Abstract
Wireless Medical Networks (WMNs) have always been a vital component for the treatment and management of chronic diseases. However, the data generated by these networks keeps growing and has become a potential target for criminals seeking to capitalise on its sensitivity and value. Wireless networks also happen to be more vulnerable to attacks compared to wired networks. In the event of such attacks, it becomes really difficult to conduct a digital Forensics investigation. This paper investigates and suggests a proactive approach of digital forensics readiness within wireless medical networks by suggesting specialised monitoring and logging mechanisms. The research first identifies threats to wireless medical networks. It then undertakes a trajectory of a systematic review of previously proposed digital forensics frameworks and identifies challenges. Finally, it proposes a conceptual framework for Digital Forensics Readiness (DFR) for wireless medical networks. The paper, therefore, makes a novel contribution to the field of digital forensics. It suggests a more streamlined, robust, and decentralised framework that is partially underpinned by blockchain technology at the evidence management layer. The framework contributes to the enforcement of evidential data integrity whilst also securing wireless medical networks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Albesher A (2019) IoT in health-care: recent advances in the development of smart cyber-physical ubiquitous environments. Available at: https://www.researchgate.net/publication/331642487_IoT_in_Health-care_Recent_Advances_in_the_Development_of_Smart_Cyber-Physical_Ubiquitous_Environments. Last accessed 19 July 2022
Atlam H, Alenezi A, Alassafi A, Wills G (2018) Blockchain with internet of things: benefits, challenges, and future directions. Available at: https://eprints.soton.ac.uk/421529/1/Published_Version.pdf. Last accessed 19 July 2022
Belchior R, Correia M, Vasconcelos A (2019) JusticeChain: using blockchain to protect justice logs. In: Lecture notes in computer science (online) pp 318–325. Available at: https://link.springer.com/chapter/10.1007%2F978-3-030-33246-4_21. Last accessed 19 July 2022
Bhavnani P, Narula J, Sengupta P (2016) Mobile technology and the digitization of healthcare. Eur Heart J 37(18):1428–1438. https://doi.org/10.1093/eurheartj/ehv770
Bsigroup.com (2014) BS 10008 Electronic information management (online) Available at: https://www.bsigroup.com/en-GB/bs-10008-electronic-information-management/. Last accessed 19 July 2022
Burgess M (2020) Hackers are targeting hospitals crippled by coronavirus. Available at https://www.wired.co.uk/article/coronavirus-hackers-cybercrime-phishing. Last accessed 19 July 2022
CDC (2019) About chronic diseases (online) Available at: https://www.cdc.gov/chronicdisease/about/index.htm. Last accessed 19 July 2022
Cabinet Office (2016) Security policy framework (online) GOV.UK. Available at https://www.gov.uk/government/publications/security-policy-framework/hmg-security-policy-framework. Last accessed 19 July 2022
Cellan-Jones R (2020) Coronavirus: England's test and trace programme breaks GDPR data law. The BBC. Available at: https://www.bbc.co.uk/news/technology-53466471. Last accessed 19 July 2022
Cisco (2020) What is a network controller? (online) Available at: https://www.cisco.com/c/en/us/solutions/enterprise-networks/what-is-a-network-controller.html. Last accessed 19 July 2022
Collinsdictionary.com (2019) Definition of scenario (online) Available at: https://www.collinsdictionary.com/dictionary/english/scenario. Last accessed 19 July 2022
Corera G (2020) Coronavirus: US accuses China of hacking coronavirus research. The BBC. Available at: https://www.bbc.co.uk/news/world-us-canada-52656656. Accessed 21 July 2020
Cusack B, Kyaw A (2012) Forensic readiness for wireless medical systems. Available at https://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1107&context=adf. Last accessed 19 July 2022
DWP Forensic Readiness Policy (2018) DWP forensic readiness policy Available at: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/886724/dwp-forensic-readiness-policy.pdf. Last accessed 19 July 2022
Davis J (2019) The 10 biggest healthcare data breaches of 2019, So far. Available at https://healthitsecurity.com/news/the-10-biggest-healthcare-data-breaches-of-2019-so-far. Last accessed 19 July 2022
Ehlinger S (2017) Former employee reportedly steals mental health data on 28,434 Bexar County patients. The San Antonio Express-News. Available at: https://www.expressnews.com/business/local/article/Former-employee-reportedly-steals-mental-health-12405113.php. Last accessed 19 July 2022
Endicott-Popovsky B, Frincke D, Taylor C (2007) A theoretical framework for organizational network forensic readiness. Available at: https://www.researchgate.net/publication/42803345_A_Theoretical_Framework_for_Organizational_Network_Forensic_Readiness. Last accessed 19 July 2022
England.nhs.uk. (no date) NHS England. Interoperability (online) Available at https://www.england.nhs.uk/digitaltechnology/connecteddigitalsystems/interoperability/. Last accessed 19 July 2022
Europa.eu. (2020) CORDIS|European commission (online) Available at: https://cordis.europa.eu/project/id/732907. Last accessed 19 July 2022
Furneaux N (2018) Investigating cryptocurrencies: understanding the technology. Wiley, IN. Last accessed 19 July 2022
Gillum R (2013) From papyrus to the electronic tablet: a brief history of the clinical medical record with lessons for the digital age. https://doi.org/10.1016/j.amjmed.2013.03.024
Halperin D, Heydt-Benjamin T, Ransford B, Clark S, Defend B, Morgan W, Fu K, Kohno T, Maisel W (2008) Pacemakers and implantable cardiac defibrillators: software radio attacks and zero-power defenses. Available at: https://scholarworks.umass.edu/cgi/viewcontent.cgi?referer=https://www.google.com/&httpsredir=1&article=1067&context=cs_faculty_pubs. Last accessed 19 July 2022
Harbawi M, Varol A (2017) An improved digital evidence acquisition model for the Internet of Things forensic I: a theoretical framework. In: 2017 5th international symposium on digital forensic and security (ISDFS). https://doi.org/10.1109/ISDFS.2017.7916508
Hashed Health. (2020). About. (online) Available at: https://hashedhealth.com/about/ (Last accessed: 19 July 2022).
