Abstract
The COVID-19 epidemic has accelerated the deployment of remote healthcare monitoring with the overload of hospitals with patients requiring immediate care and oxygen therapy. To unload hospitals, several medical interventions have been postponed, and the places occupied by patients kept under monitoring have been freed up and replaced by remote monitoring. Some COVID-19 patients have been offered home oxygen therapy with remote monitoring using the Internet of Medical Things (IoMT). The medical data has stringent security requirements for exchanged data between connected objects. In this chapter, we propose a new framework to secure the collected data of healthcare monitoring using the Internet of Medical Things (IoMT). In spite of their deployment, these devices are vulnerable to several cyber-attacks, ranging from unauthorized access to private medical data to data modification and injection. These attacks can compromise the privacy of the monitored patient, reduce the reliability of the monitoring system, and may harm the life of monitored patient. In this chapter, we propose a new framework to detect attacks and secure the communications in IoMT. To prevent eavesdropping and modification attacks, we propose the Elliptic Curves Diffie-Hellman Ephemeral (ECDHE) to derive a session key used to provide confidentiality and authenticity. To detect injected measurements, flooding triggered by compromised devices and medical changes in physiological data, we applied the sequential change point detection algorithm Pruned Exact Linear Time (PELT) followed by a boxplot. Our experimental results show that our approach is able to increase the reliability and the accuracy of remote monitoring system, while reducing the false alarms triggered by injected measurements.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
J. Fiaidhi, S. Mohammed, Security and vulnerability of extreme automation systems: the IoMT and IoA case studies. IT Professional 21(4), 48–55 (2019)
G. Thamilarasu, A. Odesile, A. Hoang, An intrusion detection system for internet of medical things. IEEE Access 8, 181560–181576 (2020)
G. Hatzivasilis, O. Soultatos, S. Ioannidis, C. Verikoukis, G. Demetriou, C. Tsatsoulis, Review of security and privacy for the internet of medical things (IoMT), in 15th International Conference on Distributed Computing in Sensor Systems (DCOSS) (2019), pp. 457–464
D. Koutras, G. Stergiopoulos, T. Dasaklis, P. Kotzanikolaou, D. Glynos, C. Douligeris, Security in IoMT communications: a survey. Sensors 20(17), 4828 (2020)
Bluetooth SIG. Bluetooth Radio Versions. https://www.bluetooth.com/learn-about-bluetooth/radio-versions/, Last visited: February 2022
Australian Government Autralian Cyber Security Center. Information Security Manual. https://www.cyber.gov.au/sites/default/files/2022-03/22.%20ISM%20-%20Guidelines%20for%20Cryptography%20%28March%202022%29.pdf, March 2022
R. Killick, I. Eckley, changepoint: an R package for changepoint analysis. J. Statist. Softw. 58(3), 1–19 (2014)
S. Pallavi, V.A. Narayanan, An overview of practical attacks on BLE based IOT devices and their security, in 5th International Conference on Advanced Computing Communication Systems (ICACCS’19) (2019), pp. 694–698
S. Sevier, A. Tekeoglu, Analyzing the security of bluetooth low energy, in International Conference on Electronics, Information, and Communication (ICEIC’19) (2019), pp. 1–5
K. Ren, Bluetooth Pairing Part 3 – Low Energy Legacy Pairing Passkey Entry (2016). https://www.bluetooth.com/blog/bluetooth-pairing-passkey-entry/
K. Lounis, M. Zulkernine, Bluetooth low energy makes “Just Works” Not Work, in 3rd Cyber Security in Networking Conference (CSNet’19) (2019), pp. 99–106
M. Cominelli, P. Patras, F. Gringoli, One GPU to snoop them all: a full-band bluetooth low energy sniffer, in Mediterranean Communication and Computer Networking Conference (MedComNet’20) (2020), pp. 1–4
