Do Breach Remediation Efforts Affect Patient Outcomes?

THaW professor Eric Johnson was recently interviewed on the DataBreach Today podcast.  “How do hospitals’ efforts to bolster information security in the aftermath of data breaches potentially affect patient outcomes? Professor Eric Johnson of Vanderbilt University discusses recent research that shows a worrisome relationship between breach remediation and the delivery of timely patient care.”

You can find the 14-minute podcast, and written summary, on DataBreachToday.com.

The podcast discusses a recent THaW paper:

Sung J. Choi, M. Eric Johnson, and Christoph U. Lehmann. Data breach remediation efforts and their implications for hospital quality. Health Services Research 54(5), pages 971–980, September 2019. John Wiley & Sons. DOI: 10.1111/1475-6773.13203

Proximity detection with single-antenna IoT devices

ACM SIGMOBILE has posted a video of our presentation of the THaW paper Proximity detection with single-antenna IoT devices at MobiCom’19.  Abstract below the video.

Timothy J. Pierson, Travis Peters, Ronald Peterson, and David Kotz. Proximity Detection with Single-Antenna IoT Devices. In Proceedings of the ACM International Conference on Mobile Computing and Networking (MobiCom), Article #21, October 2019. ACM Press. DOI 10.1145/3300061.3300120.

Abstract: Providing secure communications between wireless devices that encounter each other on an ad-hoc basis is a challenge that has not yet been fully addressed. In these cases, close physical proximity among devices that have never shared a secret key is sometimes used as a basis of trust; devices in close proximity are deemed trustworthy while more distant devices are viewed as potential adversaries. Because radio waves are invisible, however, a user may believe a wireless device is communicating with a nearby device when in fact the user’s device is communicating with a distant adversary. Researchers have previously proposed methods for multi-antenna devices to ascertain physical proximity with other devices, but devices with a single antenna, such as those commonly used in the Internet of Things, cannot take advantage of these techniques.

We present theoretical and practical evaluation of a method called SNAP – SiNgle Antenna Proximity – that allows a single-antenna Wi-Fi device to quickly determine proximity with another Wi-Fi device. Our proximity detection technique leverages the repeating nature Wi-Fi’s preamble and the behavior of a signal in a transmitting antenna’s near-field region to detect proximity with high probability; SNAP never falsely declares proximity at ranges longer than 14 cm.

Temperature sensors may be vulnerable in safety-critical systems

Recent THaW research has demonstrated that temperature control systems, particularly in sensitive devices like infant incubators or industrial thermal chambers, can be affected by (and thus manipulated by) electromagnetic waves. The team included Prof. Kevin Fu and Research Investigator Sara Rampazzi from THaW, and Prof. Xiali Hei and PhD student Yazhou Tu from the University of Louisiana at Lafayette.

The vulnerability is due to the weakness of analog sensing components. In particular, the change in the measured temperature is due to an unintended rectification effect in amplifiers induced by injecting specific electromagnetic interferences though their temperature sensors.

The researchers demonstrate how it is possible remotely manipulate the temperature sensor measurements of critical devices, such as infant incubators, thermal chambers, and 3D printers. “In infant incubators for example, changing temperature sensor measurement can raise the risk of temperature-related health issues in infants, such as hyperthermia and hypothermia, which in turn can lead in extreme cases to hypoxia, and neurological complications.” Rampazzi says.

In a recent paper describing the attack method, the authors also describe a defense against the vulnerability, proposing a prototype of an analog anomaly detector to identify unintended interferences in the affected frequency range.

The paper was presented this month at the ACM Conference on Computer and Communications Security (CCS), and is available at DOI 10.1145/3319535.3354195.

Short video demos of the effect on an infant incubator are available on YouTube.

 

thermbanner.jpg

Data breach remediation efforts and their implications for hospital quality

Screen Shot 2019-10-04 at 4.16.34 PMA new THaW paper in Health Sciences Research from Choi, Johnson, and Lehmann explores the relationship between breach remediation efforts and hospital care quality.  They found that hospital time‐to‐electrocardiogram increased as much as 2.7 minutes, and 30‐day acute myocardial infarction mortality increased as much as 0.36 percentage points, during the 3‐year window following a breach.  They conclude that breach remediation efforts were associated with deterioration in timeliness of care and patient outcomes. Thus, breached hospitals and HHS oversight should carefully evaluate remedial security initiatives to achieve better data security without negatively affecting patient outcomes.

https://doi.org/10.1111/1475-6773.13203

SNAP: Proximity Detection with Single-Antenna IoT Devices

THaW graduate Tim Pierson will present SNAP, a method for proximity detection with single-antenna IoT devices at MobiCom in October.

