MedMon: Securing medical devices through wireless monitoring and anomaly detection

Meng Zhang, Anand Raghunathan, Niraj K. Jha

Research output: Contribution to journalArticlepeer-review

119 Scopus citations


Rapid advances in personal healthcare systems based on implantable and wearable medical devices promise to greatly improve the quality of diagnosis and treatment for a range of medical conditions. However, the increasing programmability and wireless connectivity of medical devices also open up opportunities for malicious attackers. Unfortunately, implantable/wearable medical devices come with extreme size and power constraints, and unique usage models, making it infeasible to simply borrow conventional security solutions such as cryptography. We propose a general framework for securing medical devices based on wireless channel monitoring and anomaly detection. Our proposal is based on a medical security monitor (MedMon) that snoops on all the radio-frequency wireless communications to/from medical devices and uses multi-layered anomaly detection to identify potentially malicious transactions. Upon detection of a malicious transaction, MedMon takes appropriate response actions, which could range from passive (notifying the user) to active (jamming the packets so that they do not reach the medical device). A key benefit of MedMon is that it is applicable to existing medical devices that are in use by patients, with no hardware or software modifications to them. Consequently, it also leads to zero power overheads on these devices. We demonstrate the feasibility of our proposal by developing a prototype implementation for an insulin delivery system using off-the-shelf components (USRP software-defined radio). We evaluate its effectiveness under several attack scenarios. Our results show that MedMon can detect virtually all naive attacks and a large fraction of more sophisticated attacks, suggesting that it is an effective approach to enhancing the security of medical devices.

Original languageEnglish (US)
Article number6507636
Pages (from-to)871-881
Number of pages11
JournalIEEE transactions on biomedical circuits and systems
Issue number6
StatePublished - Dec 2013

All Science Journal Classification (ASJC) codes

  • Electrical and Electronic Engineering
  • Biomedical Engineering


  • Anomaly detection
  • medical devices
  • monitor
  • personal healthcare systems
  • security
  • wireless


Dive into the research topics of 'MedMon: Securing medical devices through wireless monitoring and anomaly detection'. Together they form a unique fingerprint.

Cite this