Patrick Luckett,J Todd McDonald,William Bradley Glisson

DOI: https://doi.org/10.24251/HICSS.2017.441

2017-09-15

Abstract:The continued integration of technology into all aspects of society stresses the need to identify and understand the risk associated with assimilating new technologies. This necessity is heightened when technology is used for medical purposes like ambulatory devices that monitor a patient's vital signs. This integration creates environments that are conducive to malicious activities. The potential impact presents new challenges for the medical community. Hence, this research presents attack graph modeling as a viable solution to identifying vulnerabilities, assessing risk, and forming mitigation strategies to defend ambulatory medical devices from attackers. Common and frequent vulnerabilities and attack strategies related to the various aspects of ambulatory devices, including Bluetooth enabled sensors and Android applications are identified in the literature. Based on this analysis, this research presents an attack graph modeling example on a theoretical device that highlights vulnerabilities and mitigation strategies to consider when designing ambulatory devices with similar components.

Cryptography and Security

Shams Zawoad,Ragib Hasan

DOI: https://doi.org/10.48550/arXiv.1210.2149

2012-10-08

Cryptography and Security

Abstract:With the proliferation of wireless networks, mobile devices and medical devices are increasingly being equipped with wireless interfaces, such as Bluetooth and WiFi to allow easy access to and control of the medical devices. Unfortunately, the very presence and usage of such interfaces also expose the medical devices to novel attacks from malicious parties. The emerging threat from malicious mobile devices is significant and severe, since attackers can steal confidential data from a patient's medical device. Also, attackers can compromise the medical device and either feed doctors bad data from it or issue potentially fatal commands to the device, which may even result in the death of the patient. As the mobile devices are often at close proximity to the patient (either in the hospital or home settings), attacks from such devices are hard to prevent. In this paper, we present a systematic analysis of this new threat from mobile devices on medical devices and healthcare infrastructure. We also perform a thorough security analysis of a major hospital and uncover potential vulnerabilities. Finally, we propose a set of potential solutions and defenses against such attacks.

Mauro Conti,Qian Qian Li,Alberto Maragno,Riccardo Spolaor

DOI: https://doi.org/10.1109/comst.2018.2843533

2018-01-01

Abstract:In recent years, mobile devices (e.g., smartphones and tablets) have met an increasing commercial success and have become a fundamental element of the everyday life for billions of people all around the world. Mobile devices are used not only for traditional communication activities (e.g., voice calls and messages) but also for more advanced tasks made possible by an enormous amount of multi-purpose applications (e.g., finance, gaming, and shopping). As a result, those devices generate a significant network traffic (a consistent part of the overall Internet traffic). For this reason, the research community has been investigating security and privacy issues that are related to the network traffic generated by mobile devices, which could be analyzed to obtain information useful for a variety of goals (ranging from fine-grained user profiling to device security and network optimization). In this paper, we review the works that contributed to the state of the art of network traffic analysis targeting mobile devices. In particular, we present a systematic classification of the works in the literature according to three criteria: 1) the goal of the analysis; 2) the point where the network traffic is captured; and 3) the targeted mobile platforms. In this survey, we consider points of capturing such as Wi-Fi access points, software simulation, and inside real mobile devices or emulators. For the surveyed works, we review and compare analysis techniques, validation methods, and achieved results. We also discuss possible countermeasures, challenges, and possible directions for future research on mobile traffic analysis and other emerging domains (e.g., Internet of Things). We believe our survey will be a reference work for researchers and practitioners in this research field.

computer science, information systems,telecommunications

Daniel Wood,Noah Apthorpe,Nick Feamster

DOI: https://doi.org/10.48550/arXiv.1803.10147

2018-03-27

Cryptography and Security

Abstract:This paper introduces a method to capture network traffic from medical IoT devices and automatically detect cleartext information that may reveal sensitive medical conditions and behaviors. The research follows a three-step approach involving traffic collection, cleartext detection, and metadata analysis. We analyze four popular consumer medical IoT devices, including one smart medical device that leaks sensitive health information in cleartext. We also present a traffic capture and analysis system that seamlessly integrates with a home network and offers a user-friendly interface for consumers to monitor and visualize data transmissions of IoT devices in their homes.