SNAP - Likelihood of declaring proximityAbstract: Providing secure communications between wireless devices that encounter each other on an ad-hoc basis is a challenge that has not yet been fully addressed. In these cases, close physical proximity among devices that have never shared a secret key is sometimes used as a basis of trust; devices in close proximity are deemed trustworthy while more distant devices are viewed as potential adversaries. Because radio waves are invisible, however, a user may believe a wireless device is communicating with a nearby device when in fact the user’s device is communicating with a distant adversary. Researchers have previously proposed methods for multi-antenna devices to ascertain physical proximity with other devices, but devices with a single antenna, such as those commonly used in the Internet of Things, cannot take advantage of these techniques.

We present theoretical and practical evaluation of a method called SNAP — SiNgle Antenna Proximity — that allows a single-antenna Wi-Fi device to quickly determine proximity with another Wi-Fi device. Our proximity detection technique leverages the repeating nature Wi-Fi’s preamble and the behavior of a signal in a transmitting antenna’s near-field region to detect proximity with high probability; SNAP never falsely declares proximity at ranges longer than 14 cm.

In Proceedings of the ACM International Conference on Mobile Computing and Networking (MobiCom), Article #1-15, October 2019. ACM Press. DOI 10.1145/3300061.3300120.

CloseTalker: Secure, Short-range Communication

THaW researchers will present a paper titled CloseTalker:  Secure, Short-range Ad Hoc Wireless Communication at MobiSys next week.

Abstract: Secure communication is difficult to arrange between devices that have not previously shared a secret. Previous solutions to the problem are susceptible to man-in-the-middle attacks, require additional hardware for out-of-band communication, or require an extensive public-key infrastructure. Furthermore, as the number of wireless devices explodes with the advent of the Internet of Things, it will be impractical to manually configure each device to communicate with its neighbors.

Our system, CloseTalker, allows simple, secure, ad hoc communication between devices in close physical proximity, while jamming the signal so it is unintelligible to any receivers more than a few centimeters away. CloseTalker does not require any specialized hardware or sensors in the devices, does not require complex algorithms or cryptography libraries, occurs only when intended by the user, and can transmit a short burst of data or an address and key that can be used to establish long-term or long-range communications at full bandwidth.

In this paper we present a theoretical and practical evaluation of CloseTalker, which exploits Wi-Fi MIMO antennas and the fundamental physics of radio to establish secure communication between devices that have never previously met. We demonstrate that CloseTalker is able to facilitate secure in-band communication between devices in close physical proximity (about 5 cm), even though they have never met nor shared a key.

Timothy J. Pierson, Travis Peters, Ronald Peterson, and David Kotz. Proceedings of the ACM International Conference on Mobile Systems, Applications, and Services (MobiSys), June 2019. ACM Press. DOI 10.1145/3307334.3326100.

Cybersecurity vulnerabilities

David Slotwiner, Thomas Deering, Kevin Fu, Andrea Russo, Mary Walsh, and George Van Hare recently published a paper titled Cybersecurity vulnerabilities of cardiac implantable electronic devices: Communication strategies for clinicians:

Abstract: Computers, networking, and software have become essential tools for health care. Our daily lives increasingly depend on digital technology, and we are persistently bombarded by the need to secure the systems and data they generate and store from attack, damage, and unauthorized access. Cybersecurity vulnerabilities of cardiac implantable electronic devices (CIEDs) are no longer hypothetical. While no incident of a cybersecurity breach of a CIED implanted in a patient has been reported, and no patient is known to have been harmed to date by the exploitation of a vulnerability, the potential for such a scenario does exist. The public awareness of cybersecurity vulnerabilities in medical devices, particularly devices such as CIEDs on which a patient’s life may depend and where the potential for reprogramming or rendering the device nonfunctional exists, is raising questions and fueling fears among patients and the clinical provider community. The Heart Rhythm Society (HRS) has identified a gap in clinician-patient communication about the appropriate balance of the risks of such a potential attack against the benefits of lifesaving medical devices. To address these communication gaps, HRS convened a 1-day summit in November 2017, in partnership with the U.S. Food and Drug Administration (FDA). The goal of the meeting was to develop patient-centered communication strategies for health care professionals, industry, and governmental agencies. Participants included patient representatives, subject matter experts, HRS and the American College of Cardiology leadership, representatives from the FDA, and the Federal Bureau of Investigation (FB1) and leadership of 5 CIED manufacturers. This proceedings statement is based on the 4 communication themes that emerged from the discussion: when to notify patients, whom to notify, how to communicate with patients, and key elements to discuss with patients.

