1.
Akm Iqtidar Newaz, Ahmet Aris, Amit Kumar Sikder, A Selcuk Uluagac
Systematic Threat Analysis of Modern Unified Healthcare Communication Systems Conference Paper
In the Proceedings of the 37th IEEE Global Communications Conference (GLOBECOM), 2022.
Abstract | Links | BibTeX | Tags: Healthcare Security, Network Security
@conference{iqtidarThreatAnalysis,
title = {Systematic Threat Analysis of Modern Unified Healthcare Communication Systems},
author = {Akm Iqtidar Newaz and Ahmet Aris and Amit Kumar Sikder and A Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/10001605/},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
booktitle = {In the Proceedings of the 37th IEEE Global Communications Conference (GLOBECOM)},
abstract = {Recently, smart medical devices have become preva-lent in remote monitoring of patients and the delivery of medication. The ongoing Covid-19 pandemic situation has boosted the upward trend of the popularity of smart medical devices in the healthcare system. Simultaneously, different device manufacturers and technologies compete for a share in a smart medical device's market, which forces the integration of diverse smart medical de-vices into a common healthcare ecosystem. Hence, modern unified healthcare communication systems (UHCSs) combine ISO/IEEE 11073 and Health Level Seven (HL7) communication standards to support smart medical devices' interoperability and their communication with healthcare providers. Despite their advantages in supporting various smart medical devices and communication technologies, these standards do not provide any security and suffer from vulnerabilities},
keywords = {Healthcare Security, Network Security},
pubstate = {published},
tppubtype = {conference}
}
Recently, smart medical devices have become preva-lent in remote monitoring of patients and the delivery of medication. The ongoing Covid-19 pandemic situation has boosted the upward trend of the popularity of smart medical devices in the healthcare system. Simultaneously, different device manufacturers and technologies compete for a share in a smart medical device's market, which forces the integration of diverse smart medical de-vices into a common healthcare ecosystem. Hence, modern unified healthcare communication systems (UHCSs) combine ISO/IEEE 11073 and Health Level Seven (HL7) communication standards to support smart medical devices' interoperability and their communication with healthcare providers. Despite their advantages in supporting various smart medical devices and communication technologies, these standards do not provide any security and suffer from vulnerabilities
2.
Akm Iqtidar Newaz, Amit Kumar Sikder, Mohammad Ashiqur Rahman, A Selcuk Uluagac
A survey on security and privacy issues in modern healthcare systems: Attacks and defenses Journal Article
ACM Transactions on Computing for Healthcare Journal, 2021.
Abstract | BibTeX | Tags: Healthcare Security
@article{newaz2021survey,
title = {A survey on security and privacy issues in modern healthcare systems: Attacks and defenses},
author = {Akm Iqtidar Newaz and Amit Kumar Sikder and Mohammad Ashiqur Rahman and A Selcuk Uluagac},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {ACM Transactions on Computing for Healthcare Journal},
publisher = {ACM New York, NY, USA},
abstract = {Recent advancements in computing systems and wireless communications have made healthcare systems more efficient than before. Modern healthcare devices can monitor and manage different health conditions of patients automatically without any manual intervention from medical professionals. Additionally, the use of implantable medical devices, body area networks, and Internet of Things technologies in healthcare systems improve the overall patient monitoring and treatment process. However, these systems are complex in software and hardware, and optimizing between security, privacy, and treatment is crucial for healthcare systems because any security or privacy violation can lead to severe effects on patients treatments and overall health conditions. },
keywords = {Healthcare Security},
pubstate = {published},
tppubtype = {article}
}
Recent advancements in computing systems and wireless communications have made healthcare systems more efficient than before. Modern healthcare devices can monitor and manage different health conditions of patients automatically without any manual intervention from medical professionals. Additionally, the use of implantable medical devices, body area networks, and Internet of Things technologies in healthcare systems improve the overall patient monitoring and treatment process. However, these systems are complex in software and hardware, and optimizing between security, privacy, and treatment is crucial for healthcare systems because any security or privacy violation can lead to severe effects on patients treatments and overall health conditions.
3.
Nur Imtiazul Haque, Mohammad Ashiqur Rahman, Md Hasan Shahriar, Alvi Ataur Khalil, Selcuk Uluagac
A novel framework for threat analysis of machine learning-based smart healthcare systems Journal Article
arXiv, 2021.
