Knock! Knock! Who is There? Investigating Data Leakage from a Medical Internet of Things Hijacking Attack

Date

2020-01

Authors

Flynn, Talon
Grispos, George
Glisson, William Bradley
Mahoney, William

Journal Title

Journal ISSN

Volume Title

Publisher

Proceedings of the 53rd Hawaii International Conference on System Sciences

Abstract

The amalgamation of Medical Internet of Things (MIoT) devices into everyday life is influencing the landscape of modern medicine. The implementation of these devices potentially alleviates the pressures and physical demands of healthcare systems through the remote monitoring of patients. However, there are concerns that the emergence of MIoT ecosystems is introducing an assortment of security and privacy challenges. While previous research has shown that multiple vulnerabilities exist within MIoT devices, minimal research investigates potential data leakage from MIoT devices through hijacking attacks. The research contribution of this paper is twofold. First, it provides a proof of concept that certain MIoT devices and their accompanying smartphone applications are vulnerable to hijacking attacks. Second, it highlights the effectiveness of using digital forensics tools as a lens to identify patient and medical device information on a hijacker’s smartphone.

Description

A paper co-authored by William Glisson originally published in Proceedings of the 53rd Hawaii International Conference on System Sciences in 2020.

Keywords

Machine Learning and Cyber Threat Intelligence and Analytics, cybercrime, forensics, hijacking, internet of things, medical, security

Citation

Flynn, T., Grispos, G., Glisson, W., & Mahoney, W. (2020). Knock! Knock! Who Is There? Investigating Data Leakage from a Medical Internet of Things Hijacking Attack. Proceedings of the 53rd Hawaii International Conference on System Sciences. Hawaii International Conference on System Sciences, p. 6458-6465. https://doi.org/10.24251/hicss.2020.791