Abstract
In this chapter, we build a detector for identifying sensor-hijacking attacks that alter sensor readings in a Wearable Medical Internet of Things (WMIoT). A sensor-hijacking attack targets medical devices in a WMIoT and makes them generate arbitrary user health state information. A sensor-hijacking attack is very dangerous because it can be mounted stealthily on unsuspecting WMIoT users. We focus on sensor-hijacking attack on one of the most commonly collected vital signs from a person, the electrocardiogram (ECG) sensor. Using sensor-hijacking attack to alter ECG measurements can have profound consequences for the user, as an adversary can easily make a person who is experiencing cardiac arrhythmia appear to be normal and thus cause immediate or long-term harm to their health. To detect sensor-hijacking-based alterations of the ECG measurements, our approach leverages the idea that multiple physiological signals based on the same underlying physiological process (e.g., cardiac process) are inherently related to each other, i.e., have common features. Any surreptitious alteration of one of the signals will not be reflected in the other reference signal (s) in the group. We describe an ECG alteration detector that uses arterial blood pressure (ABP) measurements as reference. The advantages of using a distinct reference signals are: (1) It does not require redundant ECG sensors to operate, (2) it adapts to the changing physiology of the user and does not depend on historical trends, and (3) it does not require instrumentation on other hardware modifications of the devices to work. In this work, we describe a temporal ECG alteration detector. Analysis of our detector shows promising results with over \(\sim \)97% accuracy in detecting even subtle ECG alterations for both healthy users and those with cardiac conditions, within 5 s of the occurrence of the sensor-hijacking attack.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
In addition, attacks on pacemakers and insulin pumps also affect their actuation capabilities; however, we do not focus on such attacks in this work. That being said, in this work, we are detecting a more upstream attack, which will itself reduce the overall chances of incorrect actuation, assuming the actuation element is not directly attacked.
References
Abnormal EKGs and Corresponding Arterial Waveforms. http://www.dynapulse.com/educator/WebCurriculum/Chapter%203/Abnormal%20EKG%20and%20Waveform.htm
Advisory (ICSA-15-090-03), Hospira MedNet Vulnerabilities. https://ics-cert.us-cert.gov/advisories/ICSA-15-090-03
Apple Watch. https://www.apple.com/watch/
Avery Dennison: Metria. http://www.averydennison.com/en/home/technologies/creative-showcase/metria-wearable-sensor.html
CardioMEMS. http://www.sjm.com/cardiomems
The clearsight system. http://www.edwards.com/eu/products/mininvasive/pages/clearsightsystem.aspx
Empatica. http://www.empatica.com
Empatica E4 Writstband. https://www.empatica.com/e4-wristband/
Fitbit. http://www.fitbit.com
HIPAA security and privacy rule. https://www.hhs.gov/hipaa/for-professionals/security/laws-regulations/index.html
Jawbone. http://www.jawbone.com
Pancreum: The Wearable Artificial Pancreas Company. http://pancreum.com/
Wearable Biosensor for Diabetics: Nanotech News. http://anewdomain.net/2012/10/01/diabetes-patients-biosensor/
Baselli, G., Cerutti, S., Civardi, S., Liberati, D., Lombardi, F., Malliani, A., Pagani, M.: Spectral and cross-spectral analysis of heart rate and arterial blood pressure variability signals. Comput. Biomed. Res. 19(6), 520–534 (1986)
BioHarness BT: http://www.zephyr-technology.com/wp-content/uploads/2012/01/ZEPHYR-GOES-STRAPLESS-AT-2012-CES.pdf