Proceedings of the Heart Rhythm Society’s Leadership Summit, Heart Rhythm Journal, July 2018.  DOI 10.1016/j.hrthm.2018.05.001.

Tattle Tail Security

Lanier Watkins, Shreya Aggarwal, Omotola Akeredolu, William H. Robinson and Aviel D. Rubin recently published a paper titled Tattle Tail Security: An Intrusion Detection System for Medical Body Area Networks:

Abstract:  Medical Body Area Networks (MBAN) are created when Wireless Sensor Nodes (WSN) are either embedded into the patient’s body or strapped onto it. MBANs are used to monitor the health of patients in real-time in their homes. Many cyber protection mechanisms exist for the infrastructure that interfaces with MBANs; however, not many effective cyber security mechanisms exist for MBANs. We introduce a low-overhead security mechanism for MBANs based on having nodes infer anomalous power dissipation in their neighbors to detect compromised nodes. Nodes will infer anomalous power dissipation in their neighbors by detecting a change in their packet send rate. After two consecutive violations, the node will “Tattle” on its neighbor to the gateway, which will alert the Telemedicine administrator and notify all other nodes to ignore the compromised node.

Workshop on Decentralized IoT Systems and Security (DISS ’19),  (February, 2019). (pdf)

Intrusion Detection for Medical Body Area Networks (MBAN)

THaW researchers recently presented a new paper at the Workshop on Decentralized IoT Systems and Security (DISS).  [PDF]

Abstract:  Medical Body Area Networks (MBAN) are created when Wireless Sensor Nodes (WSN) are either embedded into the patient’s body or strapped onto it. MBANs are used to monitor the health of patients in real-time in their homes. Many cyber protection mechanisms exist for the infrastructure that interfaces with MBANs; however, not many effective cyber security mechanisms exist for MBANs. We introduce a low-overhead security mechanism for MBANs based on having nodes infer anomalous power dissipation in their neighbors to detect compromised nodes. Nodes will infer anomalous power dissipation in their neighbors by detecting a change in their packet send rate. After two consecutive violations, the node will “Tattle” on its neighbor to the gateway, which will alert the Telemedicine administrator and notify all other nodes to ignore the compromised node.

TattleTale-DISS19 figure1

Proposed Telemedicine Scenario

IoT Two-Factor Neurometric Authentication

Angel Rodriguez, Sara Rampazzi, and Kevin Fu recently had a poster accepted titled IoT Two-Factor Neurometric Authentication System using Wearable EEG:

Abstract: The IoT authentication space suffers from various user-sided drawbacks, such as poor password choice, the accidental publication of biometric data, and the practice of disabling authentication completely. This is commonly attributed to the “Security vs Usability” problem – generally, the stronger the authentication, the more inconvenient it is to perform and maintain for the user. Neurometric authentication offers a compelling resistance to eavesdropping and replay attacks, and the ability for a user to simply “think to unlock”. Furthermore, the recent increase in popularity of consumer EEG devices, as well as new research demonstrating its accuracy, have made EEG-based neurometric authentication much more viable.

Using a Support Vector Machine and one-time tokens, we present a secure two-factor authentication method, that allows a user to authenticate multiple IoT devices. We perform preliminary trials on the Psyionet BCI dataset and demonstrate a qualitative comparison of extracted EEG feature sets.

RampazziLeft: IoT two factor authentication scheme –  (1)  After internal user-thought authentication, the  device securely sends a one-time token to the IoT device. (2) The IoT device securely communicates with a server to verify the token. (3) If the token is verified, the server sends a secure confirmation reply to the IoT device, authenticating the user. Right: Proof of concept using the Psyionet BCI dataset – The top row shows the averaged covariance matrices of the extracted features of two different users thinking about the same mental task (imagining closing their fists). The bottom row shows similar features for one user thinking of two different tasks (imagine closing both fists vs both feet).

Proceedings of the IEEE Workshop on the Internet of Safe Things (SafeThings), May 2019. Accepted, publication pending.