Experimental Security Analysis of Connected Pacemakers
| dc.contributor.author | Bour, Guillaume | |
| dc.contributor.author | Moe, Marie Elisabeth Gaup | |
| dc.contributor.author | Borgaonkar, Ravishankar Bhaskarrao | |
| dc.date.accessioned | 2023-08-31T16:54:12Z | |
| dc.date.available | 2023-08-31T16:54:12Z | |
| dc.date.created | 2022-08-11T14:14:52Z | |
| dc.date.issued | 2022 | |
| dc.identifier.citation | Proceedings of the 15th International Joint Conference on Biomedical Engineering Systems and Technologies (BIOSTEC 2022) - Volume 1. 2022, 35-45. | en_US |
| dc.identifier.isbn | 978-989-758-552-4 | |
| dc.identifier.uri | https://hdl.handle.net/11250/3086725 | |
| dc.description.abstract | Medical devices and their connectivity capabilities are providing a variety of benefits to the healthcare domain, including remote monitoring, automated alerts, and improved patient outcomes. However, these medical devices introduce a range of new potential cyber security risks when connected to the Internet, affecting the patient or the healthcare infrastructure. In this paper, we systematically analyze the security issues of connected pacemakers. In particular, we use a black box testing methodology against a commercial pacemaker device and the network infrastructure. Our main objective is to understand how the data is sent from a bedside monitor in the patient’s home to the backend server hosted by the pacemaker manufacturer, and whether or not this data is protected from a cyber security perspective. To do so, we leveraged several hardware related vulnerabilities found in the bedside monitor to obtain the firmware of the device and then reverse engineered the proprietary communication protocol. We demonstrate how vulnerabilities in this protocol can be leveraged to allow an attacker to perform a man-in-the-middle attack on the pacemaker. | en_US |
| dc.language.iso | eng | en_US |
| dc.publisher | SciTePress | en_US |
| dc.relation.ispartof | Proceedings of the 15th International Joint Conference on Biomedical Engineering Systems and Technologies (BIOSTEC 2022) - Volume 1 | |
| dc.relation.uri | https://www.scitepress.org/PublicationsDetail.aspx?ID=p5nfEL479XE=&t=1 | |
| dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 Internasjonal | * |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/4.0/deed.no | * |
| dc.title | Experimental Security Analysis of Connected Pacemakers | en_US |
| dc.title.alternative | Experimental Security Analysis of Connected Pacemakers | en_US |
| dc.type | Chapter | en_US |
| dc.description.version | publishedVersion | en_US |
| dc.source.pagenumber | 35-45 | en_US |
| dc.identifier.doi | 10.5220/0010816900003123 | |
| dc.identifier.cristin | 2042467 | |
| dc.relation.project | Norges forskningsråd: 288856 | en_US |
| cristin.ispublished | true | |
| cristin.fulltext | original | |
| cristin.qualitycode | 1 |
Tilhørende fil(er)
Denne innførselen finnes i følgende samling(er)
-
Publikasjoner fra CRIStin - SINTEF AS [5668]
-
SINTEF Digital [2415]
Med mindre annet er angitt, så er denne innførselen lisensiert som Attribution-NonCommercial-NoDerivatives 4.0 Internasjonal