Presentation is loading. Please wait.

Presentation is loading. Please wait.

Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Authors: Daniel Halperin, Thomas S. Heydt-Benjamin, Benjamin.

Published byAlbert Cox Modified over 9 years ago

Similar presentations

Presentation on theme: "Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Authors: Daniel Halperin, Thomas S. Heydt-Benjamin, Benjamin."— Presentation transcript:

1 Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Authors: Daniel Halperin, Thomas S. Heydt-Benjamin, Benjamin Ransford, Shane S. Clark, Benessa Defend, Will Morgan, Kevin Fu, Tadayoshi Kohno, William H. Maisel Presenter: Raghu Rangan

2 Implantable Medical Device Can control heart rate, deliver medication, etc. Sophisticated devices with radios But are they secure? What Are IMDs?

3 Implantable Cardiac Devices Radio-enabled, wirelessly programmable Pacemaking, defibrillation (steady shocks vs. single large shock) Communicates with a device programmer ICDs

4 Commercial ICD programmer Passive RF listener Active RF attacker Adversaries

5 Most research has focused on preventing unintentional failures RC5 on WISP Work using software radios to receive transmissions from commercial wireless protocols Related Work

6 Device programmers can be used directly Programmers can read all ICD information, change all settings No technological controls to ensure authorized use Insider Attack

7 Black box: watch communication between ICD and programmer Done using inexpensive components:  Oscilloscope  Universal Software Radio Peripheral  Software: GNU Radio, Perl, Matlab Cost: less than $1000 Reverse Engineering

8 Patient data transmitted cleartext Challenge: modulation, encoding  Not so difficult, standard schemes are used. Name, birth date, ID number, patient history, diagnosis, treating physician... Passive Monitoring

9 In order to eavesdrop, need to establish timeline for bidirectional comms between ICD and programmer Do not need to decipher transmissions, can infer meanings and some content Transaction Timeline

10 Eavesdropping Setup

11 Replay attacks–attacker needs little knowledge Trigger information disclosure Change patient name, ICD clock Change therapies  Can disable functions  Quitely change device state Induce fibrillation  Patient safety at risk Active Attack: Replay

12 Presence of strong magnet makes ICD transmit telemetry data Can also be triggered without magnet Radio use might run out battery faster DoS could be quite dangerous–replacing the battery requires surgery Active Attack: Denial of Service

13 Prevent attacks from insiders and outsiders Draw no power from primary battery Security events should be detectable by patient Defense Goals

14 Use RFID tag (WISPer) to guard ICD communication WISPer harvests power from reader, can perform computations Three applications:  Notification  Authentication  Sensible key exchange Zero Power Defense

15

16 When WISPer is activated, beep via piezoelectric speaker After beep, notify ICD it can start using radio Patient aware when ICD is being programmed Can be deterrent for attacker Notification

17 Challenge/response protocol using RC5 Only if authentication is successful will ICD be told to activate No power is used until authentication succeeds. Authentication

18 Use audio as a channel for crypto key exchange Modulate sound wave using same scheme as radio Audible to patient, hard to hear at a distance Also uses no power Key Exchange

19 Still many open problems: key management, failure modes Security problems can have life-threatening consequences IMDs should be treated as what they are computers Conclusion and Future Work

20 Questions/Comments/Discussion

Download ppt "Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Authors: Daniel Halperin, Thomas S. Heydt-Benjamin, Benjamin."

Similar presentations

NFC Security What is NFC? NFC Possible Security Attacks. NFC Security Attacks Countermeasures. Conclusion. References.

NFC Security What is NFC? NFC Possible Security Attacks. NFC Security Attacks Countermeasures. Conclusion. References.
Denial of Service in Sensor Networks Szymon Olesiak.

Denial of Service in Sensor Networks Szymon Olesiak.
SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks 0 Fall 2014 Presenter: Kun Sun, Ph.D. Michael Rushanan*, Denis Foo Kune,

SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks 0 Fall 2014 Presenter: Kun Sun, Ph.D. Michael Rushanan*, Denis Foo Kune,
Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig Carnegie Mellon University Message-In-a-Bottle: User-Friendly and Secure Cryptographic Key Deployment.

Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig Carnegie Mellon University Message-In-a-Bottle: User-Friendly and Secure Cryptographic Key Deployment.
1 FCC RFID Workshop RFID Discussions September 7, 2004 Kevin Powell, Symbol Technologies.

1 FCC RFID Workshop RFID Discussions September 7, 2004 Kevin Powell, Symbol Technologies.
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.

CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Daniel E. Holcomb, Wayne P. Burleson and Kevin Fu

Daniel E. Holcomb, Wayne P. Burleson and Kevin Fu
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
ITEC 810 Overview of Micropayment Technology

ITEC 810 Overview of Micropayment Technology
Implantable Cardioverter Defibrillator Rebecca Boduch Biomedical Engineering University of Rhode Island.

Implantable Cardioverter Defibrillator Rebecca Boduch Biomedical Engineering University of Rhode Island.
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Zac Chupka Jeff Signore.

Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Zac Chupka Jeff Signore.
Pacemakers and Implanted Defibrillators Mike Harlan.

Pacemakers and Implanted Defibrillators Mike Harlan.
Chip tag A radio-frequency identification system uses tags readers send a signal to the tag and read its response RFID tags can be either passive active.

Chip tag A radio-frequency identification system uses tags readers send a signal to the tag and read its response RFID tags can be either passive active.
Radio Frequency Identification By Bhagyesh Lodha Vinit Mahedia Vishnu Saran Mitesh Bhawsar.

Radio Frequency Identification By Bhagyesh Lodha Vinit Mahedia Vishnu Saran Mitesh Bhawsar.
Neighborhood Watch: Security and Privacy Analysis of Automatic Meter Reading Systems Ishtiaq Rouf, Hossen Mustafa Rob Miller Marco Grutese Presented By.

Neighborhood Watch: Security and Privacy Analysis of Automatic Meter Reading Systems Ishtiaq Rouf, Hossen Mustafa Rob Miller Marco Grutese Presented By.
A Quantitative Analysis of the Insecurity of Embedded Network Devices: Results of a Wide-Area Scan Ang Cui and Salvatore J. Stolfo Department of Computer.

A Quantitative Analysis of the Insecurity of Embedded Network Devices: Results of a Wide-Area Scan Ang Cui and Salvatore J. Stolfo Department of Computer.

Similar presentations

Ads by Google