Visible to the public Healthcare IoT: Benefits, vulnerabilities and solutions

TitleHealthcare IoT: Benefits, vulnerabilities and solutions
Publication TypeConference Paper
Year of Publication2018
AuthorsNausheen, Farha, Begum, Sayyada Hajera
Conference Name2018 2nd International Conference on Inventive Systems and Control (ICISC)
KeywordsAccess Control, authorisation, Biomedical monitoring, composability, Computer crime, cryptography, data privacy, Health Care, healthcare IoT, healthcare IoT system, implantable health gadgets, implantable medical devices, Internet of Things, medical computing, medical data, Medical diagnostic imaging, Medical services, Metrics, mobile applications, Monitoring, obfuscation, obfuscation technique, pubcrawl, Resiliency, return oriented programming techniques, reverse engineering, security, security defense, white box cryptography
AbstractWith all the exciting benefits of IoT in healthcare - from mobile applications to wearable and implantable health gadgets-it becomes prominent to ensure that patients, their medical data and the interactions to and from their medical devices are safe and secure. The security and privacy is being breached when the mobile applications are mishandled or tampered by the hackers by performing reverse engineering on the application leading to catastrophic consequences. To combat against these vulnerabilities, there is need to create an awareness of the potential risks of these devices and effective strategies are needed to be implemented to achieve a level of security defense. In this paper, the benefits of healthcare IoT system and the possible vulnerabilities that may result are presented. Also, we propose to develop solutions against these vulnerabilities by protecting mobile applications using obfuscation and return oriented programming techniques. These techniques convert an application into a form which makes difficult for an adversary to interpret or alter the code for illegitimate purpose. The mobile applications use keys to control communication with the implantable medical devices, which need to be protected as they are the critical component for securing communications. Therefore, we also propose access control schemes using white box encryption to make the keys undiscoverable to hackers.
DOI10.1109/ICISC.2018.8399126
Citation Keynausheen_healthcare_2018