140 likes | 382 Views
Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses. By: Halperin, Heydt—Benjamin, Ransford, Clark, Defend, Morgan, Fu, Kohno, and Maisel Presented by: Charlie Allen. Overview. IMDs Attacks Defenses Notification Authentication Key Exchange
E N D
Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses By: Halperin, Heydt—Benjamin, Ransford, Clark, Defend, Morgan, Fu, Kohno, and Maisel Presented by: Charlie Allen
Overview • IMDs • Attacks • Defenses • Notification • Authentication • Key Exchange • Future Work
IMDs • Pacemakers • Implantable Cardioverter Defibrilators (ICD) • Neurostimulators • Drug Pumps • Wireless
Programming IMDs • Commercial Programmers • Radio Communicator
Security Model • Access to programmers • Passive Adversary • Active Adversary • Assumptions • ICDs Honest
Intercepting Communication • Reverse engineering • Eavesdropping • Limitations
Attacks • ICD Identification • Disclosing patient data • Disclosing cardiac data • Changing patient name • Setting the ICD’s clock • Changing therapies • Inducing fibrillation • Power denial of service
WISPer • Notification • Zero-Power • Sound Audibility
Authentication • Uses • Master Key known by all programmers • Identity specific to IMD • Nonce known by programmer in advance • Improvements • Random nonce
Key Exchange • Process • Medium