computer science, college of william and maryfeihu.eng.ua.edu/nsf_cps/year2/w4_3_slides.pdf ·...
Post on 01-May-2018
225 Views
Preview:
TRANSCRIPT
Outline Introduction Methodology Evaluation Conclusion
Computer Science, College of William and Mary
IMDGuardSecuring Implantable Medical Devices with the External
Wearable Guardian
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
April 13, 2011
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Outline
1 IntroductionSecurity ProblemNew InfrastructureChallenges
2 MethodologyAdversary ModelDescriptionImplementation
3 Evaluation
4 Conclusion
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Outline
1 IntroductionSecurity ProblemNew InfrastructureChallenges
2 MethodologyAdversary ModelDescriptionImplementation
3 Evaluation
4 Conclusion
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
What is Implantable Medical Devices (IMDs))
IMDs are a group of medical devices implanted inside patients’bodies to provide daily monitoring or treatments, such asmeasuring insulin level, regulating heart rhythm, and providingvisual sight.
Intracranial Sensor Cardiac Defibrillator Pacemaker X-ray Image ofInstalled Pacemaker
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Trend of Modern IMDs
Multifarious function. It has been integrated into manyIMDs that the flexible therapy configuration, physicalcondition monitoring, and diagnostic data stage.
Wireless capability. It is common to find out current IMDsshipped with wireless communication interface. The frequencyband used by IMDs has been approved by U.S. FederalCommunications Commission and EuropeanTelecommunications Standards Institute.
Large demands. 25 million US citizens depend upon IMDs,reported in 2001. This demand is excepted to continueincreasing 8.3 percent annually through 2014.
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Security Problem
Current Communication Model
IMD Programmer
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Security Problem
Potential Attacks
All wireless interactions occurred daily on patients’ IMDs currentlyare not protected, which can be leveraged by vandals.
A recent study demonstrated that, by using equipments availableon the markets, an IMD is able to be reprogrammed, putting thepatient’s life in danger.
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Security Problem
Motivation
tension between security and safety
accessible only to authorized identities(keys)
renewing key requires previous authorized keys
key lost or damaged
unauthorized access in emergency
mulfunctioning
Outline Introduction Methodology Evaluation Conclusion
Security Problem
Motivation
tension between security and safety
accessible only to authorized identities(keys)
renewing key requires previous authorized keys
key lost or damaged
unauthorized access in emergency
mulfunctioning
How to design a security schemefor IMDs that protects IMDs inregular situations,but safely allowaccess in any emergency withoutassistance from the patient?
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
New Infrastructure
New Infrastructure
IMDProgrammer
authorized
unauthorized
unauthorized in emergency
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
New Infrastructure
New Infrastructure
IMDProgrammer
authorized
unauthorized
unauthorized in emergency
Guardian
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
New Infrastructure
New Infrastructure
IMDProgrammer
authorized
unauthorized
unauthorized in emergency
Guardian
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
New Infrastructure
New Infrastructure
IMDProgrammer
authorized
unauthorized
unauthorized in emergency
Guardian
authorized
unauthorized
unauthorized in emergency
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Challenges
First Challenge
IMDProgrammer
Guardian
key establishmentor renewal
requirements:
do not require prior sharedsecrets
secure in any circumstance
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Challenges
Second Challenge
IMDProgrammer
authorized
unauthorized
unauthorized in emergency
Guardian
spoofing attack
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Outline
1 IntroductionSecurity ProblemNew InfrastructureChallenges
2 MethodologyAdversary ModelDescriptionImplementation
3 Evaluation
4 Conclusion
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Adversary Model
Adversary Model
Consider an adversary whose goal is trying to program to orretrieve data from the IMD without being caught.
Assume the adversary cannot physically measure the patient’sreal-time ECG signals without being detected.
Assume there is no adversary in an emergency situation.
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Description
Overview
IMDGuard is a novel security scheme forIMD-Guardian-Programmer infrastructure.
IMDGuard incorporates two techniques tailored to providedesirable protections for IMDs.
1 ECG-based secure key extraction. It allows the IMDsecurely pairs to an legitimate Guardian without any priorshared secrets.
2 Spoofing-resistant access control. It provides security tothe IMD in normal cases, and only grants accessibility to anyprogrammer in real emergency.
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Description
Secure Key Establishment Scheme Based on ECG Signals
ECG Delineation
100 200 300 400 500 600275
280
285
290
295
300
305
310
315
IPI (in u
nit o
f 4 m
illiseconds)
IPI index
Average of IPIs
IPI fluctuation
00101010101010101001010011010110110101011011
Secret Key
i quantization
ii reconciliation
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Description
Secure Key Establishment Scheme Based on ECG Signals
ECG Delineation
100 200 300 400 500 600275
280
285
290
295
300
305
310
315
IPI (in u
nit o
f 4 m
illiseconds)
IPI index
Average of IPIs
IPI fluctuation
00101010101010101001010011010110110101011011
Secret Key
i quantization
ii reconciliation
Quantization:
We map each IPI fluctuation into a n-bitbinary string.