Brown, N., Patel, N., Plenefisch, P., Moghimi, A., Eisenbarth, T., Shue, C., Venkatasubramanian, K.K.: Scream: Sensory channel remote execution attack methods. In: Usenix Security Symposium (2016)
Cai, H., Venkatasubramanian, K.K.: Detecting malicious temporal alterations of ECG signals in body sensor networks. In: Network and System Security, pp. 531–539. Springer (2015)
Cai, H., Venkatasubramanian, K.K.: Poster: Detecting malicious morphological alterations of ECG signals in body sensor networks. In: ACM/IEEE International Conference on Information Processing in Sensor Networking (2015)
Cai, H., Venkatasubramanian, K.K.: Detecting signal injection attack-based morphological alterations of ecg measurements. In: 2016 International Conference on Distributed Computing in Sensor Systems (DCOSS), pp. 127–135. IEEE (2016)
Cai, H., Yun, T., Hester, J., Venkatasubramanian, K.K.: Deploying data-driven security solutions on resource-constrained wearable iot systems. In: 2017 IEEE 37th International Conference on Distributed Computing Systems Workshops (ICDCSW), pp. 199–204 (2017)
Clark, S.S., Ransford, B., Rahmati, A., Guineau, S., Sorber, J., Xu, W., Fu, K.: WattsUpDoc: Power side channels to nonintrusively discover untargeted malware on embedded medical devices. In: USENIX Workshop on Health Information Technologies (2013). https://spqr.eecs.umich.edu/papers/clark-healthtech13.pdf
Dan Goodlin: Insulin pump hack delivers fatal dosage over the air. (2011). http://www.theregister.co.uk/2011/10/27/fatal_insulin_pump_attack/
Dean, R.N., Castro, S.T., Flowers, G.T., Roth, G., Ahmed, A., Hodel, A.S., Grantham, B.E., Bittle, D.A., Brunsch, J.P.: A characterization of the performance of a mems gyroscope in acoustically harsh environments. IEEE Trans. Ind. Electron. 58(7), 2591–2596 (2011)
Dean, R.N., Flowers, G.T., Hodel, A.S., Roth, G., Castro, S., Zhou, R., Moreira, A., Ahmed, A., Rifki, R., Grantham, B.E., Bittle, D., Brunsch, J.: On the degradation of mems gyroscope performance in the presence of high power acoustic noise. In: 2007 IEEE International Symposium on Industrial Electronics, pp. 1435–1440 (2007)
Duk-Jin, K., Prabhakaran, B.: Motion fault detection and isolation in body sensor networks. Pervasive Mobile Comput. 7(6), 727–745 (2011)
Foo Kune, D., Backes, J., Clark, S.S., Kramer, D.B., Reynolds, M.R., Fu, K., Kim, Y., Xu, W.: Ghost Talk: Mitigating EMI signal injection attacks against analog sensors. In: Proceedings of the 34th Annual IEEE Symposium on Security and Privacy (2013). https://spqr.eecs.umich.edu/papers/fookune-emi-oakland13.pdf
Galzarano, S., Fortino, G., Liotta, A.: Embedded self-healing layer for detecting and recovering sensor faults in body sensor networks. In: 2012 IEEE International Conference on Systems, Man, and Cybernetics, pp. 2377–2382 (2012)
Goldberger, A.L., Amaral, L.A.N., Glass, L., Hausdorff, J.M., Ivanov, P.C., Mark, R.G., Mietus, J.E., Moody, G.B., Peng, C.K., Stanley, H.E.: Physiobank, physiotoolkit, and physionet: components of a new research resource for complex physiologic signals. Circulation 101(23), e215–e220 (2000)
Halperin, D., Kohno, T., Heydt-Benjamin, T., Fu, K., Maisel, W.: Security and privacy for implantable medical devices. IEEE Pervasive Comput. 7(1), 30–39 (2008)
Helo L.X.: http://helosmartwristband.com/helo-lx/
Hester, J., Peters, T., Yun, T., Peterson, R., Skinner, J., Golla, B., Storer, K., Hearndon, S., Freeman, K., Lord, S., Halter, R., Kotz, D., Sorber, J.: Amulet: An energy-efficient, multi-application wearable platform. In: Proceedings of the 14th ACM Conference on Embedded Network Sensor Systems CD-ROM, SenSys ’16, pp. 216–229 (2016)
Kantchelian, A., Afroz, S., Huang, L., Islam, A.C., Miller, B., Tschantz, M.C., Greenstadt, R., Joseph, A.D., Tygar, J.D.: Approaches to adversarial drift. In: Proceedings of the 2013 ACM Workshop on Artificial Intelligence and Security, AISec ’13, pp. 99–110 (2013)