Yousef Amar,Hamed Haddadi,Richard Mortier,Anthony Brown,James Colley,Andy Crabtree

DOI: https://doi.org/10.48550/arXiv.1803.05368

2018-03-14

Abstract:Internet-connected devices are increasingly present in our homes, and privacy breaches, data thefts, and security threats are becoming commonplace. In order to avoid these, we must first understand the behaviour of these devices. In this work, we analyse network traces from a testbed of common IoT devices, and describe general methods for fingerprinting their behavior. We then use the information and insights derived from this data to assess where privacy and security risks manifest themselves, as well as how device behavior affects bandwidth. We demonstrate simple measures that circumvent attempts at securing devices and protecting privacy.

Networking and Internet Architecture

Arun Raghuramu,Parth H. Pathak,Hui Zang,Jinyoung Han,Chang Liu,Chen-Nee Chuah

DOI: https://doi.org/10.1016/j.comcom.2016.04.011

IF: 5.047

2016-01-01

Computer Communications

Abstract:This paper presents a measurement study that analyzes large-scale traffic data gathered from two different wireless scenarios: cellular and Wi-Fi networks. We first analyze packet traces and security event logs generated by over 2 million devices in a major US-based cellular network, and show that 0.17% of mobile devices are affected by security threats. We then analyze the aggregate network footprint of malicious and benign traffic in the cellular network, and demonstrate that statistical network features (e.g., uplink data transfer volume, IP entropy) can be effectively used to distinguish such malicious and benign traffic. We next investigate over 2.4 TB of Wi-Fi traffic data, which are generated by 27 K distinct users, in a university campus network. Based on the lessons learned from a comprehensive exploration of a large feature space consisting of over 500 statistical attributes derived from network traffic to/from malicious and benign domains, we propose a novel, in-house traffic screening method, which has the capability of effectively identifying potential malicious domains. Our method achieves over 90% accuracy with only using a small set of simple statistical network features, without using any additional specialized datasets (e.g., geo-location database) or resource-intensive solutions (e.g., DPI boxes to collect HTTP traffic.). (C) 2016 Elsevier B.V. All rights reserved.

Md Mainuddin,Zhenhai Duan,Yingfei Dong

DOI: https://doi.org/10.1109/ICCCN52240.2021.9522168

2021-09-04

Abstract:Understanding network traffic characteristics of IoT devices plays a critical role in improving both the performance and security of IoT devices, including IoT device identification, classification, and anomaly detection. Although a number of existing research efforts have developed machine-learning based algorithms to help address the challenges in improving the security of IoT devices, none of them have provided detailed studies on the network traffic characteristics of IoT devices. In this paper we collect and analyze the network traffic generated in a typical smart homes environment consisting of a set of common IoT (and non-IoT) devices. We analyze the network traffic characteristics of IoT devices from three complementary aspects: remote network servers and port numbers that IoT devices connect to, flow-level traffic characteristics such as flow duration, and packet-level traffic characteristics such as packet inter-arrival time. Our study provides critical insights into the operational and behavioral characteristics of IoT devices, which can help develop more effective security and performance algorithms for IoT devices.

Networking and Internet Architecture

Brij Mala -,Sanskar Agrawal -,Aditya Sharma -,Rupinder Kaur -

DOI: https://doi.org/10.36948/ijfmr.2023.v05i06.8876

2023-11-21

International Journal For Multidisciplinary Research

Abstract:In today’s world security and privacy are the most needed qualities of any network. From calling to online transactions all occur on the network on daily basis. So there is the need to analyse the network in which all these activities occur. Network analysis thus plays a vital role in maintaining and optimizing network performance, security and troubleshooting. This paper researches on the topic network traffic analysis using Wireshark. Wireshark is an open source network packet analyser and it can be used by security administrators to analyse the traffic, analyse data packets and their role in shaping network behaviour. The network analysis using Wireshark will help to know any suspicious or malicious traffic in our network so that timely action can be taken to avoid attacks like DDOS, Man-in-the middle etc.

Stephen Cook,Maryam Mehrnezhad,Ehsan Toreini

DOI: https://doi.org/10.1007/s10207-024-00883-3

2024-08-19

International Journal of Information Security

Abstract:The number of digital health products is increasing faster than ever. These technologies (e.g. mobile apps and connected devices) collect massive amounts of data about their users, including health, medical, sex life, and other intimate data. In this paper, we study a set of 21 Internet of Things (IoT) devices advertised for general and intimate health purposes of female bodies (aka female-oriented technologies or FemTech). We focus on the security of the Bluetooth connection and communications between the IoT device and the mobile app. Our results highlight serious security issues in the current off-the-shelf FemTech devices. These include unencrypted Bluetooth traffic, unknown Bluetooth services and insecure Bluetooth authentication when connecting to the app. We implement Bluetooth attacks on the communication between these devices and apps, resulting in malfunctioning of the device and app. We discuss our results and provide recommendations for different stakeholders to improve the security practices of Bluetooth-enabled IoT devices in such a sensitive and intimate domain.

