Improving Implantable Medical Device Security Through Cooperative Jamming
dc.contributor.author | Lytle, Kimberly Mirella | en |
dc.contributor.committeechair | Talty, Timothy Joseph | en |
dc.contributor.committeemember | Reed, Jeffrey H. | en |
dc.contributor.committeemember | Michaels, Alan J. | en |
dc.contributor.department | Electrical Engineering | en |
dc.date.accessioned | 2023-07-04T08:01:28Z | en |
dc.date.available | 2023-07-04T08:01:28Z | en |
dc.date.issued | 2023-07-03 | en |
dc.description.abstract | Implantable medical devices (IMDs) are medically necessary devices embedded in a human body that monitor chronic disorders or automatically deliver therapies, such as insulin pumps or pacemakers. Typically, they are small form-factor devices with limited battery and processing power. Most IMDs have wireless capabilities that allow them to share data with an offboard programming device, such as a smartphone application, that has more storage and processing power than the IMD itself. Additionally, the programming device can send commands back to the IMD to change its settings according to the treatment plan. As such, wirelessly sharing information between an IMD and offboard device can help medical providers monitor the patient's health remotely while giving the patient more insight into their condition, more autonomy, and fewer in-person appointments. However, serious security concerns have arisen as researchers have demonstrated it is possible to hack these devices to obtain sensitive information or potentially harm the patient. This is particularly easy to do as most IMDs transmit their data in the clear to avoid allocating their limited resources to encrypting their packets. As these concerns and the percentage of the American population with IMDs grows, there is another fear that bad actors could exploit the link between the programming device and IMD. Theoretically, a hacker could launch a man in the middle attack to send the IMD unauthorized commands, reprogramming it to act as a radio, sniffing signals of interest in the environment. As such, the hacker could use the IMD as a software defined radio (SDR) that captures sensitive or even classified information without the patient's knowledge. If this were to happen, it is possible an unwitting person with an IMD who has access to classified or sensitive information could be used to exfiltrate data that, in the wrong hands, could be used for corporate espionage or to the detriment of national security. While governing bodies agree that cybersecurity risks are present in IMD systems, there are no requirements for IMD manufacturers to create their devices with security measures that mitigate these risks. Researchers have proposed physical, technical, and administrative security measures for IMDs, but other existing wireless security techniques may apply to the healthcare space and need to be explored. Beamforming is an array signal processing technique that relies on individual elements of antenna arrays adjusting their phase and amplitude to create an overall effect of directing RF energy in a particular direction. Similarly, cooperative beamforming uses several physically separate "friendly" beamforming-capable devices to collectively send artificial noise to eavesdroppers while ensuring the signal is successfully received by the intended receiver. Although there are several cooperative jamming algorithms, they share the underlying principles of minimizing SINR at potential eavesdroppers while maximizing the SINR at the intended receiver. Researchers exploring cooperative jamming have largely used models to estimate its impact on channel secrecy. While RF propagation and communication system modeling provides valuable insight into system performance, many theoretical and empirical models are limited by the extent to which the operational environment matches that of the model itself. Ray tracing, alternatively, is more widely applicable as it accounts for a 3D environment and the objects a signal interacts with in that space. A ray is defined as an individual RF signal that travels in a straight line through a uniform medium; obeys the laws of reflection, refraction, and diffraction; and carries energy. As the ray interacts with objects in the environment, its energy will decrease by some amount that depends on the materials and geometry of the object. While research has predominantly focused on applications like cellular communications, the same principles of minimizing SINR at potential eavesdroppers while maximizing the SINR at the intended receiver can be applied to IMDs. As IMD use cases assume the programmer is nearby, the friendly nodes will not need to act as relays and can instead focus all their power on jamming. The number of cooperative jammers will be low to simulate the number of devices an individual might have in a workspace or office setting, like a personal phone, smart watch, or laptop, and realistic power constraints will be observed. Further, ray tracing software will provide additional visual insights into how various building materials like drywall, concrete, brick, and glass impact cooperative jamming. Through these simulations, the trade-off between secrecy rate and physical separation and layout of friendly nodes can be determined, which in turn may inform how companies or individuals can protect their proprietary and personal information. | en |