Kim, D.J., Suk, M.H., Prabhakaran, B.: Fault detection and isolation in motion monitoring system. In: 2012 Annual International Conference of the IEEE on Engineering in Medicine and Biology Society (EMBC), pp. 5234–5237. IEEE (2012)
Li, C., Raghunathan, A., Jha, N.: Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system. In: 13th IEEE International Conference on e-Health Networking Applications and Services (Healthcom), pp. 150 –156 (2011)
Lucian Constantin: Authentication bypass bug exposes Foscam webcams to unauthorized access. http://www.pcworld.com/article/2091180/authentication-bypass-bug-exposes-foscam-webcams-to-unauthorized-access.html
Mahapatro, A., Khilar, P.M.: Fault diagnosis in body sensor networks. Int. J. Comput. Inf. Syst. Ind. Manag. Appl. 5, 252–259 (2013)
Malik, M., Bigger, J.T., Camm, A.J., Kleiger, R.E., Malliani, A., Moss, A.J., Schwartz, P.J.: Heart rate variability standards of measurement, physiological interpretation, and clinical use. Eur. Heart J. 17(3), 354–381 (1996)
Mather, M.: Fact sheet: Aging in the United States. (2016). http://www.prb.org/Publications/Media-Guides/2016/aging-unitedstates-fact-sheet.aspx
McSharry, P.E., Clifford, G.D., Tarassenko, L., Smith, L.A.: A dynamical model for generating synthetic electrocardiogram signals. IEEE Biomed. Eng. Trans. 50(3), 289–294 (2003)
Park, Y., Son, Y., Shin, H., Kim, D., Kim, Y.: This ain’t your dose: Sensor spoofing attack on medical infusion pump. In: 10th USENIX Workshop on Offensive Technologies (WOOT 16). USENIX Association, Austin, TX (2016). https://www.usenix.org/conference/woot16/workshop-program/presentation/park
Ribeiro, D.M.D., Colunas, M.F.M., Marques, F.A.F., Fernandes, J.M., Cunha, J.P.S.: A real time, wearable ecg and continous blood pressure monitoring system for first responders. In: 2011 Annual International Conference of the IEEE Engineering in Medicine and Biology Society, pp. 6894–6898 (2011)
Sagha, H., del R Millan, J., Chavarriaga, R.: Detecting and rectifying anomalies in body sensor networks. In: 2011 International Conference on Body Sensor Networks, pp. 162–167 (2011)
Saria, S.: A $3 trillion challenge to computational scientists: transforming healthcare delivery. IEEE Intell. Syst. 29(4), 82–87 (2014)
Shin, H., Son, Y., Park, Y., Kwon, Y., Kim, Y.: Sampling race: bypassing timing-based analog active sensor spoofing detection on analog-digital systems. In: 10th USENIX Workshop on Offensive Technologies (WOOT 16). USENIX Association, Austin, TX (2016). https://www.usenix.org/conference/woot16/workshop-program/presentation/shin
Sotera Wireless: http://www.soterawireless.com/visi-mobile/
Uluagac, A., Subramanian, V., Beyah, R.: Sensory channel threats to cyber physical systems: A wake-up call. In: 2014 IEEE Conference on Communications and Network Security (CNS), pp. 301–309 (2014)
Velez, D.R., White, B.C., Motsinger, A.A., Bush, W.S., Ritchie, M.D., Williams, S.M., Moore, J.H.: A balanced accuracy function for epistasis modeling in imbalanced datasets using multifactor dimensionality reduction. Genet. epidemiol. 31(4), 306–315 (2007)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer International Publishing AG, part of Springer Nature
About this chapter
Cite this chapter
Cai, H., Venkatasubramanian, K.K. (2019). Data-Driven Detection of Sensor-Hijacking Attacks on Electrocardiogram Sensors. In: Ammari, H. (eds) Mission-Oriented Sensor Networks and Systems: Art and Science. Studies in Systems, Decision and Control, vol 163. Springer, Cham. https://doi.org/10.1007/978-3-319-91146-5_20
Download citation
DOI: https://doi.org/10.1007/978-3-319-91146-5_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-91145-8
Online ISBN: 978-3-319-91146-5
eBook Packages: EngineeringEngineering (R0)