More Web Proxy on the site http://driver.im/

research-article

They can hear your heartbeats: non-invasive security for implantable medical devices

Authors:

Shyamnath Gollakota,

Haitham Hassanieh,

Benjamin Ransford,

Kevin FuAuthors Info & Claims

ACM SIGCOMM Computer Communication Review, Volume 41, Issue 4

Pages 2 - 13

https://doi.org/10.1145/2043164.2018438

Published: 15 August 2011 Publication History

Abstract

Wireless communication has become an intrinsic part of modern implantable medical devices (IMDs). Recent work, however, has demonstrated that wireless connectivity can be exploited to compromise the confidentiality of IMDs' transmitted data or to send unauthorized commands to IMDs---even commands that cause the device to deliver an electric shock to the patient. The key challenge in addressing these attacks stems from the difficulty of modifying or replacing already-implanted IMDs. Thus, in this paper, we explore the feasibility of protecting an implantable device from such attacks without modifying the device itself. We present a physical-layer solution that delegates the security of an IMD to a personal base station called the shield. The shield uses a novel radio design that can act as a jammer-cum-receiver. This design allows it to jam the IMD's messages, preventing others from decoding them while being able to decode them itself. It also allows the shield to jam unauthorized commands---even those that try to alter the shield's own transmissions. We implement our design in a software radio and evaluate it with commercial IMDs. We find that it effectively provides confidentiality for private data and protects the IMD from unauthorized commands.

Supplementary Material

JPG File (sigcomm_1_1.jpg)

Download
13.24 KB

MP4 File (sigcomm_1_1.mp4)

Download
163.63 MB

References

[1]

J. Åkerberg. State-of-the-art radiosonde telemetry. In Proc. Symp. Integrated Observing and Assimilation Systems for Atmosphere, Oceans, and Land Surface. American Meterological Society, 2004.

[2]

S. Cherukuri, K. K. Venkatasubramanian, and S. K. S. Gupta. Biosec: A biometric based approach for securing communication in wireless networks of biosensors implanted in the human body. In International Conference on Parallel Processing Workshops, 2003.

[3]

J. Choi, M. Jain, K. Srinivasan, P. Levis, and S. Katti. Achieving single channel, full duplex wireless communication. In Proc. ACM MobiCom, 2010.

Digital Library

[4]

I. Csiszar and J. Korner. Broadcast channels with confidential messages. IEEE Trans. Inf. Theory, 24(3):339--348, 1978.

Digital Library

[5]

T. Denning, K. Fu, and T. Kohno. Absence makes the heart grow fonder: New directions for implantable medical device security. In Proc. USENIX Workshop on Hot Topics in Security (HotSec), 2008.

Digital Library

[6]

D. Eckhardt and P. Steenkiste. Measurement and analysis of the error characteristics of an in-building wireless network. In Proc. ACM SIGCOMM, 1996.

Digital Library

[7]

Ettus Inc. Universal Software Radio Peripheral. http://ettus.com/.

[8]

European Telecommunications Standard Institute. ETSI EN 301 839--1 V1.3.1, 2009.

[9]

C. Falcon. Inside implantable devices. Medical Design Tech., 2004.

[10]

Federal Communications Commission. FCC ID number search. http://www.fcc.gov/searchtools.html.

[11]

Federal Communications Commission. MICS Medical Implant Communication Services, FCC 47CFR95.601--95.673 Subpart E/I Rules for MedRadio Services.

[12]

K. Fu. Inside risks: Reducing the risks of implantable medical devices: A prescription to improve security and privacy of pervasive health care. Communications of the ACM, 52(6):25--27, 2009.

Digital Library

[13]

K. Fu. Trustworthy medical device software. In Public Health Effectiveness of the FDA 510(k) Clearance Process: Measuring Postmarket Performance and Other Select Topics: Workshop Report. IOM (Institute of Medicine), National Academies Press, 2011.

[14]

GNU Radio. http://gnuradio.org/.

[15]

A. Goldsmith. Wireless Communications. Cambridge University Press, 2005.

Digital Library

[16]

S. Gollakota, F. Adib, D. Katabi, and S. Seshan. Clearing the rf smog: Making 802.11n robust to cross-technology interference. In ACM SIGCOMM, 2011.

Digital Library

[17]

S. Gollakota, N. Ahmed, N. Zeldovich, and D. Katabi. Secure in-band wireless pairing. In Usenix security symposium, 2011.

Digital Library

[18]

S. Gollakota and D. Katabi. Physical layer security made fast and channel-independent. In Proc. IEEE INFOCOM, 2011.

[19]

D. Halperin, T. S. Heydt-Benjamin, K. Fu, T. Kohno, and W. H. Maisel. Security and privacy for implantable medical devices. IEEE Pervasive Computing, 7(1), 2008.