computer science, information systems, theory & methods, software engineering

S. Banaeian Far,A. Imani Rad

DOI: https://doi.org/10.48550/arXiv.1808.09491

2018-08-29

Abstract:The volume of data exchange in this network is ascending, by expansing of internet of things and its increasing familiarity in recent years. By increasing of requests for joining to the network and taking advantage of its services, necessity to maintain the privacy and security is felt more than ever and the whole thing has changed into a challenge. Keeping the security of the users in small networks seems to be simpler and the threats more predictable. As the users of the network which are sensors, the volume of data increases as well. As a result the routers of the network and network servers has become a seriously challenging task to control and maintain the security for this volume of data. We analyze these challenges in this paper. This paper aims to maintain the security of the users and present procedures to dominate the problems and express the strategies to overcome them. Some methods such as using both encryption function and secure protocol are proposed. Other method to overcome over big data challenges is smart design of communication protocol. Finally, we point out some future challenges of big-data on the internet of thing network.

Cryptography and Security

Mohammad Hosseini,Yu Jiang,Richard R. Berlin,Lui Sha,Houbing Song

DOI: https://doi.org/10.48550/arXiv.1707.04918

2017-07-17

Abstract:The ultimate objective of medical cyber-physical systems is to enhance the safety and effectiveness of patient care. To ensure safe and effective care during emergency patient transfer from rural areas to center tertiary hospitals, reliable and real-time communication is essential. Unfortunately, real-time monitoring of patients involves transmission of various clinical multimedia data including videos, medical images, and vital signs, which requires use of mobile network with high-fidelity communication bandwidth. However, the wireless networks along the roads in rural areas range from 4G to 2G to low speed satellite links, which poses a significant challenge to transmit critical patient information. In this paper, we present a bandwidth-compliant criticality-aware system for transmission of massive clinical multimedia data adaptive to varying bandwidths during patient transport. Model-based clinical automata are used to determine the criticality of clinical multimedia data. We borrow concepts from DASH, and propose physiology-aware adaptation techniques to transmit more critical clinical data with higher fidelity in response to changes in disease, clinical states, and bandwidth condition. In collaboration with Carle's ambulance service center, we develop a bandwidth profiler, and use it as proof of concept to support our experiments. Our preliminary evaluation results show that our solutions ensure that most critical patient's clinical data are communicated with higher fidelity.

Networking and Internet Architecture,Multimedia

Abdul Hai Faiz,Nasrullah Pirzada,Imran Ali,Abdul Latif,Sajjad Ali

DOI: https://doi.org/10.22937/IJCSNS.2020.20.10.6

2020-01-01

Abstract:This era is representing the maximum changes in technological aspect, where assortment of things are implanted with the electronic gadgets (such as mobile smart phones, Siri AI speaker, Chromecast, IPTV cameras, smart fans, laptops, smart watches and life monitoring devices etc.). The moving sensors and embedded software (such as control system of air traffic, infusion pump for drug, monitoring & attendance system for students, employees and faculty members etc.) these all frameworks associated through the internet for gathering, monitoring and exchanging the required and most important data. A simple minor mistake or lagging or security breaches in the internet connection can cause great number of loss of money, personal data and confidential information. Securing the network is as much important as securing personal information in the organizations (such as a university campus where thousands of user are connected to the same network). The security of such type of network is very important and is of optimum concerned. The popularity of wireless networks is further enhanced by its ability to communicate using different types of multiprotocol text, audio, video and streaming of global media. Hence, it is an imperative need to secure wireless network, not only to protect personal and business information, but also in light of the recent wireless network security breaches by unauthorized individuals. The aim of this work is to analyze the Wi-Fi network of university campus and evaluate the report which will contain the hardware and software details of all network devices and users. Furthermore, the extensive survey was conducted about users' satisfaction and expectation from Wi-Fi network. This work will improve the efficiency of the Wi-Fi network of university in effective and efficient manner.