ISACA (2014) Importance of forensic readiness. Available at: https://www.isaca.org/resources/isaca-journal/past-issues/2014/importance-of-forensic-readiness. Last accessed 19 July 2022
Ico.org.uk. (2019) Special category data (online) Available at: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/special-category-data/. Last accessed 19 July 2022
Iso.org. (2020) (online) Available at: https://www.iso.org/obp/ui/#iso:std:iso-iec:27043:ed-1:v1:en. Last accessed 19 July 2022
Karm A (2019) Estonia–the digital republic secured by blockchain estonia -the digital republic secured by blockchain Estonia-the digital republic secured by blockchain PwC 1 (online) Available at: https://www.pwc.com/gx/en/services/legal/tech/assets/estonia-the-digital-republic-secured-by-blockchain.pdf. Last accessed 19 July 2022
Kebande V, Venter H (2014) A cloud forensic readiness model using a botnet as a service. Available at: https://www.researchgate.net/profile/Natalie_Walker4/publication/263617788_Proceedings_of_the_International_Conference_on_Digital_Security_and_Forensics_DigitalSec2014/links/0f31753b5cd085c06a000000/Proceedings-of-the-International-Conference-on-Digital-Security-and-Forensics-DigitalSec2014.pdf#page=25. Last accessed 19 July 2022
Komperda T (2012) Virtualization security [online]. Available at: https://resources.infosecinstitute.com/topic/virtualization-security-2/. Last accessed 19 July 2022
Kumkar V, Tiwari A, Tiwari P, Gupta A, Shrawne S (2012) Vulnerabilities of wireless security protocols (WEP and WPA2). Available at: https://www.researchgate.net/publication/266005431_Vulnerabilities_of_Wireless_Security_protocols_WEP_and_WPA2. Last accessed 19 July 2022
Kyaw A, Cusack B, Lutui R (2019) Digital forensic readiness in wireless medical systems. In: 2019 29th international telecommunication networks and applications conference (ITNAC). Auckland, New Zealand, pp 1–6. https://doi.org/10.1109/ITNAC46935.2019.9078005
Lenk W (2020) Wireless mobile medical devices. Available at: https://sites.tufts.edu/eeseniordesignhandbook/2015/wireless-mobile-medical-devices/. Last accessed 19 July 2022
NHS Digital (2018) Protecting patient data—NHS digital (online) Available at: https://digital.nhs.uk/services/national-data-opt-out/understanding-the-national-data-opt-out/protecting-patient-data. Last accessed 19 July 2022
NHS services hit by cyber-attack (2017) BBC news (online). Available at: https://www.bbc.co.uk/news/health-39899646. Last accessed 19 July 2022
National Cancer Institute. (2011). NCI Dictionary of Cancer Terms. (online) Available at: https://www.cancer.gov/publications/dictionaries/cancer-terms/def/electronic-medical-record. (Last accessed: 19 July 2022)
National Institute of Standards and Technology (2006) Guide to integrating forensic techniques into incident response: publication 800–86. Available at: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-86.pdf. Last accessed 19 July 2022
Neuburger J, Choy W, Milewski K (2020) Smart contracts: best practices. (online) Available at: https://prfirmpwwwcdn0001.azureedge.net/prfirmstgacctpwwwcdncont0001/uploads/dc2c188a1be58c8c9bb8c8babc91bbac.pdf. Last accessed 19 July 2022
Nieles M, Dempsey K, Pillitteri VY (2017) An introduction to information security. Available at: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-12r1.pdf. Last accessed 19 July 2022
OpenLedger Insights (2019) What are consortium blockchains, and what purpose do they serve? (online) Available at: https://openledger.info/insights/consortium-blockchains/. Last accessed 19 July 2022
Park S, Akatyev N, Jang Y, Hwang J, Kim D, Yu W, Shin H, Han C, Kim J (2018) A comparative study on data protection legislations and government standards to implement digital forensic readiness as mandatory requirement. https://doi.org/10.1016/j.diin.2018.01.012
Pourmajidi W, Miranskyy A (2018) Logchain: blockchain-assisted log storage (online) IEEE Xplore. Available at: https://ieeexplore.ieee.org/document/8457918. Last accessed 19 July 2022
Protenus (2021) 2021 breach barometer (online) Available at: https://www.protenus.com/resources/2021-breach-barometer/Last accessed 19 July 2022
Radcliffe J (2011) Hacking medical devices for fun and insulin: breaking the human scada system. Available at: https://cs.uno.edu/~dbilar/BH-US-2011/materials/Radcliffe/BH_US_11_Radcliffe_Hacking_Medical_Devices_WP.pdf. Last accessed 19 July 2022
Rahman N, Glisson W, Yang Y, Choo K (2016) Forensic by-design framework for cyber-physical cloud systems. EEE Cloud Computing 1(3):50–59
Rahman A, Ahmad R, Ramli S (2014) Forensics readiness for Wireless Body Area Network (WBAN) system (online) IEEE Xplore. Available at: https://ieeexplore.ieee.org/document/6778944. Last accessed 19 July 2022
Raju B, Geethakumari G (2016) An advanced forensic readiness model for the cloud environment. In: 2016 international conference on computing, communication and automation (ICCCA). Noida https://doi.org/10.1109/CCAA.2016.7813819.
