Knock! Knock! Who is there? Investigating data leakage from a medical internet of things hijacking attack

Talon Flynn; George Grispos; William Bradley Glisson; William Mahoney

Knock! Knock! Who is there? Investigating data leakage from a medical internet of things hijacking attack

Talon Flynn, George Grispos, William Bradley Glisson, William Mahoney

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

The amalgamation of Medical Internet of Things (MIoT) devices into everyday life is influencing the landscape of modern medicine. The implementation of these devices potentially alleviates the pressures and physical demands of healthcare systems through the remote monitoring of patients. However, there are concerns that the emergence of MIoT ecosystems is introducing an assortment of security and privacy challenges. While previous research has shown that multiple vulnerabilities exist within MIoT devices, minimal research investigates potential data leakage from MIoT devices through hijacking attacks. The research contribution of this paper is twofold. First, it provides a proof of concept that certain MIoT devices and their accompanying smartphone applications are vulnerable to hijacking attacks. Second, it highlights the effectiveness of using digital forensics tools as a lens to identify patient and medical device information on a hijacker's smartphone.

Original language	English (US)
Title of host publication	Proceedings of the 53rd Annual Hawaii International Conference on System Sciences, HICSS 2020
Editors	Tung X. Bui
Publisher	IEEE Computer Society
Pages	6456-6465
Number of pages	10
ISBN (Electronic)	9780998133133
State	Published - 2020
Event	53rd Annual Hawaii International Conference on System Sciences, HICSS 2020 - Maui, United States Duration: Jan 7 2020 → Jan 10 2020

Publication series

Name	Proceedings of the Annual Hawaii International Conference on System Sciences
Volume	2020-January
ISSN (Print)	1530-1605

Conference

Conference	53rd Annual Hawaii International Conference on System Sciences, HICSS 2020
Country/Territory	United States
City	Maui
Period	1/7/20 → 1/10/20

ASJC Scopus subject areas

Engineering(all)

Cite this

Flynn, T., Grispos, G., Glisson, W. B., & Mahoney, W. (2020). Knock! Knock! Who is there? Investigating data leakage from a medical internet of things hijacking attack. In T. X. Bui (Ed.), Proceedings of the 53rd Annual Hawaii International Conference on System Sciences, HICSS 2020 (pp. 6456-6465). (Proceedings of the Annual Hawaii International Conference on System Sciences; Vol. 2020-January). IEEE Computer Society.

Knock! Knock! Who is there? Investigating data leakage from a medical internet of things hijacking attack. / Flynn, Talon; Grispos, George; Glisson, William Bradley et al.
Proceedings of the 53rd Annual Hawaii International Conference on System Sciences, HICSS 2020. ed. / Tung X. Bui. IEEE Computer Society, 2020. p. 6456-6465 (Proceedings of the Annual Hawaii International Conference on System Sciences; Vol. 2020-January).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Flynn, T, Grispos, G, Glisson, WB & Mahoney, W 2020, Knock! Knock! Who is there? Investigating data leakage from a medical internet of things hijacking attack. in TX Bui (ed.), Proceedings of the 53rd Annual Hawaii International Conference on System Sciences, HICSS 2020. Proceedings of the Annual Hawaii International Conference on System Sciences, vol. 2020-January, IEEE Computer Society, pp. 6456-6465, 53rd Annual Hawaii International Conference on System Sciences, HICSS 2020, Maui, United States, 1/7/20.

Flynn T, Grispos G, Glisson WB, Mahoney W. Knock! Knock! Who is there? Investigating data leakage from a medical internet of things hijacking attack. In Bui TX, editor, Proceedings of the 53rd Annual Hawaii International Conference on System Sciences, HICSS 2020. IEEE Computer Society. 2020. p. 6456-6465. (Proceedings of the Annual Hawaii International Conference on System Sciences).

Flynn, Talon ; Grispos, George ; Glisson, William Bradley et al. / Knock! Knock! Who is there? Investigating data leakage from a medical internet of things hijacking attack. Proceedings of the 53rd Annual Hawaii International Conference on System Sciences, HICSS 2020. editor / Tung X. Bui. IEEE Computer Society, 2020. pp. 6456-6465 (Proceedings of the Annual Hawaii International Conference on System Sciences).