Wang Jian,Alia Tabassum,Jian Ping Li

DOI: https://doi.org/10.3389/fmed.2024.1422911

2024-07-30

Abstract:In the Internet of Things (IoT) healthcare sector, the wireless body area network (WBAN) is being used to optimize medical results by tracking and treating patients as they go about their daily lives. Health insurance has also been one of the cybercriminal's main goals. The Systematic Review of IoT Healthcare systems particularly wireless body area networks is significant, to reach the benefits and challenges faced by existing methods in the domain. This study provides a systematic survey of WBAN data protection. Various types of devices are used in medical science to detect and diagnose diseases. The network is an integral part of medical science in today's era. In medical sciences, sensors take data from a problematic place like cancerous cells. This research discussed a lot of techniques in the literature review. Most of them are not able to fulfill the requirements. If an unauthorized person reaches the data that can be a severe issue, like the diagnosed disease was blood cancer, and after unauthorized access manipulation can change even the diagnosed issue in the database. A doctor can prescribe the medication based on provided data that has been manipulated by unauthorized persons. Several existing schemes are explored in the literature to determine how the protection of sharing patients' healthcare data can be improved. The systematic literature review (SLR) of multiple security schemes for WBAN is presented in this survey paper.

C Moor,M Braecklein,N Jörns

DOI: https://doi.org/10.1515/BMT.2005.036

Abstract:Wireless near-field transmission has been a challenge for scientists developing medical sensors for a long time. Here, instruments which measure a patient's ECG, oxygen saturation, blood pressure, peak flow, weight, blood glucose etc. are to be equipped with suitable transmission technology. Application scenarios for these sensors can be found in all medical areas where cable connections are irritating for the doctor, patient and other care personnel. This problem is especially common in sport medicine, sleep medicine, emergency medicine and intensive care. Based on its beneficial properties with regard to power consumption, range, data security and network capability, the worldwide standard radio technology Bluetooth was selected to transmit measurements. Since digital data is sent to a receiving station via Bluetooth, the measurement pre-processing now takes place in the patient sensor itself, instead of being processed by the monitor. In this article, a Bluetooth ECG, Bluetooth pulse oximeter, Bluetooth peak flow meter and Bluetooth event recorder will be introduced. On the one hand, systems can be realized with these devices, which allow patients to be monitored online (ECG, pulse oximeter). These devices can also be integrated in disease management programs (peak flow meter) and can be used to monitor high-risk patients in their home environment (event recorder).

Nusrat Fatema,Remus Brad

DOI: https://doi.org/10.48550/arXiv.1406.1795

2014-06-07

Abstract:Healthcare applications are well thought-out as interesting fields for WSN where patients can be examine using wireless medical sensor networks. Inside the hospital or extensive care surroundings there is a tempting need for steady monitoring of essential body functions and support for patient mobility. Recent research cantered on patient reliable communication, mobility, and energy-efficient routing. Yet deploying new expertise in healthcare applications presents some understandable security concerns which are the important concern in the inclusive deployment of wireless patient monitoring systems. This manuscript presents a survey of the security features, its counter attacks in healthcare applications including some proposed projects which have been done recently.

Cryptography and Security,Computers and Society

Ashish Rajeshwar Kulkarni,Narendra Kumar,K. Ramachandra Rao

DOI: https://doi.org/10.26599/bdma.2022.9020039

2023-01-27

Big Data Mining and Analytics

Abstract:Effective management of daily road traffic is a huge challenge for traffic personnel. Urban traffic management has come a long way from manual control to artificial intelligence techniques. Still real-time adaptive traffic control is an unfulfilled dream due to lack of low cost and easy to install traffic sensor with real-time communication capability. With increasing number of on-board Bluetooth devices in new generation automobiles, these devices can act as sensors to convey the traffic information indirectly. This paper presents the efficacy of road-side Bluetooth scanners for traffic data collection and big-data analytics to process the collected data to extract traffic parameters. Extracted information and analysis are presented through visualizations and tables. All data analytics and visualizations are carried out off-line in R Studio environment. Reliability aspects of the collected and processed data are also investigated. Higher speed of traffic in one direction owing to the geometry of the road is also established through data analysis. Increased penetration of smart phones and fitness bands in day to day use is also established through the device type of the data collected. The results of this work can be used for regular data collection compared to the traditional road surveys carried out annually or bi-annually. It is also found that compared to previous studies published in the literature, the device penetration rate and sample size found in this study are quite high and very encouraging. This is a novel work in literature, which would be quite useful for effective road traffic management in future.