Abstract | Links | BibTeX | Tags: Healthcare Security
@article{haque2021novel,
title = {A novel framework for threat analysis of machine learning-based smart healthcare systems},
author = {Nur Imtiazul Haque and Mohammad Ashiqur Rahman and Md Hasan Shahriar and Alvi Ataur Khalil and Selcuk Uluagac},
url = {https://arxiv.org/abs/2103.03472},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {arXiv},
abstract = {Smart healthcare systems (SHSs) are providing fast and efficient disease treatment leveraging wireless body sensor networks (WBSNs) and implantable medical devices (IMDs)-based internet of medical things (IoMT). In addition, IoMT-based SHSs are enabling automated medication, allowing communication among myriad healthcare sensor devices. However, adversaries can launch various attacks on the communication network and the hardware/firmware to introduce false data or cause data unavailability to the automatic medication system endangering the patient's life. In this paper, we propose SHChecker, a novel threat analysis framework that integrates machine learning and formal analysis capabilities to identify potential attacks and corresponding effects on an IoMT-based SHS. Our framework can provide us with all potential attack vectors, each representing a set of sensor measurements to be altered, for an SHS given a specific set of attack attributes, allowing us to realize the system's resiliency, thus the insight to enhance the robustness of the model. We implement SHChecker on a synthetic and a real dataset, which affirms that our framework can reveal potential attack vectors in an IoMT system. This is a novel effort to formally analyze supervised and unsupervised machine learning models for black-box SHS threat analysis.},
keywords = {Healthcare Security},
pubstate = {published},
tppubtype = {article}
}
Smart healthcare systems (SHSs) are providing fast and efficient disease treatment leveraging wireless body sensor networks (WBSNs) and implantable medical devices (IMDs)-based internet of medical things (IoMT). In addition, IoMT-based SHSs are enabling automated medication, allowing communication among myriad healthcare sensor devices. However, adversaries can launch various attacks on the communication network and the hardware/firmware to introduce false data or cause data unavailability to the automatic medication system endangering the patient's life. In this paper, we propose SHChecker, a novel threat analysis framework that integrates machine learning and formal analysis capabilities to identify potential attacks and corresponding effects on an IoMT-based SHS. Our framework can provide us with all potential attack vectors, each representing a set of sensor measurements to be altered, for an SHS given a specific set of attack attributes, allowing us to realize the system's resiliency, thus the insight to enhance the robustness of the model. We implement SHChecker on a synthetic and a real dataset, which affirms that our framework can reveal potential attack vectors in an IoMT system. This is a novel effort to formally analyze supervised and unsupervised machine learning models for black-box SHS threat analysis.
4.
AKM Iqtidar Newaz, Amit Kumar Sikder, Leonardo Babun, A Selcuk Uluagac
Heka: A novel intrusion detection system for attacks to personal medical devices Conference Paper
In the proceedings of the IEEE Conference on Communications and Network Security (CNS), IEEE 2020.
Abstract | Links | BibTeX | Tags: Healthcare Security, IoT Security, Smart Home Security
@conference{newaz2020heka,
title = {Heka: A novel intrusion detection system for attacks to personal medical devices},
author = {AKM Iqtidar Newaz and Amit Kumar Sikder and Leonardo Babun and A Selcuk Uluagac},
url = {https://csl.fiu.edu/wp-content/uploads/2023/05/heka.pdf},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
booktitle = {In the proceedings of the IEEE Conference on Communications and Network Security (CNS)},
organization = {IEEE},
abstract = {Modern Smart Health Systems (SHS) involve the concept of connected personal medical devices. These devices significantly improve the patient's lifestyle as they permit remote monitoring and transmission of health data (i.e., telemedicine), lowering the treatment costs for both the patient and the healthcare providers. Although specific SHS communication standards (i.e., ISO/IEEE 11073) enable real-time plug-and-play interoperability and communication between different personal medical devices, they do not specify any features for secure communications. In this paper, we demonstrate how personal medical device communication is indeed vulnerable to different cyber attacks. Specifically, we show how an external attacker can hook into the personal medical device's communication and eavesdrop the sensitive health data traffic, and implement manin-the-middle, replay, false data injection, and denial-of service.},
keywords = {Healthcare Security, IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
Modern Smart Health Systems (SHS) involve the concept of connected personal medical devices. These devices significantly improve the patient's lifestyle as they permit remote monitoring and transmission of health data (i.e., telemedicine), lowering the treatment costs for both the patient and the healthcare providers. Although specific SHS communication standards (i.e., ISO/IEEE 11073) enable real-time plug-and-play interoperability and communication between different personal medical devices, they do not specify any features for secure communications. In this paper, we demonstrate how personal medical device communication is indeed vulnerable to different cyber attacks. Specifically, we show how an external attacker can hook into the personal medical device's communication and eavesdrop the sensitive health data traffic, and implement manin-the-middle, replay, false data injection, and denial-of service.
Citations: 8413
h-index: 44
i10-index: 107
