Secure Monitoring of Patients With Wandering Behavior in Hospital Environments

Today there is considerable interest for making use of the latest technological advancements for several healthcare applications. However, there are several challenges for making use of different technologies for healthcare applications. In particular, there is a need to ensure that the healthcare related services receive priority during events, such as legitimate failures of devices, congestion, and attacks in the networks. In this paper, we discuss some of the requirements for making use of technology for healthcare applications and propose techniques for secure monitoring of patients with wandering behavior in a hospital or elderly care environment. One of the aims of our work is to use technology for secure monitoring of patients with wandering behavior to keep them away from danger, or detect if the behavior of the patient violates the policies of the hospital, or even violates privacy policies of other patients. Our approach makes use of software defined networking (SDN), Wireless LAN (WLAN), and wearable devices for the patients. Our approach incurs low cost since WLAN is widely deployed. However, there are some challenges for making use of WLAN for monitoring dementia patients, since it is primarily used for accessing the Internet and its open nature is vulnerable to different types of security attacks. Hence we make use of SDN to solve some of these challenges and provide priority for the monitoring services. We have developed a security application for an SDN controller that can be used to enforce fine granular policies for communication between the hosts, real time location tracking of the patients, and deal with attacks on the hospital networks. The policy-based security enforcement helps to differentiate healthcare related traffic from other traffic and provide priority to the healthcare traffic. The real time location tracking detects wandering by patients and if necessary can raise alarms to the staff. The attack detection component makes use of attack signatures and behavior-based intrusion detection to deal with attacks on hospital networks. We will also present the prototype implementation of our model using ONOS SDN controller and OpenFlow Access Points.

[1]  Kyung-Sup Kwak,et al.  The Internet of Things for Health Care: A Comprehensive Survey , 2015, IEEE Access.

[2]  Vijay Varadharajan,et al.  Secure monitoring for dementia patients , 2014, SAC.

[3]  Vijay Varadharajan,et al.  A Policy-Based Security Architecture for Software-Defined Networks , 2018, IEEE Transactions on Information Forensics and Security.

[4]  Min Chen,et al.  Disease Prediction by Machine Learning Over Big Data From Healthcare Communities , 2017, IEEE Access.

[5]  James Yu,et al.  A Solution to WLAN Authentication and Association DoS Attacks , 2007 .

[6]  Bo Sheng,et al.  A Timing-Based Scheme for Rogue AP Detection , 2011, IEEE Transactions on Parallel and Distributed Systems.

[7]  Vijay Varadharajan,et al.  Secure monitoring of the patients with wandering behaviour , 2016 .

[8]  Gunjan Tank,et al.  Software-Defined Networking-The New Norm for Networks , 2012 .

[9]  B. Therrien,et al.  Impact of Cognitive Impairment on Wandering Behavior , 2001, Western journal of nursing research.

[10]  Stefan Savage,et al.  802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions , 2003, USENIX Security Symposium.

[11]  John C. Mitchell,et al.  Security Analysis and Improvements for IEEE 802.11i , 2005, NDSS.

[12]  Sven Dietrich,et al.  Security Challenges and Opportunities of Software-Defined Networking , 2017, IEEE Security & Privacy.

[13]  Mabry Tyson,et al.  A security enforcement kernel for OpenFlow networks , 2012, HotSDN '12.

[14]  Thomas F. La Porta,et al.  Mitigating Attacks on Open Functionality in SMS-Capable Cellular Networks , 2006, IEEE/ACM Transactions on Networking.

[15]  Song Guo,et al.  Byzantine-resilient secure software-defined networks with multiple controllers , 2014, 2014 IEEE International Conference on Communications (ICC).

[16]  Kok-Keong Loo,et al.  Denial of service attacks and challenges in broadband wireless networks , 2008 .

[17]  Nour Moustafa,et al.  UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set) , 2015, 2015 Military Communications and Information Systems Conference (MilCIS).

[18]  Paramvir Bahl,et al.  RADAR: an in-building RF-based user location and tracking system , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[19]  Huzur Saran,et al.  LOCATOR: location estimation system For wireless LANs , 2004, WMASH '04.

[20]  Chuang Lin,et al.  A Novel Cookie-Based DDoS Protection Scheme and its Performance Analysis , 2009, 2009 International Conference on Advanced Information Networking and Applications.

[21]  Sebastian Abt,et al.  Blessing or curse? Revisiting security aspects of Software-Defined Networking , 2014, 10th International Conference on Network and Service Management (CNSM) and Workshop.

[22]  D. Arthur,et al.  Wandering behaviour in people with dementia. , 2003, Journal of advanced nursing.

[23]  Per Enge,et al.  Special Issue on Global Positioning System , 1999, Proc. IEEE.

[24]  Stefan Savage,et al.  Denial-of-Service Attacks : Real Vulnerabilities and Practical Solutions , 2003 .

[25]  C. Iadecola,et al.  The Pathobiology of Vascular Dementia , 2013, Neuron.

[26]  Fernando M. V. Ramos,et al.  Towards secure and dependable software-defined networks , 2013, HotSDN '13.

[27]  Musaed Alhussein,et al.  Monitoring Parkinson’s Disease in Smart Cities , 2017, IEEE Access.

[28]  Brent Byunghoon Kang,et al.  Rosemary: A Robust, Secure, and High-performance Network Operating System , 2014, CCS.

[29]  Lei Xu,et al.  Poisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures , 2015, NDSS.

[30]  Alec Wolman,et al.  Enhancing the security of corporate Wi-Fi networks using DAIR , 2006, MobiSys '06.

[31]  Hao Wang,et al.  A wireless LAN-based indoor positioning technology , 2004, IBM J. Res. Dev..

[32]  Alexander Shalimov,et al.  Advanced study of SDN/OpenFlow controllers , 2013 .

[33]  Vinod Yegneswaran,et al.  DELTA: A Security Assessment Framework for Software-Defined Networks , 2017, NDSS.

[34]  Fang Hao,et al.  ElastiCon; an elastic distributed SDN controller , 2014, 2014 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS).

[35]  Wenyuan Xu,et al.  Channel surfing and spatial retreats: defenses against wireless denial of service , 2004, WiSe '04.

[36]  Pavlin Radoslavov,et al.  ONOS: towards an open, distributed SDN OS , 2014, HotSDN.