[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
10.1145/2991079.2991094acmotherconferencesArticle/Chapter ViewAbstractPublication PagesacsacConference Proceedingsconference-collections
research-article

On the (in)security of the latest generation implantable cardiac defibrillators and how to secure them

Published: 05 December 2016 Publication History

Abstract

Implantable Medical Devices (IMDs) typically use proprietary protocols with no or limited security to wirelessly communicate with a device programmer. These protocols enable doctors to carry out critical functions, such as changing the IMD's therapy or collecting telemetry data, without having to perform surgery on the patient. In this paper, we fully reverse-engineer the proprietary communication protocol between a device programmer and the latest generation of a widely used Implantable Cardioverter Defibrillator (ICD) which communicate over a long-range RF channel (from two to five meters). For this we follow a black-box reverse-engineering approach and use inexpensive Commercial Off-The-Shelf (COTS) equipment. We demonstrate that reverse-engineering is feasible by a weak adversary who has limited resources and capabilities without physical access to the devices. Our analysis of the proprietary protocol results in the identification of several protocol and implementation weaknesses. Unlike previous studies, which found no security measures, this article discovers the first known attempt to obfuscate the data that is transmitted over the air. Furthermore, we conduct privacy and Denial-of-Service (DoS) attacks and give evidence of other attacks that can compromise the patient's safety. All these attacks can be performed without needing to be in close proximity to the patient. We validate that our findings apply to (at least) 10 types of ICDs that are currently on the market. Finally, we propose several practical short- and long-term countermeasures to mitigate or prevent existing vulnerabilities.

References

[1]
DAQ NI USB-6351. http://www.ni.com.
[2]
Federal Communications Commission (FCC) ID. http://www.fcc.gov/encyclopedia/fcc-search-tools.
[3]
LabVIEW. http://www.ni.com/labview.
[4]
NI USRP-2920. http://www.ni.com.
[5]
M. Abadi and C. Fournet. Mobile values, new names, and secure communication. In Symposium on Principles of Programming Languages (POPL), 2001.
[6]
B. Blanchet, B. Smyth, and V. Cheval. ProVerif 1.88: Automatic cryptographic protocol verifier, user manual and tutorial, 2013.
[7]
L. Chunxiao, A. Raghunathan, and N. Jha. Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system. In e-Health Networking Applications and Services, 13th IEEE International Conference on, pages 150--156, Jun 2011.
[8]
F. D. Garcia, G. Koning Gans, R. Muijrers, P. Rossum, R. Verdult, R. W. Schreur, and B. Jacobs. Dismantling mifare classic. In Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security, ESORICS '08, pages 97--114, Berlin, Heidelberg, 2008. Springer-Verlag.
[9]
F. D. Garcia, D. Oswald, T. Kasper, and P. Pavlidès. Lock it and still lose it --- on the (in)security of automotive remote keyless entry systems. In 25th USENIX Security Symposium (USENIX Security 16), Austin, TX, Aug. 2016. USENIX Association.
[10]
S. Gollakota, H. Hassanieh, B. Ransford, D. Katabi, and K. Fu. They Can Hear Your Heartbeats: Non-invasive Security for Implantable Medical Devices. SIGCOMM Comput. Commun. Rev., 41(4):2--13, Aug. 2011.
[11]
T. Halevi and N. Saxena. On pairing constrained wireless devices based on secrecy of auxiliary channels: the case of acoustic eavesdropping. In Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, Illinois, USA, October 4--8, 2010, pages 97--108, 2010.
[12]
D. Halperin, T. S. Heydt-Benjamin, B. Ransford, S. S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W. H. Maisel. Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses. In Proceedings of the 29th Annual IEEE Symposium on Security and Privacy, pages 129--142, May 2008.
[13]
X. Hei, X. Du, J. Wu, and F. Hu. Defending resource depletion attacks on implantable medical devices. In Global Telecommunications Conference (GLOBECOM 2010), 2010 IEEE, pages 1--5, Dec 2010.
[14]
P. Koopman and T. Chakravarty. Cyclic redundancy code (crc) polynomial selection for embedded networks. In Dependable Systems and Networks, 2004 International Conference on, pages 145--154, June 2004.
[15]
E. Marin, E. Argones Rúa, D. Singelée, and B. Preneel. A survey on physiological-signal-based security for medical devices. Cryptology ePrint Archive, Report 2016/188, 2016. http://eprint.iacr.org/.
[16]
E. Marin, D. Singelée, B. Yang, I. Verbauwhede, and B. Preneel. On the feasibility of cryptography for a wireless insulin pump system. In Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy, CODASPY '16, pages 113--120, New York, NY, USA, 2016. ACM.
[17]
J. Proakis and M. Salehi. Digital Communications. McGraw-Hill higher education. McGraw-Hill Education, 2007.
[18]
K. B. Rasmussen, C. Castelluccia, T. S. Heydt-Benjamin, and S. Capkun. Proximity-based access control for implantable medical devices. In Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS '09, pages 410--419, New York, NY, USA, 2009. ACM.
[19]
M. Rostami, W. Burleson, F. Koushanfar, and A. Juels. Balancing security and utility in medical devices? In The 50th Annual Design Automation Conference 2013, DAC '13, Austin, TX, USA, May 29 - June 07, 2013, pages 13:1--13:6, 2013.
[20]
M. Rostami, A. Juels, and F. Koushanfar. Heart-to-heart (H2H): authentication for implanted medical devices. In 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS'13, Berlin, Germany, November 4--8, 2013 {20}, pages 1099--1112.
[21]
N. O. Tippenhauer, L. Malisa, A. Ranganathan, and S. Capkun. On limitations of friendly jamming for confidentiality. In Security and Privacy (SP), 2013 IEEE Symposium on, pages 160--173, May 2013.
[22]
F. Xu, Z. Qin, C. C. Tan, B. Wang, and Q. Li. Imdguard: Securing implantable medical devices with the external wearable guardian. In INFOCOM 2011. 30th IEEE International Conference on Computer Communications, Joint Conference of the IEEE Computer and Communications Societies, 10-15 April 2011, Shanghai, China, pages 1862--1870, 2011.

Cited By

View all
  • (2024)OOBKey: Key Exchange with Implantable Medical Devices Using Out-Of-Band ChannelsProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3670876(1-13)Online publication date: 30-Jul-2024
  • (2024)Security Issues in Special-Purpose Digital Radio Communication Systems: A Systematic ReviewIEEE Access10.1109/ACCESS.2024.342009112(91101-91126)Online publication date: 2024
  • (2024)Enhancing the Reliability of Closed-Loop Medical Systems with Real-Time Biosignal ModelingJournal of Hardware and Systems Security10.1007/s41635-023-00140-48:1(12-24)Online publication date: 4-Jan-2024
  • Show More Cited By

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences
ACSAC '16: Proceedings of the 32nd Annual Conference on Computer Security Applications
December 2016
614 pages
ISBN:9781450347716
DOI:10.1145/2991079
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

  • ACSA: Applied Computing Security Assoc

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 December 2016

Permissions

Request permissions for this article.

Check for updates

Qualifiers

  • Research-article

Conference

ACSAC '16
Sponsor:
  • ACSA
ACSAC '16: 2016 Annual Computer Security Applications Conference
December 5 - 8, 2016
California, Los Angeles, USA

Acceptance Rates

Overall Acceptance Rate 104 of 497 submissions, 21%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)61
  • Downloads (Last 6 weeks)4
Reflects downloads up to 21 Dec 2024

Other Metrics

Citations

Cited By

View all
  • (2024)OOBKey: Key Exchange with Implantable Medical Devices Using Out-Of-Band ChannelsProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3670876(1-13)Online publication date: 30-Jul-2024
  • (2024)Security Issues in Special-Purpose Digital Radio Communication Systems: A Systematic ReviewIEEE Access10.1109/ACCESS.2024.342009112(91101-91126)Online publication date: 2024
  • (2024)Enhancing the Reliability of Closed-Loop Medical Systems with Real-Time Biosignal ModelingJournal of Hardware and Systems Security10.1007/s41635-023-00140-48:1(12-24)Online publication date: 4-Jan-2024
  • (2024)Guarding the Beats by Defending Resource Depletion Attacks on Implantable Cardioverter DefibrillatorsProceedings of the Tenth International Conference on Mathematics and Computing10.1007/978-981-97-2069-9_17(231-243)Online publication date: 30-Jun-2024
  • (2023)H2K: A Heartbeat-Based Key Generation Framework for ECG and PPG SignalsIEEE Transactions on Mobile Computing10.1109/TMC.2021.309638422:2(923-934)Online publication date: 1-Feb-2023
  • (2023)Attacks on Continuous Chaos Communication and Remedies for Resource Limited Devices2023 24th International Symposium on Quality Electronic Design (ISQED)10.1109/ISQED57927.2023.10129355(1-8)Online publication date: 5-Apr-2023
  • (2023)Data Security in Healthcare: Enhancing the Safety of Data with CyberSecurity2023 8th International Conference on Communication and Electronics Systems (ICCES)10.1109/ICCES57224.2023.10192596(1779-1783)Online publication date: 1-Jun-2023
  • (2023)IoMT Applications Perspectives: From Opportunities and Security Challenges to Cyber-Risk ManagementDecision Making and Security Risk Management for IoT Environments10.1007/978-3-031-47590-0_2(21-37)Online publication date: 10-Oct-2023
  • (2023)FAMID: False Alarms Mitigation in IoMT DevicesInternet of Things. Advances in Information and Communication Technology10.1007/978-3-031-45878-1_14(199-217)Online publication date: 26-Oct-2023
  • (2023)Security Analysis of the Internet of Medical Things (IoMT): Case Study of the Pacemaker EcosystemBiomedical Engineering Systems and Technologies10.1007/978-3-031-38854-5_5(73-96)Online publication date: 23-Jul-2023
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media