Securing Wireless Medical Implants Shyamnath Gollakota Haitham Hassanieh Benjamin Ransford Dina Katabi Kevin Fu.

Slides:



Advertisements
Similar presentations
One-Size-Fits-All Wireless Video Szymon Jakubczak with Hariharan Rahul and Dina Katabi.
Advertisements

Symbol Level Network Coding By Sachin Katti, Dina Katabi, Hari Balakrishnan, Muriel Medard Sigcomm 2008.
Interference Alignment and Cancellation EE360 Presentation Omid Aryan Shyamnath Gollakota, Samuel David Perli and Dina Katabi MIT CSAIL.
Analog Network Coding Sachin Katti Shyamnath Gollakota and Dina Katabi.
Dr Silvio Cesare Qualys. Introduction  Lots of electronic systems  Converging with computing  IT security techniques can be used.
Secure In-Band Wireless Pairing Shyamnath Gollakota Nabeel Ahmed Nickolai Zeldovich Dina Katabi.
PAUL CUFF ELECTRICAL ENGINEERING PRINCETON UNIVERSITY Causal Secrecy: An Informed Eavesdropper.
Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig Carnegie Mellon University Message-In-a-Bottle: User-Friendly and Secure Cryptographic Key Deployment.
KAIS T Message-In-a-Bottle: User-Friendly and Secure Key Deployment for Sensor Nodes Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig(CMU), Sensys
Physical Layer Security Made Fast and Channel-Independent Shyamnath Gollakota Dina Katabi.
MIMO As a First-Class Citizen in Kate C.-J. Lin Academia Sinica Shyamnath Gollakota and Dina Katabi MIT.
Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Authors: Daniel Halperin, Thomas S. Heydt-Benjamin, Benjamin.
Turbocharging Ambient Backscatter Communication Aaron Parks Angli Liu Shyamnath Gollakota Joshua R. Smith 1.
CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:
Self-Management in Chaotic Wireless Deployments A. Akella, G. Judd, S. Seshan, P. Steenkiste Presentation by: Zhichun Li.
Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
Xiaohua (Edward) Li1 and E. Paul Ratazzi2
A Guide to major network components
Networks Olga Agnew Bryant Likes Daewon Seo.
Computer Networking Devices Seven Different Networking Components.
SourceSync: A Distributed Architecture for Sender Diversity Hariharan Rahul Haitham Hassanieh Dina Katabi.
Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Zac Chupka Jeff Signore.
Data Integrity and Security. Data integrity  data that has a complete or whole structure  a condition in which data has not been altered or destroyed.
Combating Cross-Technology Interference Shyamnath Gollakota Fadel Adib Dina Katabi Srinivasan Seshan.
Overcoming the Antennas-Per-AP Throughput Limit in MIMO Shyamnath Gollakota Samuel David Perli and Dina Katabi.
David Molnar, David Wagner - Authors Eric McCambridge - Presenter.
Computer Networks. Network Connections Ethernet Networks Single wire (or bus) runs to all machines Any computer can send info to another computer Header.
A Quantitative Analysis of the Insecurity of Embedded Network Devices: Results of a Wide-Area Scan Ang Cui and Salvatore J. Stolfo Department of Computer.
Introduction Implantable Medical Devices (IMDs) are vulnerable to exploitation (last paper) Unauthorized data retrieval Malicious commands Millions of.
1 Secure Cooperative MIMO Communications Under Active Compromised Nodes Liang Hong, McKenzie McNeal III, Wei Chen College of Engineering, Technology, and.
KAIS T A lightweight secure protocol for wireless sensor networks 윤주범 ELSEVIER Mar
A Feasible IMD Communication Protocol: Security without Obscurity REU fellow(s):, Jason Wang 1, Keyon Mohebzad 2, Luke Johnson 3, Faculty mentor: N. Sertac.
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.
Network Coding Testbed Jeremy Bergan, Ben Green, Alex Lee.
GZ06 : Mobile and Adaptive Systems A Secure On-Demand Routing Protocol for Ad Hoc Networks Allan HUNT Wandao PUNYAPORN Yong CHENG Tingting OUYANG.
Security in Computing Chapter 12, Cryptography Explained Part 7 Summary created by Kirk Scott 1.
2010 Olin Project Idea Keith Gendreau Jeff Livas
Security and Privacy for Implantable Medical Devices Presented by : Dilip Simha.C.R.
Security Patterns in Wireless Sensor Networks By Y. Serge Joseph October 8 th, 2009 Part I.
Combining Cryptographic Primitives to Prevent Jamming Attacks in Wireless Networks.
Pushing the Limits of Wireless Networks Prof. Dina Katabi Jan 9, 2006.
Omid Abari Hariharan Rahul, Dina Katabi and Mondira Pant
1 A Randomized Space-Time Transmission Scheme for Secret-Key Agreement Xiaohua (Edward) Li 1, Mo Chen 1 and E. Paul Ratazzi 2 1 Department of Electrical.
Decoding Collisions Shyamnath Gollakota Dina Katabi.
They Can Hear Your Heartbeats: Non-Invasive Security for Implantable Medical Devices Shyamnath Gollakota, Haitham Hassanieh, Benjamin Ransford, Dina Katabi,
Chapter 7 – Confidentiality Using Symmetric Encryption.
Wireless Network Security. How Does Wireless Differ? Wireless networks are inherently insecure because data is transmitted over a very insecure medium,
Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero- Power Defenses By: Halperin, Heydt—Benjamin, Ransford, Clark, Defend,
Cross-Layer Approach to Wireless Collisions Dina Katabi.
CIS 325: Data Communications1 Chapter Seventeen Network Security.
A Simple Transmit Diversity Technique for Wireless Communications -M
Chapter 40 Network Security (Access Control, Encryption, Firewalls)
DEEJAM : Defeating Energy-Efficient Jamming in IEEE based Wireless Networks Paper Authors: Anthony D. Wood John A. Stankovic Gang Zhou Presented.
By Chris Zachor CS 650.  Introduction  SSH Overview  Scenarios  How To:  Results  Conclusion.
Network Security Celia Li Computer Science and Engineering York University.
1 Space-Time Transmissions for Wireless Secret-Key Agreement with Information-Theoretic Secrecy Xiaohua (Edward) Li 1, Mo Chen 1 and E. Paul Ratazzi 2.
Pouya Ostovari and Jie Wu Computer & Information Sciences
The Importance of Being Opportunistic Sachin Katti Dina Katabi, Wenjun Hu, Hariharan Rahul, and Muriel Medard.
Fundamentals of Communications. Communication System Transmitter: originates the signal Receiver: receives transmitted signal after it travels over the.
Quantum Cryptography Arjun Vinod S3 EC Roll No:17.
Securing Wireless Medical Implants
By Wonhong Jeon, CPS Lab, DGIST.
Mobile ad hoc networking: imperatives and challenges
Achieving Single Channel, Full Duplex Wireless Communication
CSMA/CN: Carrier Sense Multiple Access with Collision Notification
Decoding Collisions Shyamnath Gollakota Dina Katabi.
They Can Hear Your Heartbeats: Non-Invasive Security for Implantable Medical Devices Shyamnath Gollakota, Haitham Hassanieh, Benjamin Ransford, Dina Katabi,
Ghostbuster: Detecting the Presence of Hidden Eavesdroppers
Presentation transcript:

Securing Wireless Medical Implants Shyamnath Gollakota Haitham Hassanieh Benjamin Ransford Dina Katabi Kevin Fu

Modern Implants Have Wireless Cardiac Defibrillators Neurostimulators Cochlear Implants

Easier communication with implant Remote monitoring Benefits of Wireless

Easier communication with implant Remote monitoring  Reduces hospital visits by 40% and cost per visit by $1800 [Journal of the American College of Cardiology, 2011] What about security? Benefits of Wireless

1) Passive attack: Eavesdrop on private data Patient diagnosis, vital signs 2) Active attack: Send unauthorized commands Turn off therapies, Security Attacks [Halperin’08] demonstrated attacks using software radios deliver electric shock

How Do We Protect Against Such Attacks? Cryptography?

Problems with Adding Cryptography on Implants In emergencies, patient may be taken to a foreign hospital where doctors don’t have the secret key Millions of patients already have implants with no crypto; would require surgery to replace

Ideally, secure implants without modifying them

Delegate security to an external device In emergencies, doctor turns external device off Helps people who already have implants In emergencies, doctor turns external device off Helps people who already have implants

Wireless Device Solution Idea

Shield Protects from Active Attacks

Shield jams unauthorized commands Turn off therapy  Implants can’t decode or react to command Shield Protects from Active Attacks Implant ID Shield listens on medium Implant protected from active attacks

But How to Protect from Passive Attacks? Simply jamming prevents everyone from getting data! How can we prevent eavesdropper from getting data while delivering data to doctor? Analog one-time pad Naïve Sol: Shield jams implant tx so attacker can’t decode

Only a node that has the key can decrypt Key Message Encryption Classic Approach: One-Time Pad Encrypted Message = Message Encrypted Message Key = Decryption

