Skip to main content
SpringerLink
Log in

Modelling Medical Devices with Honeypots: A Conceptual Framework

  • Conference paper
  • First Online:
Information Systems and Technologies (WorldCIST 2022)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 468))

Included in the following conference series:

  • 990 Accesses

Abstract

Cyber security plays an important role in the modern smart hospital environment. In these environments, one of the key assets brought to attention are the medical devices. Cyber threats relating to medical devices may affect patient safety, privacy, and hospital operations. As these devices are relatively closed on the technical level, possibilities to collect log information about security incidents are limited. At the same time, a wide variety of data is needed to create comprehensive situation awareness of the cyber operating environment. Aware of these challenges, one interesting solution to gather medical device related sensor data are the honeypots. In this paper, honeypot technology is studied to support the situation awareness in medical device networks. Especially detection capabilities of the honeypot systems are considered from the perspective of challenges in technical visibility relating to medical devices. These capabilities focus on the sensor data that honeypots can provide in different attack phases. As a conclusion these metrics are summarized in the construction model, which can be applied to healthcare environment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 229.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 299.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Alharam, A.K., El-madany, W.: Complexity of cyber security architecture for IoT healthcare industry: a comparative study. In: 2017 5th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW), pp. 246–250 (2017). https://doi.org/10.1109/FiCloudW.2017.100

  2. Sanders, C.: Intrusion Detection Honeypots: Detection through Deception (2020)

    Google Scholar 

  3. Djenna, A., Eddine Saïdouni, D.: Cyber attacks classification in IoT-based-healthcare infrastructure. In: 2018 2nd Cyber Security in Networking Conference (CSNet), pp. 1–4 (2018). https://doi.org/10.1109/CSNET.2018.8602974

  4. Dogaru, D.I., Dumitrache, I.: Cyber security in healthcare networks. In: 2017 E-Health and Bioengineering Conference (EHB), pp. 414–417 (2017). https://doi.org/10.1109/EHB.2017.7995449

  5. Engel, G.: Deconstructing the cyber kill chain. https://www.darkreading.com/attacks-breaches/deconstructing-the-cyber-kill-chain/a/d-id/. Accessed 29 May 2021

  6. European Commission: Medical Devices (2020). https://ec.europa.eu/growth/sectors/medical-devices_en. Accessed 7 Nov 2020

  7. Fadlullah, Z.M., et al.: Combating against attacks on encrypted protocols. In: 2007 IEEE International Conference on Communications, pp. 1211–1216 (2007)

    Google Scholar 

  8. Fan, W., Du, Z., Fernández, D., Villagrá, V.A.: Enabling an anatomic view to investigate honeypot systems: a survey. IEEE Syst. J. 12(4), 3906–3919 (2018). https://doi.org/10.1109/JSYST.2017.2762161

    Article  Google Scholar 

  9. Forescout Research Labs: Connected Medical Device Security (2020). https://www.forescout.com/connected-medical-device-security-report/. Accessed 1 Apr 2021

  10. Forescout Technologies, Inc.: Putting Healthcare Security Under the Microscope (2019). https://www.forescout.com/company/resources/forescout-healthcare-report/. Accessed 20 Apr 2020

  11. Fowler, C., Goffin, M., Hill, B., Lamourine, R., Sovern, A.: An introduction to MITRE shield. Technical report (2020)

    Google Scholar 

  12. Fraley, J.B., Cannady, J.: The promise of machine learning in cybersecurity. In: SoutheastCon 2017, pp. 1–6 (2017). https://doi.org/10.1109/SECON.2017.7925283

  13. He, Y., Johnson, C.W.: Generic security cases for information system security in healthcare systems. In: 7th IET International Conference on System Safety, incorporating the Cyber Security Conference 2012, pp. 1–6 (2012). https://doi.org/10.1049/cp.2012.1507

  14. Hutchins, E., Cloppert, M., Amin, R.: Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. In: Leading Issues in Information Warfare and Security Research, vol. 1 (2011). Accessed 16 May 2021

    Google Scholar 

  15. Ihanus, J., Kokkonen, T.: Modelling medical devices with honeypots. In: NEW2AN/ruSMART -2020. LNCS, vol. 12525, pp. 295–306. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-65726-0_26

    Chapter  Google Scholar 

  16. Kovanen, T., David, G., Hämäläinen, T.: Survey: intrusion detection systems in encrypted traffic, pp. 281–293 (2016). https://doi.org/10.1007/978-3-319-46301-8-23

  17. Lee, J., Kim, J., Kim, I., Han, K.: Cyber threat detection based on artificial neural networks using event profiles. IEEE Access 7, 165607–165626 (2019). https://doi.org/10.1109/ACCESS.2019.2953095

    Article  Google Scholar 

  18. McMahon, E., Williams, R., El, M., Samtani, S., Patton, M.: Assessing medical device vulnerabilities on the Internet of Things, pp. 176–178 (2017). https://doi.org/10.1109/ISI.2017.8004903

  19. Nawrocki, M., Wählisch, M., Schmidt, T.C., Keil, C., Schönfelder, J.: A survey on honeypot software and data analysis. CoRR abs/1608.06249 (2016). http://arxiv.org/abs/1608.06249