Occurrences of different n-bit binary stringmappings are equally likely.
In order to reduce the mismatched bits oftwo sides, we pick proper n and apply graycode.
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Description
Secure Key Establishment Scheme Based on ECG Signals
ECG Delineation
100 200 300 400 500 600275
280
285
290
295
300
305
310
315
IPI (in u
nit o
f 4 m
illiseconds)
IPI index
Average of IPIs
IPI fluctuation
00101010101010101001010011010110110101011011
Secret Key
i quantization
ii reconciliation
Quantization:
We map each IPI fluctuation into a n-bitbinary string.
Occurrences of different n-bit binary stringmappings are equally likely.
In order to reduce the mismatched bits oftwo sides, we pick proper n and apply graycode.
Reconciliation:
Exchange a bit information so that bothsides can agree on a secret composed ofidentical binary strings.
Remove the leaked information to condensethe entropy of generated secret.
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Description
Secure Key Establishment Scheme Based on ECG Signals
ECG Delineation
100 200 300 400 500 600275
280
285
290
295
300
305
310
315
IPI (in u
nit o
f 4 m
illiseconds)
IPI index
Average of IPIs
IPI fluctuation
00101010101010101001010011010110110101011011
Secret Key
i quantization
ii reconciliation
Quantization:
We map each IPI fluctuation into a n-bitbinary string.
Occurrences of different n-bit binary stringmappings are equally likely.
In order to reduce the mismatched bits oftwo sides, we pick proper n and apply graycode.
Reconciliation:
Exchange a bit information so that bothsides can agree on a secret composed ofidentical binary strings.
Remove the leaked information to condensethe entropy of generated secret.
Features:
No need to change IMDs’ hardware design.
Ensured information-theoretic security.
Robust against man-in-the-middle attacks.
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Description
Spoofing-resistant Access Control
Motivation
It is unknown how powerful the adversary is.
Collaboration is possible between the IMD and Guardian.
Strategy
Guardian jams IMD’s message to block illegal interactions whenencountering spoofing attacks.
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Description
When There is no Spoofing Attacks
IMD Programmer Guardian
access attempt overhear
notification
Public-key authentication
legitimate one
session key
secure comm.
notification
session key
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Description
Defensive Jamming against Spoofing Attacks
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Implementation
Prototype Implementation
Total code size of IMDGuard prototypeModule ROM(bytes) RAM (bytes)IMD 20656 1056
Programmer 20754 1060Guardian 20614 1050
ECC 42190 1931Key Extraction 10078 887
ECG Delineation 18720 9652
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Outline
1 IntroductionSecurity ProblemNew InfrastructureChallenges
2 MethodologyAdversary ModelDescriptionImplementation
3 Evaluation
4 Conclusion
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Key Establishment
1 Variance. The historic records of the same person do nothelp adversary to guess the generated key, neither do that ofother people.
2 Efficiency. On average a secret key can be extracted in 45seconds.
3 Randomness. Generated keys can pass National Institute ofStandards and Technology (NIST) Randomness testing suite.
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Access Control Protocol
Defensive JammingEffectiveness
1 2 3 4 5 6 70
0.2
0.4
0.6
0.8
1jammer power level 0dBm
1 2 3 4 5 6 70
0.2
0.4
0.6
0.8
1jammer power level −10dBm
1 2 3 4 5 6 70
0.2
0.4
0.6
0.8
1jammer power level −15dBm
1 2 3 4 5 6 70
0.2
0.4
0.6
0.8
1jammer power level −25dBm
Prototype Timing Information
Overhead in Time (ms)Situation Operation Overhead
AuthenticationSigning(20bytes) 1550Verification(20bytes) 2221Others 50
Guardian RemovedChallenge Transfer 512Others 14
Guardian Jamming Session Deny 1501
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Outline
1 IntroductionSecurity ProblemNew InfrastructureChallenges
2 MethodologyAdversary ModelDescriptionImplementation
3 Evaluation
4 Conclusion
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
Outline Introduction Methodology Evaluation Conclusion
Conclusion
1 We are the first to propose a rigorously information-theoreticsecure extraction scheme, and evaluate its performance onresource constrained embedded systems.
2 We are the first to finalize and implement a comprehensivesecure protocol for the IMD-Guardian-Programmerinfrastructure.
3 We perform extensive experiments on our prototype toevaluate the validity and performance of IMDGuard.
Fengyuan Xu, Zhengrui Qin, Chiu C Tan, and Qun Li
IMDGuard
top related