Healthcare IoT: Benefits, vulnerabilities and solutions

With all the exciting benefits of IoT in healthcare — from mobile applications to wearable and implantable health gadgets-it becomes prominent to ensure that patients, their medical data and the interactions to and from their medical devices are safe and secure. The security and privacy is being breached when the mobile applications are mishandled or tampered by the hackers by performing reverse engineering on the application leading to catastrophic consequences. To combat against these vulnerabilities, there is need to create an awareness of the potential risks of these devices and effective strategies are needed to be implemented to achieve a level of security defense. In this paper, the benefits of healthcare IoT system and the possible vulnerabilities that may result are presented. Also, we propose to develop solutions against these vulnerabilities by protecting mobile applications using obfuscation and return oriented programming techniques. These techniques convert an application into a form which makes difficult for an adversary to interpret or alter the code for illegitimate purpose. The mobile applications use keys to control communication with the implantable medical devices, which need to be protected as they are the critical component for securing communications. Therefore, we also propose access control schemes using white box encryption to make the keys undiscoverable to hackers.

[1]  Mohammed Bouhorma,et al.  The Internet of Things for healthcare monitoring: Security review and proposed solution , 2014, 2014 Third IEEE International Colloquium in Information Science and Technology (CIST).

[2]  Kyung-Sup Kwak,et al.  The Internet of Things for Health Care: A Comprehensive Survey , 2015, IEEE Access.

[3]  Zhibo Pang,et al.  Intelligent packaging and intelligent medicine box for medication management towards the Internet-of-Things , 2014, 16th International Conference on Advanced Communication Technology.

[4]  Weiming Shen,et al.  A home mobile healthcare system for wheelchair users , 2014, Proceedings of the 2014 IEEE 18th International Conference on Computer Supported Cooperative Work in Design (CSCWD).

[5]  R. S. H. Istepanian,et al.  The potential of Internet of m-health Things “m-IoT” for non-invasive glucose level sensing , 2011, 2011 Annual International Conference of the IEEE Engineering in Medicine and Biology Society.

[6]  Taejoo Cho,et al.  Security Assessment of Code Obfuscation Based on Dynamic Monitoring in Android Things , 2017, IEEE Access.