@inproceedings{a8101821c9c6467fbeb68b68cf1c4b73,

title = "Knock! Knock! Who is there? Investigating data leakage from a medical internet of things hijacking attack",

abstract = "The amalgamation of Medical Internet of Things (MIoT) devices into everyday life is influencing the landscape of modern medicine. The implementation of these devices potentially alleviates the pressures and physical demands of healthcare systems through the remote monitoring of patients. However, there are concerns that the emergence of MIoT ecosystems is introducing an assortment of security and privacy challenges. While previous research has shown that multiple vulnerabilities exist within MIoT devices, minimal research investigates potential data leakage from MIoT devices through hijacking attacks. The research contribution of this paper is twofold. First, it provides a proof of concept that certain MIoT devices and their accompanying smartphone applications are vulnerable to hijacking attacks. Second, it highlights the effectiveness of using digital forensics tools as a lens to identify patient and medical device information on a hijacker's smartphone.",

author = "Talon Flynn and George Grispos and Glisson, {William Bradley} and William Mahoney",

note = "Funding Information: Financial support for this research is provided by the Nebraska Research Initiative (NRI). Publisher Copyright: {\textcopyright} 2020 IEEE Computer Society. All rights reserved.; 53rd Annual Hawaii International Conference on System Sciences, HICSS 2020 ; Conference date: 07-01-2020 Through 10-01-2020",

year = "2020",

language = "English (US)",

series = "Proceedings of the Annual Hawaii International Conference on System Sciences",

publisher = "IEEE Computer Society",

pages = "6456--6465",

editor = "Bui, {Tung X.}",

booktitle = "Proceedings of the 53rd Annual Hawaii International Conference on System Sciences, HICSS 2020",

}

TY - GEN

T1 - Knock! Knock! Who is there? Investigating data leakage from a medical internet of things hijacking attack

AU - Flynn, Talon

AU - Grispos, George

AU - Glisson, William Bradley

AU - Mahoney, William

PY - 2020

Y1 - 2020

N2 - The amalgamation of Medical Internet of Things (MIoT) devices into everyday life is influencing the landscape of modern medicine. The implementation of these devices potentially alleviates the pressures and physical demands of healthcare systems through the remote monitoring of patients. However, there are concerns that the emergence of MIoT ecosystems is introducing an assortment of security and privacy challenges. While previous research has shown that multiple vulnerabilities exist within MIoT devices, minimal research investigates potential data leakage from MIoT devices through hijacking attacks. The research contribution of this paper is twofold. First, it provides a proof of concept that certain MIoT devices and their accompanying smartphone applications are vulnerable to hijacking attacks. Second, it highlights the effectiveness of using digital forensics tools as a lens to identify patient and medical device information on a hijacker's smartphone.

AB - The amalgamation of Medical Internet of Things (MIoT) devices into everyday life is influencing the landscape of modern medicine. The implementation of these devices potentially alleviates the pressures and physical demands of healthcare systems through the remote monitoring of patients. However, there are concerns that the emergence of MIoT ecosystems is introducing an assortment of security and privacy challenges. While previous research has shown that multiple vulnerabilities exist within MIoT devices, minimal research investigates potential data leakage from MIoT devices through hijacking attacks. The research contribution of this paper is twofold. First, it provides a proof of concept that certain MIoT devices and their accompanying smartphone applications are vulnerable to hijacking attacks. Second, it highlights the effectiveness of using digital forensics tools as a lens to identify patient and medical device information on a hijacker's smartphone.

UR - http://www.scopus.com/inward/record.url?scp=85089822397&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85089822397&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:85089822397

T3 - Proceedings of the Annual Hawaii International Conference on System Sciences

SP - 6456

EP - 6465

BT - Proceedings of the 53rd Annual Hawaii International Conference on System Sciences, HICSS 2020

A2 - Bui, Tung X.

PB - IEEE Computer Society

T2 - 53rd Annual Hawaii International Conference on System Sciences, HICSS 2020

Y2 - 7 January 2020 through 10 January 2020

ER -

Knock! Knock! Who is there? Investigating data leakage from a medical internet of things hijacking attack

Abstract

Publication series

Conference

ASJC Scopus subject areas

Other files and links

Fingerprint

Cite this