Experimental evaluation of a security layer implemented in a cardiac wearable device for the Internet of Medical Things
Abstract
There is a growing demand for new devices for medical applications due to the advancement of the Internet of Things in healthcare. This article aims to experimentally evaluate a security layer for a cardiac wearable designed to perform electrocardiogram exams in wireless and remote networks. Low computational cost algorithms for IoMT devices were analyzed in the scientific literature to improve the robustness against man-in-the-middle and eavesdropping attacks. Three algorithms were selected and implemented (AES-256 CBC, SPECK and CLEFIA). A series of load tests were applied to analyze the performance of the security layer of the chosen algorithms, observing the latency parameters and throughput variation in the transmission of the signals. All algorithms performed satisfactorily, demonstrating that adding a security layer to the IoMT device is feasible. However, the AES-256 CBC showed the best results, being the most suitable algorithm for a cardiac wearable security layer.
Keywords:
Security, IoMT, Cryptography, ECG, Wearable
References
Ahmed, M. and Barkat Ullah, A. S. S. M. (2018). False Data Injection Attacks in Healthcare. Communications in Computer and Information Science, v. 845, p. 192–202.
Al-Turjman, F., Nawaz, M. H. and Ulusar, U. D. (15 jan 2020). Intelligence in the Internet of Medical Things era: A systematic review of current and future trends. Computer Communications, v. 150, n. December 2019, p. 644–660.
Banik, S., Bogdanov, A., Regazzoni, F. (2016). Exploring Energy Efficiency of Lightweight Block Ciphers. In: Dunkelman, O., Keliher, L. (eds) Selected Areas in Cryptography – SAC 2015. SAC 2015. Lecture Notes in Computer Science, vol 9566. Springer, Cham. https://doi.org/10.1007/978-3-319-31301-6_10
Bhatia, H., Panda, S. N. and Nagpal, Di. (2020). Internet of Things and its Applications in Healthcare-A Survey. ICRITO 2020 - IEEE 8th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions), p. 305–310.
Buhrow, B., Riemer, P., Shea, M., Gilbert, B., Daniel, E. (2015). Block Cipher Speed and Energy Efficiency Records on the MSP430: System Design Trade-Offs for 16-Bit Embedded Applications. In: Aranha, D., Menezes, A. (eds) Progress in Cryptology - LATINCRYPT 2014. LATINCRYPT 2014. Lecture Notes in Computer Science, vol 8895. Springer, Cham. https://doi.org/10.1007/978-3-319-16295-9_6
Dang, V. B., Farahmand, F., Andrzejczak, M., et al. (2020). Implementation and Benchmarking of Round 2 Candidates in the NIST Post-Quantum Cryptography Standardization Process Using Hardware and Software/Hardware Co-design Approaches. Cryptology ePrint Archive,
Dutta, I. K., Ghosh, B. and Bayoumi, M. (2019). Lightweight cryptography for internet of insecure things: A survey. 2019 IEEE 9th Annual Computing and Communication Workshop and Conference, CCWC 2019, p. 475–481.
Firouzi, F., Rahmani, A. M., Mankodiya, K., et al. (2018). Internet-of-Things and big data for smarter healthcare: From device to architecture, applications and analytics. Future Generation Computer Systems, v. 78, p. 583–586.
Gandhi, D. A. and Ghosal, M. (2018). Intelligent Healthcare Using IoT: A Extensive Survey. Proceedings of the International Conference on Inventive Communication and Computational Technologies, ICICCT 2018, n. Icicct, p. 800–802.
Ghubaish, A., Salman, T., Zolanvari, M., et al. (2021). Recent Advances in the Internet-of-Medical-Things (IoMT) Systems Security. IEEE Internet of Things Journal, v. 8, n. 11, p. 8707–8718.