Rowlingson R (2004) A ten step process for forensic readiness. Available at: https://www.utica.edu/academic/institutes/ecii/publications/articles/A0B13342-B4E0-1F6A-156F501C49CF5F51.pdf. Last accessed 19 July 2022
Ryckaert V (2019) Hackers held patient data ransom, so Greenfield hospital system paid $50,000, The Indianapolis Star. Available at: https://eu.indystar.com/story/news/crime/2018/01/17/hancock-health-paid-50-000-hackers-who-encrypted-patient-files/1040079001/. Last accessed 19 July 2022
SecureW2 (2020) WPA2-enterprise and 802.1x simplified. [online] Available at: https://www.securew2.com/solutions/wpa2-enterprise-and-802-1x-simplified. Last accessed 19 July 2022
Somasundaram R, Thirugnanam M (2020) Review of security challenges in healthcare internet of things. https://doi.org/10.1007/s11276-020-02340-0
Studio Fiorenzi Security & Forensics (2017) GDPR & Forensics Readiness-English (online) Available at: https://www.slideshare.net/AlessandroFiorenzi/gdpr-forensics-readiness-english. Last accessed 19 July 2022
Tan J (2001) Forensic readiness (online) CiteSeer. Available at: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.480.6094&rep=rep1&type=pdf. Accessed 04 Aug 2020
Thompson E (2019) Three ways smart contracts are used in healthcare. Available at: https://uk.finance.yahoo.com/news/three-ways-smart-contracts-used-120013678.html?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAAB2Bc57lNL-hL55sY-VBV-schgWWyDxqgEOx40lhZSWQDfis2VIALKJ-d-AyHK6GEGXHag1SY5Lpr09EQntC-IxsCLTx75ejZz3lsqTMRxxUEBHE-HFHfCcbNsPNsubeQtdYLpU1btexvS7tgTmzPVSC-l-rrTbTDonRC1FNHMSR. Last accessed 19 July 2022
Tian Z, Li M, Qiu M, Sun Y, Su S (2019) Block-DEF: a secure digital evidence framework using blockchain. Information Sciences (online). Available at: https://www.sciencedirect.com/science/article/pii/S002002551930297X?via%3Dihub. Last accessed 19 July 2022
Vidal C, Choo K (2015) ‘The cloud security ecosystem. Available at: https://www.sciencedirect.com/book/9780128015957/the-cloud-security-ecosystem. Last accessed 19 July 2022
Wallace K (2020) Configuring security—wireless networking essential training video tutorial|LinkedIn Learning [online]. Available at: https://www.linkedin.com/learning/wireless-networking-essential-training/configuring-security-2?u=42408908. Accessed 30 March 2021
World Health Organisation (2011) mHealth, New horizons for health through mobile technologies. Available at: https://apps.who.int/iris/handle/10665/44607. Last accessed 19 July 2022
Zheng Z, Xie S, Dai H, Chen X, Wang H (2017) An overview of blockchain technology: architecture, consensus, and future trends. In: 2017 IEEE international congress on big data (BigData Congress). (online) Available at: https://ieeexplore.ieee.org/document/8029379. Last accessed 19 July 2022
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Mpungu, C., George, C., Mapp, G. (2023). Developing a Novel Digital Forensics Readiness Framework for Wireless Medical Networks Using Specialised Logging. In: Jahankhani, H. (eds) Cybersecurity in the Age of Smart Societies. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-031-20160-8_12
Download citation
DOI: https://doi.org/10.1007/978-3-031-20160-8_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-20159-2
Online ISBN: 978-3-031-20160-8
eBook Packages: Computer ScienceComputer Science (R0)