International Journal of Computer Science & Network Security

International Journal of Computer Science & Network Security (국제컴퓨터통신보호논문지학회)
권호 표지
DOI QR코드

DOI QR Code

Modern Study on Internet of Medical Things (IOMT) Security

  • Aljumaie, Ghada Sultan (Department of Computer Science College of Computers and Information Technology Taif University) ;
  • Alzeer, Ghada Hisham (Department of Computer Science College of Computers and Information Technology Taif University) ;
  • Alghamdi, Reham Khaild (Department of Computer Science College of Computers and Information Technology Taif University) ;
  • Alsuwat, Hatim (Department of Computer Science College of Computer and Information Systems Umm Al Qura University) ;
  • Alsuwat, Emad (Department of Computer Science College of Computers and Information Technology Taif University)
  • Received : 2021.08.05
  • Published : 2021.08.30
Download PDF
⟨ Previous Next ⟩

Abstract

The Internet of Medical Things (IoMTs) are to be considered an investment and an improvement to respond effectively and efficiently to patient needs, as it reduces healthcare costs, provides the timely attendance of medical responses, and increases the quality of medical treatment. However, IoMT devices face exposure from several security threats that defer in function and thus can pose a significant risk to how private and safe a patient's data is. This document works as a comprehensive review of modern approaches to achieving security within the Internet of Things. Most of the papers cited here are used been carefully selected based on how recently it has been published. The paper highlights some common attacks on IoMTs. Also, highlighting the process by which secure authentication mechanisms can be achieved on IoMTs, we present several means to detect different attacks in IoMTs

Keywords

References

  1. Ghorbani, H. R., & Ahmadzadegan, M. H. (2017, November). Security challenges in the Internet of things: a survey. In 2017 IEEE Conference on Wireless Sensors (ICWiSe) (pp. 1-6). IEEE.
  2. Fizza, K., Banerjee, A., Mitra, K., Jayaraman, P. P., Ranjan, R., Patel, P., & Georgakopoulos, D. (2021). QoE in IoT: a vision, survey, and future directions. Discover the Internet of Things, 1(1), 1-14. https://doi.org/10.1007/s43926-021-00007-6
  3. Shanthamallu, U. S., Spanias, A., Tepedelenlioglu, C., & Stanley, M. (2017, August). A brief survey of machine learning methods and their sensor and IoT applications. In 2017 8th International Conference on Information, Intelligence, Systems & Applications (IISA) (pp. 1-8). IEEE.
  4. Ahmed, G., Mehmood, D., Shahzad, K., & Malick, R. A. S. (2021). An efficient routing protocol for the Internet of medical things focusing on hot spot node problems. International Journal of Distributed Sensor Networks, 17(2), 1550147721991706.
  5. Harvey, P., Toutsop, O., Kornegay, K., Alale, E., & Reaves, D. (2020, December). Security and Privacy of Medical Internet of Things Devices for Smart Homes. In 2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS) (pp. 1-6). IEEE.
  6. Yang, T., Gentile, M., Shen, C. F., & Cheng, C. M. (2020). Combining point-of-care diagnostics and the Internet of medical things (IoMT) to combat the COVID-19 pandemic.
  7. Kumar, M., & Chand, S. (2020). A lightweight cloud-assisted identity-based anonymous authentication and critical agreement body area network. IEEE Systems Journal.
  8. Food and Drug Administration, HHS, "Design considerations and premarket submission recommendations for interoperable medical devices," Sept. 2017.
  9. Karmakar, K. K., Varadharajan, V., Tupakula, U., Nepal, S., & Thapa, C. (2020, June). Towards a Security Enhanced Virtualised Network Infrastructure for Internet of Medical Things (IoMT). In 2020 6th IEEE Conference on Network Softwarization (NetSoft) (pp. 257-261). IEEE.
  10. Sun, Y., Lo, F. P. W., & Lo, B. (2019). Security and privacy for the Internet of medical things enabled healthcare systems: A survey. IEEE Access, 7, 183339-183355. https://doi.org/10.1109/ACCESS.2019.2960617
  11. Angrishi, K. (2017). Turning Internet of things (IoT) into the Internet of vulnerabilities (iov): IoT botnets. arXiv preprint arXiv:1702.03681.
  12. X. Huang and S. Nazir, "Evaluating Security of Internet of Medical Things Using the" Security & Communication Networks, p. 15, 1 September 2020.
  13. Nazir, A., Sholla, S., & Bashir, A. (2019). Internet of Things Security: Issues, Challenges, and Countermeasures. International Journal of Network and Technology, 7(3).
  14. T. Y. Mahmoud, R., Yousuf, T., Aloul, F., & Zualkernan, I. (2015, December). Internet of things (IoT) security: Current status, challenges, and prospective measures. In 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST) (pp. 336-341). IEEE.
  15. Puat, H. A. M., & Abd Rahman, N. A. (2020, December). IoMT: A Review of Pacemaker Vulnerabilities and Security Strategy. In Journal of Physics: Conference Series (Vol. 1712, No. 1, p. 012009). IOP Publishing.]. https://doi.org/10.1088/1742-6596/1712/1/012009
  16. Yaacoub J.-P.A., Noura M., Noura H.N., Salman O., Yaacoub E. Securing internet of medical things systems: limitations, issues, and recommendations. Future Generation. Comput. Syst. 2020;105:581-606 https://doi.org/10.1016/j.future.2019.12.028
  17. Javdani, H.; Kashanian, H. Internet of things in medical applications with a service-oriented and security approach: A survey. Health Technol. 2018, 8, 39-50. ][ Altawy, R.; Youssef, A.M. Security Tradeoffs in Cyber-Physical Systems: A Case Study Survey on Implantable Medical Devices. IEEE Access 2016, 4, 959-979. https://doi.org/10.1007/s12553-017-0180-8
  18. Singh, J., & Abd Rahman, N. A. (2020). IoMT: A review of Open APS System Security for Type 1Diabetes Mellitus. Int J Cur Res Rev| Vol, 12(17), 93. https://doi.org/10.31782/ijcrr.2020.121721
  19. David D Coleman and David A Westcott. Cwna: certified wireless network administrator official study guide: exam Pw0-105. John Wiley & Sons, 2012.
  20. Daojing He, Sammy Chan, and Mohsen Guizani. Drone-assisted public safety networks: The security aspect. IEEE Communications Magazine, 55(8):218-223, 2017 https://doi.org/10.1109/MCOM.2017.1600799CM
  21. Chun-Wei Yang, Tzonelih Hwang, and Tzu-Han Lin. Modification attack on qsdc with authentication and the improvement. International Journal of Theoretical Physics, 52(7):2230-2234, 2013. https://doi.org/10.1007/s10773-013-1498-2
  22. Yao Liu, Peng Ning, and Michael K Reiter. False data injection attacks against state estimation in electric power grids. ACM Transactions on Information and System Security (TISSEC), 14(1):13, 2011.
  23. MdAshfaqur Rahmanand Hamed Mohsenian-Rad.False data injection attacks with incomplete information against intelligent power grids. In Global Communications Conference (GLOBECOM), 2012 IEEE, pages 3153-3158. Citeseer, 2012.
  24. Satish Vadlamani, Burak Eksioglu, Hugh Medal, and Apurba Nandi. Jamming attacks on wireless networks: A taxonomic survey. International Journal of Production Economics, 172:76-94, 2016. https://doi.org/10.1016/j.ijpe.2015.11.008
  25. Alejandro Proano and Loukas Lazos. Selective jamming attacks in wireless networks. In 2010 IEEE International Conference on Communications pages 1-6. IEEE, 2010.
  26. Kanika Grover, Alvin Lim, and Qing Yang. Jamming and anti-jamming techniques in wireless networks: a survey. International Journal of Ad Hoc and Ubiquitous Computing, 17(4):197-215, 2014. https://doi.org/10.1504/IJAHUC.2014.066419
  27. Zubair A Baig and Abdul-Raoof Amoudi. An analysis of clever grid attacks and countermeasures. Journal of Communications, 8(8):473- 479, 2013. https://doi.org/10.12720/jcm.8.8.473-479
  28. Harshita Harshita. Detection and prevention of ICMP flood DDoS attack. International Journal of New Technology and Research, 3(3), 2017.
  29. Mitko Bogdanoski, Tomislav Suminoski, and Aleksandar Risteski. Analysis of the syn flood dos attack. International Journal of Computer Network and Information Security (IJCNIS), 5(8):1-11, 2013.
  30. Yuquan Shan, George Kesidis, Daniel Fleck, and Angelos Stavrou. Preliminary study of fission defenses against low-volume dos attacks on proxied multiserver systems. In 2017 12th International Conference on Malicious and Unwanted Software (MALWARE), pages 67-74. IEEE, 2017.
  31. Chee-Wooi Ten, Govindarasu Manimaran, and Chen-Ching Liu. Cy- cybersecurity for critical infrastructures: Attack and defense modeling. IEEE Transactions on Systems, Man, and Cybernetics-Part A: Systems and Humans, 40(4):853-865, 2010. https://doi.org/10.1109/TSMCA.2010.2048028
  32. Emma McMahon, Ryan Williams, Malaka El, Sagar Samtani, Mark Patton, and Hsinchun Chen. Assessing medical device vulnerabilities on the Internet of things. In 2017 IEEE International Conference on Intelligence and Security Informatics (ISI), pages 176-178. IEEE, 2017.
  33. Pardeep Kumar and Hoon-Jae Lee. Security issues in healthcare applications using wireless medical sensor networks: A survey. Sensors, 12(1):55-91, 2012. https://doi.org/10.3390/s120100055
  34. Sarah Spiekermann. Ethical IT innovation: A value-based system design approach. Auerbach Publications, 2015.].
  35. Lukas Grunwald. New attacks against RFID systems. GmbH Germany, 2006.
  36. Junghyun Nam, Juryon Paik, H-K Kang, Ung Mo Kim, and Dongho Won. An offline dictionary attack on a simple three-party key exchange protocol. IEEE Communications Letters, 13(3):205-207, 2009. https://doi.org/10.1109/LCOMM.2009.081609
  37. Jung-Sik Cho, Sang-Soo Yeo, and Sung Kwon Kim. Securing against brute-force attack: A hash-based RFID mutual authentication protocol using a secret value. Computer communications, 34(3):391-397, 201 https://doi.org/10.1016/j.comcom.2010.02.029
  38. Mihir Bellare and Tadayoshi Kohno. Hash function balance and its impact on birthday attacks. In International Conference on the Theory and Applications of Cryptographic Techniques, pages 401-418. Springer, 2004
  39. J. Deogirikar and A. Vidhate. Security attacks in IoT: A survey. In 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics, and Cloud) (I-SMAC), pages 32-37, 2017.
  40. Nicolas Falliere, Liam O Murchu, and Eric Chien. W32. Stuxnet dossier. White paper, Symantec Corp., Security Response, 5(6):29, 2011.
  41. Sam Edwards and Ioannis Profetis. Hajime: Analysis of a decentralized internet worm for IoT devices. Rapidity Networks, 16, 2016.
  42. Evan Cooke, Farnam Jahanian, and Danny McPherson. The zombie roundup: Understanding, detecting, and disrupting botnets. SRUTI, 5:6- 6, 2005
  43. Solangi, Z. A., Solangi, Y. A., Chandio, S., bin Hamzah, M. S., & Shah, A. (2018, May). The future of data privacy and security concerns in Internet of Things. In 2018 IEEE International Conference on Innovative Research and Development (ICIRD)(pp. 1-4). IEEE.
  44. Rathnayake, R. M. P. H. K., Karunarathne, M. S., Nafi, N. S., & Gregory, M. A. (2018, November). Cloud enabled solution for privacy concerns in internet of medical things. In 2018 28th International Telecommunication Networks and Applications Conference (ITNAC) (pp. 1-4). IEEE.
  45. Dai, H. N., Imran, M., & Haider, N. (2020). Blockchain-enabled Internet of Medical Things to Combat COVID-19. IEEE Internet of Things Magazine, 3(3), 52-57. https://doi.org/10.1109/iotm.0001.2000087
  46. A lsubaei, F., Abuhussein, A., & Shiva, S. (2017, October). Security and privacy in the internet of medical things: taxonomy and risk assessment. In 2017 IEEE 42nd Conference on Local Computer Networks Workshops (LCN Workshops) (pp. 112-120). IEEE.
  47. Cano, M. D., & Canavate-Sanchez, A. (2020). Preserving data privacy in the internet of medical things using dual signature ECDSA. Security and Communication Networks, 2020.
  48. Harvey, P., Toutsop, O., Kornegay, K., Alale, E., & Reaves, D. (2020, December). Security and Privacy of Medical Internet of Things Devices for Smart Homes. In 2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS) (pp. 1-6). IEEE.
  49. Zhu, F., Li, P., Xu, H., & Wang, R. (2020). A Novel Lightweight Authentication Scheme for RFID-Based Healthcare Systems. Sensors, 20(17), 4846. https://doi.org/10.3390/s20174846
  50. Garg, N., Wazid, M., Das, A. K., Singh, D. P., Rodrigues, J. J., & Park, Y. (2020). BAKMP-IoMT: Design of blockchain enabled authenticated key management protocol for Internet of medical things deployment. IEEE Access, 8, 95956-95977. https://doi.org/10.1109/ACCESS.2020.2995917
  51. Yan, X., Geng, T., & Ding, H. (2014). Efficient cryptographic access control protocol for sensitive data management. Journal of Computers, 9(1), 222-228
  52. Wong, A. M. K., Hsu, C. L., Le, T. V., Hsieh, M. C., & Lin, T. W. (2020). Three-Factor Fast Authentication Scheme with Time Bound and User Anonymity for Multi-Server E-Health Systems in 5G-Based Wireless Sensor Networks. Sensors, 20(9), 2511. https://doi.org/10.3390/s20092511
  53. Chen, F., Luo, Y., Zhang, J., Zhu, J., Zhang, Z., Zhao, C., & Wang, T. (2018). An infrastructure framework for privacy protection of community medical internet of things. World Wide Web, 21(1), 33-57. https://doi.org/10.1007/s11280-017-0455-z
  54. Wazid, M., Das, A. K., Rodrigues, J. J., Shetty, S., & Park, Y. (2019). IoMT malware detection approaches: analysis and research challenges. IEEE Access, 7, 182459-182476 https://doi.org/10.1109/ACCESS.2019.2960412
  55. Wazid, M., Das, A. K., Rodrigues, J. J., Shetty, S., & Park, Y. (2019). IoMT malware detection approaches: analysis and research challenges. IEEE Access, 7, 182459-182476 https://doi.org/10.1109/ACCESS.2019.2960412
  56. Liaqat, S., Akhunzada, A., Shaikh, F. S., Giannetsos, A., & Jan, M. A. (2020). SDN orchestration to combat evolving cyber threats in Internet of Medical Things (IoMT). Computer Communications, 160, 697-705.] https://doi.org/10.1016/j.comcom.2020.07.006
  57. Alsubaei, F., Abuhussein, A., Shandilya, V., & Shiva, S. (2019). IoMT-SAF: Internet of medical things security assessment framework. Internet of Things, 8, 100123.] https://doi.org/10.1016/j.iot.2019.100123
  58. Bibi, N., Sikandar, M., Ud Din, I., Almogren, A., & Ali, S. (2020). IoMT-Based Automated Detection and Classification of Leukemia Using Deep Learning. Journal of healthcare engineering, 2020
  59. Papaioannou, M., Karageorgou, M., Mantas, G., Sucasas, V., Essop, I., Rodriguez, J., & Lymberopoulos, D. (2020). A survey on security threats and countermeasures in internet of medical things (IoMT). Transactions on Emerging Telecommunications Technologies, e4049