Wencheng Sun, Zhiping Cai, Yangyang Li, Fang Liu, Shengqun Fang, Guoyan Wang, “Security and Privacy in the Medical Internet of Things: A Review”, Security and Communication Networks, vol. 2018, Article ID 5978636, 9 pages, 2018. https://doi.org/10.1155/2018/5978636
T. Yaqoob, H. Abbas, M. Atiquzzaman, Security vulnerabilities, attacks, countermeasures, and regulations of networked medical devices – a review. IEEE Commun. Surv. Tutor. 21(4), 3723–3768 (2019)
H.A.M. Puat, N.A. Abd Rahman, IoMT: a review of pacemaker vulnerabilities and security strategy. J. Phys. Conf. Ser. 1712(1), 012009 (2020)
A. Lahmadi, A. Duque, N. Heraief, J. Francq, MitM attack detection in BLE networks using reconstruction and classification machine learning techniques, in 2nd Workshop on Machine Learning for Cybersecurity (MLCS’20) (2020), pp. 1–16
S.F. Aghili, H. Mala, M. Shojafar, P. Peris-Lopez, LACO: lightweight three-factor authentication, access control and ownership transfer scheme for e-health systems in IoT. Future Gener. Comput. Syst. 96, 410–424 (2019)
M.F. Ayub, M.A. Saleem, I. Altaf, K. Mahmood, S. Kumari, Fuzzy extraction and PUF based three party authentication protocol using USB as mass storage device. J. Inf. Secur. Appl. 55, 102585 (2020)
U. Gulen, S. Baktir, Elliptic curve cryptography for wireless sensor networks using the number theoretic transform. Sensors 20(5), 1507 (2020)
M.I. Ahmed, G. Kannan, Secure end to end communications and data analytics in IoT integrated application using IBM Watson IoT platform. Wirel. Personal Commun. 120, 1–16 (2021)
C. Truong, L. Oudre, N. Vayatis, Selective review of offline change point detection methods. Signal Process. 167, 107299 (2020)
G.J.J. van den Burg, C.K.I. Williams, An evaluation of change point detection algorithms. arXiv, abs/2003.06222 (2020)
S. Kovács, H. Li, P. Bühlmann, A. Munk, Seeded binary segmentation: A general methodology for fast and optimal change point detection (2020). Preprint arXiv:2002.06633
R. Killick, P. Fearnhead, I.A. Eckley, Optimal detection of changepoints with a linear computational cost. J. Amer. Statist. Assoc. 107(500), 1590–1598 (2012)
N. Yeung, J. Lai, J. Luo, Face off: Polarized public opinions on personal face mask usage during the covid-19 pandemic, in IEEE International Conference on Big Data (Big Data) (2020), pp. 4802–4810
D. Valdez, M. Ten Thij, K. Bathina, L.A. Rutter, J. Bollen, et al., Social media insights into us mental health during the covid-19 pandemic: longitudinal analysis of twitter data. J. Med. Int. Res. 22(12), e21418 (2020)
B. Hills, Machine in the Middle (MitM) BLE Attack (2020). https://www.blackhillsinfosec.com/machine-in-the-middle-mitm-ble-attack/
A. Paviglianiti, V. Randazzo, S. Villata, et al. A Comparison of Deep Learning Techniques for Arterial Blood Pressure Prediction. Cognitive computation (2021). https://doi.org/10.1007/s12559-021-09910-0, DOI: https://10.1007/s12559-021-09910-0, (EPUB). https://link.springer.com/content/pdf/10.1007/s12559-021-09910-0.pdf Open access paper.
A. Khamparia, R.H. Mondal, P. Podder, B. Bhushan, V.H.C. de Albuquerque, S. Kumar, Computational Intelligence for Managing Pandemics, vol. 5. (Walter de Gruyter GmbH & Co KG, Berlin, 2021)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Salem, O., Mehaoua, A. (2023). Ephemeral Elliptic Curve Diffie-Hellman to Secure Data Exchange in Internet of Medical Things. In: Daimi, K., Alsadoon, A., Peoples, C., El Madhoun, N. (eds) Emerging Trends in Cybersecurity Applications. Springer, Cham. https://doi.org/10.1007/978-3-031-09640-2_1
Download citation
DOI: https://doi.org/10.1007/978-3-031-09640-2_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-09639-6
Online ISBN: 978-3-031-09640-2
eBook Packages: Computer ScienceComputer Science (R0)