Digital Library

[20]

D. Halperin, T. S. Heydt-Benjamin, B. Ransford, S. S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W. H. Maisel. Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses. In Proc. IEEE Symposium on Security and Privacy, 2008.

Digital Library

[21]

Industry Canada. Radio Standards Specification RSS-243: Medical Devices Operating in the 401--406 MHz Frequency Band. Spectrum Management and Telecommunications, 2010.

[22]

International Telecommunications Union. ITU-R Recommendation RS.1346: Sharing between the meteorological aids service and medical implant communication systems (MICS) operating in the mobile service in the frequency band 401--406 MHz, 1998.

[23]

Jackson Labs. Fury GPSDO. http://www.jackson-labs.com/.

[24]

W. C. Jakes. Microwave Mobile Communications. Wiley, 1974.

Digital Library

[25]

M. Koplow, A. Chen, D. Steingart, P.Wright, and J. Evans. Thick film thermoelectric energy harvesting systems for biomedical applications. In Proc. Symp. Medical Devices and Biosensors, 2008.

[26]

C. Kuo, J. Walker, and A. Perrig. Low-cost manufacturing, usability and security: An analysis of bluetooth simple pairing and wi-fi protected setup. In Usable Security Workshop, 2007.

Digital Library

[27]

Y. Liu, P. Ning, H. Dai, and A. Liu. Randomized differential DSSS: Jamming-resistant wireless broadcast communication. In Proc. IEEE INFOCOM, 2010.

Digital Library

[28]

J. Lopatka. Adaptive generating of the jamming signal. In Proc. IEEE Military Communications Conference (MILCOM), 1995.

[29]

W. H. Maisel. Safety issues involving medical devices: Implications of recent implantable cardioverter-defibrillator malfunctions. Journal of the American Medical Association, 2005.

[30]

W. H. Maisel and T. Kohno. Improving the security and privacy of implantable medical devices. New England Journal of Medicine, 362(13):1164--1166, 2010.

[31]

I. Martinovic, P. Pichota, and J. Schmitt. Jamming for good: A fresh approach to authentic communication in WSNs. In Proc. ACM Conf. on Wireless Network Security (WiSec), 2009.

Digital Library

[32]

Medtronic's Paradigm Veo wireless insulin pump helps prevent hypoglycemia. MedGadget--Internet Journal for emerging medical technologies, 2009.

[33]

Medtronic Inc. CareLink Programmer. http://www.medtronic.com/for-healthcare-professionals/productstherapies/cardiac-rhythm/patient-management-carelink/medtroniccarelink-programmer/index.htm.

[34]

Medtronic Inc. Concerto II CRT-D digital implantable cardioverter defibrillator with cardiac resynchronization therapy. http://www.medtronic.com/for-healthcare-professionals/productstherapies/cardiac-rhythm/cardiac-resynchronization-therapydevices/historical-crt-devices/index.htm.

[35]

Medtronic Inc. Virtuoso DR/VR implantable cardioverter defibrillator systems. http://www.medtronic.com/your-health/sudden-cardiacarrest/device/our-implantable-defibrillators/virtuoso/index.htm.

[36]

H. Meyr, M. Moeneclaey, and S. A. Fechtel. Digital Communication Receivers: Synchronization, Channel Estimation, and Signal Processing. Wiley, 1998.

Digital Library

[37]

D. Panescu. Wireless communication systems for implantable medical devices. IEEE Eng. in Medicine and Biology Mag., 2008.

[38]

PCTest Engineering Labs, Inc. Certificate of compliance, fcc part 95 certification, test report number: 95.220719375.lf5, 2002.

[39]

PCTest Engineering Labs, Inc. Certificate of compliance, fcc part 95 and en 301 839--2, test report number: 0703090168.med, 2007.

[40]

C. Pöpper, M. Strasser, and S. Capkun. Jamming-resistant broadcast communication without shared keys. In USENIX Security Sym., 2009.

Digital Library

[41]

B. Radunovic, D. Gunawardena, P. Key, A. Proutiere, N. Singh, H. V. Balan, and G. Dejean. Rethinking indoor wireless: Low power, low frequency, full-duplex. Technical report, Microsoft Research, 2009.

[42]

M. Rieback, B. Crispo, and A. Tanenbaum. RFID Guardian: A battery-powered mobile device for RFID privacy management. In Proc. Australasian Conf. on Information Security and Privacy, 2005.

Digital Library

[43]

D. Sagan. Rf integrated circuits for medical applications: Meeting the challenge of ultra low power communication. Zarlink Semiconductor. http://stf.ucsd.edu/presentations.

[44]

N. Santhapuri, R. R. Choudhury, J. Manweiler, S. Nelakuduti, S. Sen, and K. Munagala. Message in message mim: A case for reordering transmissions in wireless networks. In ACM HotNets-VII, 2008.