dc.description.abstractgeneral | Implantable medical devices (IMDs) are medically necessary devices embedded in a human body that monitor chronic disorders or automatically deliver therapies, such as insulin pumps or pacemakers. The data on IMDs need to be processed and their settings might need to be adjusted, but IMDs themselves usually cannot support direct user input, such as through screens or buttons, as they are inaccessible without surgery or generally too small to have space for displays. Further, they lack processing power and battery life due to their small form-factors, so relatively little data remains onboard. Instead, it is more convenient for the IMDs to wirelessly send their data to a more powerful external device like a smartphone. Since smartphones have more battery and processing resources available, and are easily recharged, they can store more data, monitor trends in the patient's health records, and upload the data to a server which the doctors can access. Additionally, these devices can send commands back to the IMD to change its settings according to the treatment plan. As such, wirelessly sharing information between an IMD and offboard programming device can help medical providers monitor the patient's health remotely while giving the patient more insight into their condition, more autonomy, and fewer in-person appointments. However, serious security concerns have arisen as researchers have demonstrated it is possible to hack these devices to obtain sensitive information or potentially harm the patient. As these concerns and the percentage of the American population with IMDs grows, there is another fear that bad actors could exploit the link between the programming device and IMD. Theoretically, a hacker could send the IMD unauthorized commands that change the IMD's behavior so that they are reprogrammed to act as radios listening for signals in the environment in order to steal sensitive or even classified information. While governing bodies agree that cybersecurity risks are present in IMD systems, there are no requirements for IMD manufacturers to create their devices with security measures that mitigate these risks. Researchers have proposed physical, technical, and administrative security measures for IMDs, but other existing wireless security techniques may apply to the healthcare space and need to be explored. Cooperative jamming is an existing defensive wireless technique that reduces the likelihood of an eavesdropper gaining access to unauthorized information. A known set of "friendly" transmitters each transmit noise to eavesdroppers while ensuring the signal is successfully received by the intended receiver. Researchers exploring cooperative jamming have largely used models to estimate its impact on channel secrecy. While RF propagation and communication system modeling provides valuable insight into system performance, many theoretical and empirical models are limited by the extent to which the operational environment matches that of the model itself. Ray tracing, alternatively, is more widely applicable as it accounts for a 3D environment and the objects a signal interacts with in that space. A ray is defined as an individual RF signal that travels in a straight line through a uniform medium; obeys the laws of reflection, refraction, and diffraction; and carries energy. As the ray interacts with objects in the environment, its energy will decrease by some amount that depends on the materials and geometry of the object. Thus, using ray tracing to model cooperative jamming will provide new insights into the degree to which cooperative jamming could be used to protect an IMD from eavesdroppers, and how companies or individuals can protect their proprietary and personal information. | en |
dc.description.degree | Master of Science | en |
dc.format.medium | ETD | en |
dc.identifier.other | vt_gsexam:37965 | en |
dc.identifier.uri | http://hdl.handle.net/10919/115637 | en |
dc.language.iso | en | en |
dc.publisher | Virginia Tech | en |
dc.rights | In Copyright | en |
dc.rights.uri | http://rightsstatements.org/vocab/InC/1.0/ | en |
dc.subject | ray tracing | en |
dc.title | Improving Implantable Medical Device Security Through Cooperative Jamming | en |
dc.type | Thesis | en |
thesis.degree.discipline | Electrical Engineering | en |
thesis.degree.grantor | Virginia Polytechnic Institute and State University | en |
thesis.degree.level | masters | en |
thesis.degree.name | Master of Science | en |
Files
Original bundle
1 - 1 of 1