Farzana Shabnam,Shahed Al Faiyad,S. M. Azmi Hoque

DOI: https://doi.org/10.1109/RAAICON48939.2019.34

2019-11-01

Abstract:Internet of Things points to expanding network of physical objects. Here, the data accumulation is done by the usage of sophisticated sensors, which communicates with each other and stores the data in cloud. IoT is transforming the way people communicate, work and live. It has been integrated in our everyday life starting from smart home devices to medical industries. In this paper, we have aimed to provide a review of different types of IoT based health monitoring devices proposed by researchers and how they are monitoring specific diseases. Such devices are categorized based on their types and comparison has been made based on available features. The following paper will focus on different wearable health devices; their operations, limitations and challenges. Moreover, an application on how these devices could be used for emergency situations has also been discussed. It will help future researchers to have an overview on the recent advancements in health care monitoring system.

Engineering,Medicine,Computer Science

Jan Herbst,Matthias Rüb,Sogo Pierre Sanon,Christoph Lipps,Hans D. Schotten

DOI: https://doi.org/10.3390/network4020007

2024-04-09

Network

Abstract:Wireless Body Area Networks (WBANs), low power, and short-range wireless communication in a near-body area provide advantages, particularly in the medical and healthcare sector: (i) they enable continuous monitoring of patients and (ii) the recording and correlation of physical and biological information. Along with the utilization and integration of these (sensitive) private and personal data, there are substantial requirements concerning security and privacy, as well as protection during processing and transmission. Contrary to the star topology frequently used in various standards, the overall concept of a novel low-data rate token-based WBAN framework is proposed. This work further comprises the evaluation of strategies for handling medical data with WBANs and emphasizes the importance and necessity of encryption and security strategies in the context of sensitive information. Furthermore, this work considers the recent advancements in Artificial Intelligence (AI), which are opening up opportunities for enhancing cyber resilience, but on the other hand, also new attack vectors. Moreover, the implications of targeted regulatory measures, such as the European AI Act, are considered. In contrast to, for instance, the proposed star network topologies of the IEEE 802.15.6 WBAN standard or the Technical Committee (TC) SmartBAN of the European Telecommunication Standards Institute (ETSI), the concept of a ring topology is proposed which concatenates information in the form of a ‘data train’ and thus results in faster and more efficient communication. Beyond that, the conductivity of human skin is included in the approach presented to incorporate a supplementary channel. This direct contact requirement not only fortifies the security of the system but also facilitates a reliable means of secure communication, pivotal in maintaining the integrity of sensitive health data. The work identifies different threat models associated with the WBAN system and evaluates potential data vulnerabilities and risks to maximize security. It highlights the crucial balance between security and efficiency in WBANs, using the token-based approach as a case study. Further, it sets a foundation for future healthcare technology advancements, aiming to ensure the secure and efficient integration of patient data.

huimin she,zhonghai lu,axel jantsch,lirong zheng,dian zhou

2007-01-01

Abstract:Nowadays, the evolution of wireless communication and network technologies enables remote medical services to be available everywhere in the world. In this paper, a network-based system architecture adopting wireless personal area network (WPAN) protocol IEEE 802.15.4/Zigbee standard and 3G communication networks for remote medical applications is proposed. In the proposed system, the number and type of medical sensors are scalable depending on individual needs. This feature allows the system to be flexibly applied in several medical applications. Furthermore, a differentiated service using priority scheduling and data compression is introduced. This scheme can not only reduce transmission delay for critical physiological signals and enhance bandwidth utilization at the same time, but also decrease power consumption of the hand-held personal server which uses battery as the energy source.

Ijaz Ahmad,Faheem Shahid,Ijaz Ahmad,Johirul Islam,Kazi Nymul Haque,Erkki Harjula

2024-06-06

Abstract:The healthcare infrastructure requires robust security procedures, technologies, and policies due to its critical nature. Since the Internet of Things (IoT) with its diverse technologies has become an integral component of future healthcare systems, its security requires a thorough analysis due to its inherent security limitations that arise from resource constraints. Existing communication technologies used for IoT connectivity, such as 5G, provide communications security with the underlying communication infrastructure to a certain level. However, the evolving healthcare paradigm requires adaptive security procedures and technologies that can adapt to the varying resource constraints of IoT devices. This need for adaptive security is particularly pronounced when considering components outside the security sandbox of 5G, such as IoT nodes and M2M connections, which introduce additional security challenges. This article brings forth the unique healthcare monitoring requirements and studies the existing encryption-based security approaches to provide the necessary security. Furthermore, this research introduces a novel approach to optimizing security and performance in IoT in healthcare, particularly in critical use cases such as remote patient monitoring. Finally, the results from the practical implementation demonstrate a marked improvement in the system performance.

Cryptography and Security