abdulmotaleb El Saddik

  3. Shanghai Jiao Tong University, Shanghai, China

    Xuejia Lai

  4. University of Murcia, Murcia, Spain

    Gregorio Martinez Perez

  5. The University of Texas at San Antonio, San Antonio, TX, USA

    Kim-Kwang Raymond Choo

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

George, G., Thampi, S.M. (2019). Securing Smart Healthcare Systems from Vulnerability Exploitation. In: Wang, G., El Saddik, A., Lai, X., Martinez Perez, G., Choo, KK. (eds) Smart City and Informatization. iSCI 2019. Communications in Computer and Information Science, vol 1122. Springer, Singapore. https://doi.org/10.1007/978-981-15-1301-5_24

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-1301-5_24

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-1300-8

  • Online ISBN: 978-981-15-1301-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation