Affiliation:
1. University of New Brunswick, Fredericton, Canada
2. Cybersecurity Research Centre, Siemens Canada, Fredericton, Canada
3. University of Saskatchewan, Saskatoon, SK, Canada
Abstract
The growth of IoT technology, increasing prevalence of embedded devices, and advancements in biomedical technology have led to the emergence of numerous wearable health monitoring devices (WHMDs) in clinical settings and in the community. The majority of these devices are Bluetooth Low Energy (BLE) enabled. Though the advantages offered by BLE-enabled WHMDs in tracking, diagnosing, and intervening with patients are substantial, the risk of cyberattacks on these devices is likely to increase with device complexity and new communication protocols. Furthermore, vendors face risk and financial tradeoffs between speed to market and ensuring device security in all situations. Previous research has explored the security and privacy of such devices by manually testing popular BLE-enabled WHMDs in the market and generally discussed categories of possible attacks, while mostly focused on IP devices. In this work, we propose a new semi-automated framework that can be used to identify and discover both known and unknown vulnerabilities in WHMDs. To demonstrate its implementation, we validate it with a number of commercially available BLE-enabled enabled wearable devices. Our results show that the devices are vulnerable to a number of attacks, including eavesdropping, data manipulation, and denial of service attacks. The proposed framework could therefore be used to evaluate potential devices before adoption into a secure network or, ideally, during the design and implementation of new devices.
Publisher
Association for Computing Machinery (ACM)
Subject
Computer Networks and Communications
Reference78 articles.
1. 2010. Binwalk. Retrieved November 29 2019 from https://www.refirmlabs.com/binwalk/. 2010. Binwalk. Retrieved November 29 2019 from https://www.refirmlabs.com/binwalk/.
2. John Padgette John Bahr Mayank Batra Marcel Holtmann Rhonda Smithbey Lidong Chen and Karen Scarfone. 2017. Guide to Bluetooth Security NIST Special Publication 800-121 Revision 2. John Padgette John Bahr Mayank Batra Marcel Holtmann Rhonda Smithbey Lidong Chen and Karen Scarfone. 2017. Guide to Bluetooth Security NIST Special Publication 800-121 Revision 2.
3. 2019. Bluetooth Core Specification ver. 5.1 Bluetooth SIG. Retrieved from https://www.bluetooth.com/bluetooth-resources/bluetooth-core-specification-v5-1-feature-overview/. 2019. Bluetooth Core Specification ver. 5.1 Bluetooth SIG. Retrieved from https://www.bluetooth.com/bluetooth-resources/bluetooth-core-specification-v5-1-feature-overview/.
4. 2019. Bug Reporting Profiles and Logs. Retrieved November 3 2019 from https://developer.apple.com/bug-reporting/profil es-and-logs/?platform=ios. 2019. Bug Reporting Profiles and Logs. Retrieved November 3 2019 from https://developer.apple.com/bug-reporting/profil es-and-logs/?platform=ios.
Cited by
5 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献