[45]

K. Sayrafian-Pour, W. Yang, J. Hagedorn, J. Terrill, K. Yazdandoost, and K. Hamaguchi. Channel models for medical implant communication. Inter. Journal of Wireless Info. Networks, 2010.

[46]

S. Schechter. Security that is meant to be skin deep: Using ultraviolet micropigmentation to store emergency-access keys for implantable medical devices. In USENIX Workshop HealthSec, 2010.

[47]

M. Scheffler, E. Hirt, and A. Caduff. Wrist-wearable medical devices: Technologies and applications. Medical Device Technology, 2003.

[48]

C. E. Shannon. Communication theory of secrecy systems. Bell System Technical Journal, 28(4):656--715, 1949.

[49]

V. Shnayder, B. Chen, K. Lorincz, T. R. F. Fulford-Jones, and M. Welsh. Sensor networks for medical care. Technical Report TR-08-05, Harvard University, 2005.

Digital Library

[50]

M. J. Siavoshani, U. Pulleti, E. Atsan, I. Safaka, C. Fragoulia, K. Argyraki, and S. Diggavi. Exchanging secrets without using cryptography. arXiv:1105.4991v1, 2011.

[51]

D. Tse and P. Vishwanath. Fundamentals of Wireless Communications. Cambridge University Press, 2005.

Digital Library

[52]

A. Wyner. The wire-tap channel. Bell Sys. Technical Journal, 1975.

[53]

S. Xiao, A. Dhamdhere, V. Sivaraman, and A. Burdett. Transmission power control in body area sensor networks for healthcare monitoring. IEEE Journal on Selected Areas in Comm., 2009.

Digital Library

[54]

F. Xu, Z. Qin, C. C. Tan, B. Wang, and Q. Li. IMDGuard: Securing implantable medical devices with the external wearable guardian. In Proc. IEEE INFOCOM, 2011.

[55]

Zephyr Inc. BioHarness BT. http://www.zephyr-technology.com.

[56]

C. Zhan, W. B. Baine, A. Sedrakyan, and S. Claudia. Cardiac device implantation in the US from 1997 through 2004: A population-based analysis. Journal of General Internal Medicine, 2007.

Cited By

Bhatia AHanna JStuart TKasper KClausen DGutruf P(2024)Wireless Battery-free and Fully Implantable Organ InterfacesChemical Reviews10.1021/acs.chemrev.3c00425124:5(2205-2280)Online publication date: 21-Feb-2024
https://doi.org/10.1021/acs.chemrev.3c00425
Khan AJoshi RSharma MGanguly AParashar PWang TLee SKao FLin Z(2024)Piezoelectric and triboelectric nanogenerators: Promising technologies for self-powered implantable biomedical devicesNano Energy10.1016/j.nanoen.2023.109051119(109051)Online publication date: Jan-2024
https://doi.org/10.1016/j.nanoen.2023.109051
Mitra ARoy Chowdhury D(2023)Unmasking the Dominant Threat of Data Manipulation Attack on Implantable Cardioverter Defibrillators2023 20th Annual International Conference on Privacy, Security and Trust (PST)10.1109/PST58708.2023.10320186(1-7)Online publication date: 21-Aug-2023
https://doi.org/10.1109/PST58708.2023.10320186
Show More Cited By

Index Terms

They can hear your heartbeats: non-invasive security for implantable medical devices
1. Hardware
  1. Communication hardware, interfaces and storage
2. Networks

Recommendations

They can hear your heartbeats: non-invasive security for implantable medical devices
SIGCOMM '11: Proceedings of the ACM SIGCOMM 2011 conference

Wireless communication has become an intrinsic part of modern implantable medical devices (IMDs). Recent work, however, has demonstrated that wireless connectivity can be exploited to compromise the confidentiality of IMDs' transmitted data or to send ...
Can You Hear It?: Backdoor Attacks via Ultrasonic Triggers
WiseML '22: Proceedings of the 2022 ACM Workshop on Wireless Security and Machine Learning

This work explores backdoor attacks for automatic speech recognition systems where we inject inaudible triggers. By doing so, we make the backdoor attack challenging to detect for legitimate users and, consequently, potentially more dangerous. We ...
A deep convolutional neural network model to classify heartbeats

The electrocardiogram (ECG) is a standard test used to monitor the activity of the heart. Many cardiac abnormalities will be manifested in the ECG including arrhythmia which is a general term that refers to an abnormal heart rhythm. The basis of ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM SIGCOMM Computer Communication Review