Channel sums implant’s signal with shield’s random signal Implant’s signal shield jams Random Sum Eavesdropper doesn’t know jamming signal  can’t decode Shield knows the jamming signal  subtracts it  decodes implant’s transmission Protect from Passive Attacks: Analog One-Time Pad Jamming signal acts like the key in one-time pad

Traditional System Putting it together

Our System Putting it together Doctor configures the shield with a secret key  Shield acts as proxy Use encryption Shield encrypts the implant data and forwards it to doctor

First system that secures wireless implants without modifying them Design that simultaneously jams and decodes medical implant transmissions Implemented and evaluated using commercial cardiac defibrillators  Effective at protecting the implants Contributions

Need radio that transmits and receives simultaneously, i.e., a full-duplex radio Jams the implant’s signal Decodes the implant’s signal Shield simultaneously:

Medical implant work at 400 MHz tx1 rx tx2 d How to Design Full-Duplex for Medical Implants? Cancel out Mobicom’2010 wavelength 2 d + wavelength 2 d + ≈ 40 cm wavelength 2 Too large for portable devices

rx tx2 Jamming signal Antidote tx1 tx2 rx Full-Duplex Without Antenna Separation Shield Antidote signal cancels out jamming signal Shield can simultaneously jam and receive Design is small and portable Shield can simultaneously jam and receive Design is small and portable

Reduce signal power by 100 million times Requires highly linear components Expensive Can we build shield with significantly less cancellation? 30–40 dB is sufficient! But, Full-Duplex Needs 60–80 dB Cancellation

Decode Implant’s signal FSK signal Implant signal has a 10 dB SNR 50% bit error rate Jamming power / Implant power (in dB) Shield Requirements Jam eavesdropper

Decode Implant’s signal FSK signal Implant signal has a 10 dB SNR 50% bit error rate Jamming power 20 dB higher than implant’s power Jamming power / Implant power (in dB) Shield Requirements Jam eavesdropper

Time 20 dB 10 dB Shield Requirements Decode Implant’s signal FSK signal Implant signal has a 10 dB SNR 50% bit error rate Jamming power 20 dB higher than implant’s power Cancel 30 dB Jam eavesdropper Shield requires only 30 dB cancellation

Empirical Results

Medtronic cardiac implants Medtronic programmer Implement attacker and shield on USRP2s Simulate human implantation: bacon & beef Evaluation

20-location test bed Fix locations of implant and shield Node at every other location acts as adversary Testbed 30 m 20cm

Passive Attacks Eavesdrop on private data Decode implant’s transmissions Use optimal FSK decoder

Attacker Bit Error Rate Can Eavesdropper do Better Than Random Guess?

Attacker Bit Error Rate

Can Eavesdropper do Better Than Random Guess? Attacker Bit Error Rate Independent of location, eavesdropper can do no better than a random guess

Packet Loss at Shield Can Shield Decode Implant’s Messages?

Packet Loss at Shield Can Shield Decode Implant’s Messages? Shield can reliably decode the implant’s messages, despite jamming Shield can reliably decode the implant’s messages, despite jamming Average loss rate 0.002

Active Attacks Attacker sends “change therapy” Shield jams Read implant to check if therapy has changed Send unauthorized commands

Off-the-shelf implant programmers  Same power as our shield Customized hardware  100 times the power of our shield Two Types of Active Attacks

Can Shield Protect Against Unauthorized Programmers? Attacker location #

Without Shield With Shield Can Shield Protect Against Unauthorized Programmers? Attacker location #

Can Shield Protect Against Unauthorized Programmers? Any attack successful No attack successful

Can Shield Protect Against Unauthorized Programmers? Any attack successful No attack successful Without the Shield 14 m

Can Shield Protect Against Unauthorized Programmers? Any attack successful No attack successful With the Shield 20 cm Independent of the location, shield protects from unauthorized programmers

Can Shield Protect Against High-Power Attacks? Any attack successful No attack successful

Can Shield Protect Against High-Power Attacks? Any attack successful No attack successful Without the Shield 27 m

Can Shield Protect Against High-Power Attacks? Any attack successful No attack successful With the Shield Shield forces the attacker to get closer  raises the bar Shield forces the attacker to get closer  raises the bar Intrinsic limitation of jamming

Can Shield Protect Against High-Power Attacks? Any attack successful No attack successful With the Shield Can we do better? Can always detect high-power attacks  Raise alarm and inform doctor or patient Can always detect high-power attacks  Raise alarm and inform doctor or patient

First to secure medical implants without modifying them Other applications in RFIDs, small low-power sensors, legacy devices Convergence of wireless and medical devices open up new research problems Conclusion

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.