Attack-Graph Threat Modeling Assessment of Ambulatory Medical Devices

Luckett, Patrick; McDonald, J. Todd; Glisson, William Bradley

View/Open

Article (543.7Kb)

Date

2017-01

Author

Luckett, Patrick

McDonald, J. Todd

Glisson, William Bradley

Metadata

Show full item record

Abstract

The continued integration of technology into all aspects of society stresses the need to identify and understand the risk associated with assimilating new technologies. This necessity is heightened when technology is used for medical purposes like ambulatory devices that monitor a patient’s vital signs. This integration creates environments that are conducive to malicious activities. The potential impact presents new challenges for the medical community. \ \ Hence, this research presents attack graph modeling as a viable solution to identifying vulnerabilities, assessing risk, and forming mitigation strategies to defend ambulatory medical devices from attackers. Common and frequent vulnerabilities and attack strategies related to the various aspects of ambulatory devices, including Bluetooth enabled sensors and Android applications are identified in the literature. Based on this analysis, this research presents an attack graph modeling example on a theoretical device that highlights vulnerabilities and mitigation strategies to consider when designing ambulatory devices with similar components.

URI

https://hdl.handle.net/20.500.11875/3208

Collections

Department of Computer Science

Citation

Luckett, P., McDonald, J., & Glisson, W. (2017). Attack-Graph Threat Modeling Assessment of Ambulatory Medical Devices. Proceedings of the 50th Hawaii International Conference on System Sciences (2017). Hawaii International Conference on System Sciences, p.3648-3657. https://doi.org/10.24251/hicss.2017.441

Description

A paper co-authored by William Glisson that was published in the Proceedings of the 50th Hawaii International Conference on System Sciences in 2017.