ACM SIGCOMM Computer Communication Review Volume 41, Issue 4

SIGCOMM '11

August 2011

480 pages

ISSN:0146-4833

DOI:10.1145/2043164

Issue’s Table of Contents

SIGCOMM '11: Proceedings of the ACM SIGCOMM 2011 conference
August 2011
502 pages
ISBN:9781450307970
DOI:10.1145/2018436
General Chairs:
Srinivasan Keshav
University of Waterloo, Canada
,
Jörg Liebeherr
University of Toronto, Canada
,
Program Chairs:
John Byers
Boston University, USA
,
Jeffrey Mogul
HP Labs, USA

Copyright © 2011 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 August 2011

Published in SIGCOMM-CCR Volume 41, Issue 4

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

301
Total Citations
View Citations
4,169
Total Downloads

Downloads (Last 12 months)322
Downloads (Last 6 weeks)49

Reflects downloads up to 12 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Bhatia AHanna JStuart TKasper KClausen DGutruf P(2024)Wireless Battery-free and Fully Implantable Organ InterfacesChemical Reviews10.1021/acs.chemrev.3c00425124:5(2205-2280)Online publication date: 21-Feb-2024
https://doi.org/10.1021/acs.chemrev.3c00425
Khan AJoshi RSharma MGanguly AParashar PWang TLee SKao FLin Z(2024)Piezoelectric and triboelectric nanogenerators: Promising technologies for self-powered implantable biomedical devicesNano Energy10.1016/j.nanoen.2023.109051119(109051)Online publication date: Jan-2024
https://doi.org/10.1016/j.nanoen.2023.109051
Mitra ARoy Chowdhury D(2023)Unmasking the Dominant Threat of Data Manipulation Attack on Implantable Cardioverter Defibrillators2023 20th Annual International Conference on Privacy, Security and Trust (PST)10.1109/PST58708.2023.10320186(1-7)Online publication date: 21-Aug-2023
https://doi.org/10.1109/PST58708.2023.10320186
Longras APereira TAmaral A(2023)Cybersecurity Challenges in Healthcare Medical DevicesInternet of Everything10.1007/978-3-031-25222-8_6(66-75)Online publication date: 29-Jan-2023
https://doi.org/10.1007/978-3-031-25222-8_6
Kumari NKar JNaik K(2022)PUA-KEJournal of Systems Architecture: the EUROMICRO Journal10.1016/j.sysarc.2021.102307120:COnline publication date: 23-Apr-2022
https://dl.acm.org/doi/10.1016/j.sysarc.2021.102307
Jin RZeng KJiang C(2022)Friendly spectrum jamming against MIMO eavesdroppingWireless Networks10.1007/s11276-022-02967-128:6(2437-2453)Online publication date: 27-Apr-2022
https://doi.org/10.1007/s11276-022-02967-1
Varma NCygankiewicz ITurakhia MHeidbuchel HHu YChen LCouderc JCronin EEstep JGrieten LLane DMehra RPage APassman RPiccini JPiotrowicz EPiotrowicz RPlatonov PRibeiro ARich RRusso ASlotwiner DSteinberg JSvennberg E(2021)2021 ISHNE/HRS/EHRA/APHRS Expert Collaborative Statement on mHealth in Arrhythmia Management: Digital Medical Tools for Heart Rhythm Professionals: From the International Society for Holter and Noninvasive Electrocardiology/Heart Rhythm Society/European Heart Rhythm Association/Asia-Pacific Heart Rhythm SocietyCirculation: Arrhythmia and Electrophysiology10.1161/CIRCEP.120.00920414:2Online publication date: Feb-2021
https://doi.org/10.1161/CIRCEP.120.009204
Cao JLin MWang HFang JXu Y(2021)Towards Activity Recognition through Multidimensional Mobile Data Fusion with a Smartphone and Deep LearningMobile Information Systems10.1155/2021/66156952021Online publication date: 1-Jan-2021
https://dl.acm.org/doi/10.1155/2021/6615695
Zendehdel GKaur RChopra IStakhanova NScheme E(2021)Automated Security Assessment Framework for Wearable BLE-enabled Health Monitoring DevicesACM Transactions on Internet Technology10.1145/344864922:1(1-31)Online publication date: 14-Sep-2021
https://dl.acm.org/doi/10.1145/3448649
Varma NCygankiewicz ITurakhia MHeidbuchel HHu YChen LCouderc JCronin EEstep JGrieten LLane DMehra RPage APassman RPiccini JPiotrowicz EPiotrowicz RPlatonov PRibeiro ARich RRusso ASlotwiner DSteinberg JSvennberg E(2021)2021 ISHNE/ HRS/ EHRA/ APHRS collaborative statement on mHealth in Arrhythmia Management: Digital Medical Tools for Heart Rhythm ProfessionalsAnnals of Noninvasive Electrocardiology10.1111/anec.1279526:2Online publication date: 29-Jan-2021
https://doi.org/10.1111/anec.12795
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents