Detection of Active Attacks on Wireless IMDs Using Proxy Device and Localization Information

Abstract

Implantable Medical Devices (IMDs) are used to monitor and treat physiological conditions within the body. They communicate telemetry data to external reader/programmer device and receive control commands using wireless medium. Wireless communication for IMDs increases cost effectiveness, flexibility, ease of use and also enables remote configuration and monitoring. However, it makes the IMDs vulnerable to passive and active attacks. While passive attacks on IMDs can be addressed using encryption techniques, active attacks like replay, massage injection and MITM need more advanced techniques to be detected and prevented. In case of other wireless devices one can deal with these security issues by installing one or more security mechanisms, but the same cannot be applied to IMDs. This is due to their positioning inside human body which makes replacement and power charging extremely difficult, their miniaturization which makes them storage, processing and power scarce, their unusual access requirements during device or patient emergency and their incapability of renewing shared secrets. It is advisable to use the resources of IMDs for life critical medical care and minimalist communication. This leads to the implied option of using an external proxy device which can offload security related processing from IMDs. Therefore, to address the problem of active attacks, we propose use of RF-signal based localization technique which leverages multi-antenna Proxy Device to profile the directions at which reader/programmer signal arrives and use of triangulation techniques to construct a signature that uniquely distinguishes an authorized reader/programmer from unauthorized one.