TY - GEN
T1 - Vibration-based secure side channel for medical devices
AU - Kim, Younghyun
AU - Lee, Woo Suk
AU - Raghunathan, Vijay
AU - Jha, Niraj K.
AU - Raghunathan, Anand
N1 - Publisher Copyright:
© 2015 ACM.
PY - 2015/7/24
Y1 - 2015/7/24
N2 - Implantable and wearable medical devices are used for monitoring, diagnosis, and treatment of an ever-increasing range of medical conditions, leading to an improved quality of life for patients. The addition of wireless connectivity to medical devices has enabled post-deployment tuning of therapy and access to device data virtually anytime and anywhere but, at the same time, has led to the emergence of security attacks as a critical concern. While cryptography and secure communication protocols may be used to address most known attacks, the lack of a viable secure connection establishment and key exchange mechanism is a fundamental challenge that needs to be addressed. We propose a vibration-based secure side channel between an external device (medical programmer or smartphone) and a medical device. Vibration is an intrinsically short-range, user-perceptible channel that is suitable for realizing physically secure communication at low energy and size/weight overheads. We identify and address key challenges associated with the vibration channel, and propose a vibration-based wakeup and key exchange scheme, named SecureVibe, that is resistant to battery drain attacks. We analyze the risk of acoustic eavesdropping attacks and propose an acoustic masking countermeasure. We demonstrate and evaluate vibration-based wakeup and key exchange between a smartphone and a prototype medical device in the context of a realistic human body model.
AB - Implantable and wearable medical devices are used for monitoring, diagnosis, and treatment of an ever-increasing range of medical conditions, leading to an improved quality of life for patients. The addition of wireless connectivity to medical devices has enabled post-deployment tuning of therapy and access to device data virtually anytime and anywhere but, at the same time, has led to the emergence of security attacks as a critical concern. While cryptography and secure communication protocols may be used to address most known attacks, the lack of a viable secure connection establishment and key exchange mechanism is a fundamental challenge that needs to be addressed. We propose a vibration-based secure side channel between an external device (medical programmer or smartphone) and a medical device. Vibration is an intrinsically short-range, user-perceptible channel that is suitable for realizing physically secure communication at low energy and size/weight overheads. We identify and address key challenges associated with the vibration channel, and propose a vibration-based wakeup and key exchange scheme, named SecureVibe, that is resistant to battery drain attacks. We analyze the risk of acoustic eavesdropping attacks and propose an acoustic masking countermeasure. We demonstrate and evaluate vibration-based wakeup and key exchange between a smartphone and a prototype medical device in the context of a realistic human body model.
UR - http://www.scopus.com/inward/record.url?scp=84944111542&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84944111542&partnerID=8YFLogxK
U2 - 10.1145/2744769.2744928
DO - 10.1145/2744769.2744928
M3 - Conference contribution
AN - SCOPUS:84944111542
T3 - Proceedings - Design Automation Conference
BT - 2015 52nd ACM/EDAC/IEEE Design Automation Conference, DAC 2015
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 52nd ACM/EDAC/IEEE Design Automation Conference, DAC 2015
Y2 - 8 June 2015 through 12 June 2015
ER -