• Login
    View Item 
    •   Home
    • Theses and Dissertations
    • Theses and Dissertations
    • View Item
    •   Home
    • Theses and Dissertations
    • Theses and Dissertations
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Browse

    All of TUScholarShareCommunitiesDateAuthorsTitlesSubjectsGenresThis CollectionDateAuthorsTitlesSubjectsGenres

    My Account

    LoginRegister

    Help

    AboutPeoplePoliciesHelp for DepositorsData DepositFAQs

    Statistics

    Most Popular ItemsStatistics by CountryMost Popular Authors

    Security Issues and Defense Methods for Wireless Medical Devices

    • CSV
    • RefMan
    • EndNote
    • BibTex
    • RefWorks
    Thumbnail
    Name:
    TETDEDXHei-temple-0225E-11704.pdf
    Size:
    11.84Mb
    Format:
    PDF
    Download
    Genre
    Thesis/Dissertation
    Date
    2014
    Author
    Hei, Xiali
    Advisor
    Du, Xiaojiang
    Lin, Shan
    Committee member
    Wu, Jie, 1961-
    Bai, Li
    Department
    Computer and Information Science
    Subject
    Computer Science
    Computer Engineering
    Access Control
    Access Pattern
    Computer Security
    Infusion Pattern
    Near Field Communication
    Wireless Medical Devices
    Permanent link to this record
    http://hdl.handle.net/20.500.12613/2992
    
    Metadata
    Show full item record
    DOI
    http://dx.doi.org/10.34944/dspace/2974
    Abstract
    This dissertation evaluates the design of several defense schemes for wireless medical devices to address security issues. These schemes are designed to enable efficient and effective access control of wireless medical devices in both non-emergency and emergency situations. In recent years, the range of available wireless medical devices has increased and includes cardiac pacemakers, insulin pump, defibrillators, cochlear implants, neurostimulators, and various drug delivery systems. Unfortunately, most existing wireless medical devices lack sufficient security mechanisms to protect patients from malicious attacks. Thus, with the rise in use of medical implants, security becomes a critical issue as attacks on wireless medical devices may harm patients. Security on wireless medical devices is a relatively new field, which has not been thoroughly researched yet. The authors of a lot of articles have proposed token based, certification based and proximity based schemes to address the issue. However, most of the current solutions have many limitations and cannot be widely applied. Therefore, better solutions are needed. In order to address this issue, we design a novel and multiple-layer access control framework for wireless medical devices. In a low layer level, we utilize bi-channel technology and multi-factor authentication to defend against various attacks at wireless medical devices. Our system utilizes near field communication (NFC) to do device pairing and uses the medical device's wireless radio to perform remote programming. This approach defends against most attacks because our NFC pairing scheme guarantees that the successful communication range between the programmer and wireless medical devices is less than 6cm. When the patient is in a crowded area such as on public transportation, a different person's mobile devices and the patient's medical devices may be located less than 6cm apart; we use the patient's cell phone to detect such an environment. To avoid attacks in crowded areas, we design a scheme to detect such a situation using the patient's cell phone. User involvement is used on non-implantable medical devices (IMDs) and a patient access pattern based access control (PAPAC) scheme is used on IMDs. We also design a response time based scheme to defend against fake patient attacks. Our analyses and experiments show that the protection schemes are efficient and effective. In a high layer level, we design patient infusion pattern based access control (PIPAC) scheme for wireless medical devices. Specifically, insulin pumps are most widely applied wireless medical devices. The pump parameters and doses can be adjusted by anyone with an easily obtained USB device. The hacker can deliver a lethal dose without knowing the device's serial number in advance. To address this issue, we propose a PIPAC for wireless insulin pumps. This scheme employs a supervised learning approach to learn normal patient infusion patterns in terms of the dosage amount, rate, and time of infusion, which are automatically recorded in insulin pump logs. The generated regression models are used to dynamically configure a safe infusion range for abnormal infusion identification. Our proposed algorithms are evaluated with real insulin pump logs used by several patients for up to 6 months. The experimental results demonstrate that our scheme can reliably detect a single overdose attack with a success rate up to 98\% and defend against a chronic overdose attack with a very high success rate. For IMDs in non-emergency case, the PAPAC scheme we design utilizes the patient's IMD access pattern to address resource depletion (RD) attacks. It is a novel support vector machine (SVM) based scheme. This SVM based scheme is very effective at defending against RD attacks. Our experimental results show that the average detection rate is above 90\%. For IMDs in emergency cases, we design a novel biometrics based two-level secure access control scheme that utilizes a patient's biometrics to prevent unauthorized access to the IMD. The scheme consists of two levels: level-one employs a patient's some basic biometrics and is lightweight; level-two uses a patient's customized iris data to achieve effective authentication. The experimental results show that our IMD access control scheme is very effective and has small overhead in terms of battery, CPU and memory. Thus, it is suitable for IMDs. Both the false acceptance rate (FAR) and false rejection rate (FRR) are close to zero with a suitable threshold. Protecting wireless medical devices is a very challenging task due to their extremely limited resource constraints. It is necessary to balance the overhead of security schemes and security requirements. In this dissertation, we will first discuss security vulnerabilities in wireless medical device systems. Then we will present our framework using smart phones and other technologies, such as near field communication based access control. Further, we will describe the detailed design of this framework. Finally, extensive experiments show that our schemes can achieve good performance with small overhead.
    ADA compliance
    For Americans with Disabilities Act (ADA) accommodation, including help with reading this content, please contact scholarshare@temple.edu
    Collections
    Theses and Dissertations

    entitlement

     
    DSpace software (copyright © 2002 - 2023)  DuraSpace
    Temple University Libraries | 1900 N. 13th Street | Philadelphia, PA 19122
    (215) 204-8212 | scholarshare@temple.edu
    Open Repository is a service operated by 
    Atmire NV
     

    Export search results

    The export option will allow you to export the current search results of the entered query to a file. Different formats are available for download. To export the items, click on the button corresponding with the preferred download format.

    By default, clicking on the export buttons will result in a download of the allowed maximum amount of items.

    To select a subset of the search results, click "Selective Export" button and make a selection of the items you want to export. The amount of items that can be exported at once is similarly restricted as the full export.

    After making a selection, click one of the export format buttons. The amount of items that will be exported is indicated in the bubble next to export format.