  20. Palo Alto Networks: IoT Threat Report (2020). https://unit42.paloaltonetworks.com/ iot-threat-report-2020/. Accessed 3 May 2020

  21. Rajamäki, J., Nevmerzhitskaya, J., Virág, C.: Cybersecurity education and training in hospitals: proactive resilience educational framework (prosilience ef). In: 2018 IEEE Global Engineering Education Conference (EDUCON), pp. 2042–2046 (2018). https://doi.org/10.1109/EDUCON.2018.8363488

  22. Spanakis, E.G., et al.: Cyber-attacks and threats for healthcare - a multi-layer thread analysis. In: 2020 42nd Annual International Conference of the IEEE Engineering in Medicine Biology Society (EMBC), pp. 5705–5708 (2020). https://doi.org/10.1109/EMBC44109.2020.9176698

  23. Spitzner, L.: Honeypots: Tracking Hackers. Addison-Wesley Longman Publishing Co., Inc., USA (2002)

    Google Scholar 

  24. Strom, B.E., Applebaum, A., Miller, D.P., Nickels, K.C., Pennington, A.G., Thomas, C.B.: MITRE ATT&CKk: design and philosophy. Technical report (2018)

    Google Scholar 

  25. The European Union Agency for Network and Information Security (ENISA): Smart Hospitals, Security and Resilience for Smart Health Service and Infrastructures. Technical report (2016). https://doi.org/10.2824/28801

  26. The MITRE Corporation: MITRE ATTCK (2021). https://attack.mitre.org. Accessed 4 May 2021

  27. The MITRE Corporation: MITRE D3FEND (2021). https://d3fend.mitre.org. Accessed 7 Nov 2021

  28. TrapX Security, Inc.: Anatomy of an Attack: Medjack (Medical Device Hijack) (2015). https://trapx.com/trapx-labs-report-anatomy-of-attack-medical-device-hijack-medjack/. Accessed 29 Apr 2020

  29. U.S FDA: MAUDE Adverse Event Report: GE HEALTHCARE MACLAB (2013). https://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfMAUDE/Detail.CFM?MDRFOI__ID=3239402. Accessed 21 May 2020

  30. U.S FDA: MAUDE Adverse Event Report: MERGE HEALTHCARE MERGE HEMO PROGRAMMABLE DIAGNOSTIC COMPUTER (2016). https://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfmaude/detail.cfm?mdrfoi__id=5487204. Accessed 21 May 2020

  31. U.S FDA: Overview of Device Regulation, Medical Devices (2020). https://www.fda.gov/medical-devices/device-advice-comprehensive-regulatory-assistance/overview-device-regulation. Accessed 7 Nov 2020

  32. Vectra: Healthcare’s legacy infrastructure of unmanaged devices exposes a vulnerable attack surface (2019). https://www.vectra.ai/download/spotlight-report-on-healthcare-2019#form-download. Accessed 16 May 2020

  33. Xu, Y., Tran, D., Tian, Y., Alemzadeh, H.: Poster abstract: analysis of cyber-security vulnerabilities of interconnected medical devices. In: 2019 IEEE/ACM International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE), pp. 23–24 (2019)

    Google Scholar 

  34. Zeng, W., Germanos, V.: Modelling hybrid cyber kill chain (2019)

    Google Scholar 

  35. Zhang, L., Thing, V.L.L.: Three decades of deception techniques in active cyber defense – retrospect and outlook (2021)

    Google Scholar 

Download references

Acknowledgement

This research is partially funded by Cyber Security Network of Competence Centres for Europe (CyberSec4Europe) -project of the Horizon 2020 SU-ICT-03-2018 program. The authors would like to thank Ms. Tuula Kotikoski for proofreading the manuscript.

Author information

Authors and Affiliations

  1. Faculty of Information Technology, University of Jyväskylä, Jyväskylä, Finland

    Jouni Ihanus & Timo Hämäläinen

  2. Institute of Information Technology, JAMK University of Applied Sciences, Jyväskylä, Finland

    Tero Kokkonen

Authors
  1. Jouni Ihanus
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tero Kokkonen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Timo Hämäläinen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jouni Ihanus .

Editor information

Editors and Affiliations

  1. ISEG, Universidade de Lisboa, Lisbon, Portugal

    Alvaro Rocha

  2. College of Engineering, The Ohio State University, Columbus, OH, USA

    Hojjat Adeli

  3. Institute of Data Science and Digital Technologies, Vilnius University, Vilnius, Lithuania

    Gintautas Dzemyda

  4. DCT, Universidade Portucalense, Porto, Portugal

    Fernando Moreira

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ihanus, J., Kokkonen, T., Hämäläinen, T. (2022). Modelling Medical Devices with Honeypots: A Conceptual Framework. In: Rocha, A., Adeli, H., Dzemyda, G., Moreira, F. (eds) Information Systems and Technologies. WorldCIST 2022. Lecture Notes in Networks and Systems, vol 468. Springer, Cham. https://doi.org/10.1007/978-3-031-04826-5_15

Download citation

Publish with us

Policies and ethics

Search

Navigation