Hatzivasilis, G., Fysarakis, K., Papaefstathiou, I. and Manifavas, C. (2018). A review of lightweight block ciphers. Journal of Cryptographic Engineering, v. 8, n. 2, p. 141–184.
Hei, X., Du, X., Lin, S., Lee, I. and Sokolsky, O. (2015). Patient Infusion Pattern based Access Control Schemes for Wireless Insulin Pump System. IEEE Transactions on Parallel and Distributed Systems, v. 26, n. 11, p. 3108–3121.
Hickey, B. A., Chalmers, T., Newton, P., et al. (2021). Smart devices and wearable technologies to detect and monitor mental health conditions and stress: A systematic review. Sensors, v. 21, n. 10, p. 1–17.
Makarenko, I. ; Semushin, S.; Suhai, S.; Ahsan Kazmi,S. M.; Oracevic, A. and Hussain, R. "A Comparative Analysis of Cryptographic Algorithms in the Internet of Things," 2020 International Scientific and Technical Conference Modern Computer Network Technologies (MoNeTeC), 2020, pp. 1-8, doi: 10.1109/MoNeTeC49726.2020.9258156.
Jiang, D. and Shi, G. (2021). Research on Data Security and Privacy Protection of Wearable Equipment in Healthcare. Journal of Healthcare Engineering, v. 2021.
Keerthika, N., Rai, R. S., Iyswariya, A., et al. (2021). IoT Secure Framework for Wearable Sensor Data for E-health System. Proceedings of the 5th International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud), I-SMAC 2021, p. 211–215.
Meneghello, F., Calore, M., Zucchetto, D., Polese, M. and Zanella, A. (2019). IoT: Internet of Threats? A Survey of Practical Security Vulnerabilities in Real IoT Devices. IEEE Internet of Things Journal, v. 6, n. 5, p. 8182–8201.
Monteiro, A., Soares, A., José, A., et al. (2021). Diretriz para o Registro de Dados de Pacientes na vigência da Lei Geral de Proteção de Dados ( LGPD ). p. 1–11.
Morales, A. S., Ourique, F. D. O., & Cazella, S. C. (2021). A Comprehensive Review on the Challenges for Intelligent Systems Related with Internet of Things for Medical Decision. Enhanced Telemedicine and e-Health, 221-240.
Moses, J.C.; Adibi, S.; Angelova, M.; Islam, S.M.S. (2022). Smart Home Technology Solutions for Cardiovascular Diseases: A SystematicReview. Appl. Syst. Innov.,5, 51. https://doi.org/10.3390/asi5030051
Oliveira, G. M. M. De, Brant, L. C. C., Polanczyk, C. A., et al. (2020). Estatística Cardiovascular – Brasil 2020. Arquivos Brasileiros de Cardiologia, v. 115, n. 3, p. 308–439.
Ometov, A., Shubina, V., Klus, L., et al. (2021). A Survey on Wearable Technology: History, State-of-the-Art and Current Challenges. Computer Networks, v. 193, n. December 2020.
Papaioannou, M., Karageorgou, M., Mantas, G., et al. (2020). A Survey on Security Threats and Countermeasures in Internet of Medical Things (IoMT). Transactions on Emerging Telecommunications Technologies, n. June, p. 1–15.
Perwej, Y., Akhtar, N., Neha Kulshrestha and Mishra, P. (2022). A Methodical Analysis of Medical Internet of Things (MIoT) Security and Privacy in Current and Future Trends. Journal of Emerging Technologies and Innovative Research, v. 9, n. 1, p. d346–d371.
Prieto-Avalos, G., Cruz-Ramos, N. A., Alor-Hernández, G., Sánchez-Cervantes, J. L., Rodríguez-Mazahua, L., & Guarneros-Nolasco, L. R. (2022). Wearable Devices for Physical Monitoring of Heart: A Review. Biosensors, 12(5), 292. https://doi.org/10.3390/bios12050292
Qadri, Y. A., Nauman, A., Zikria, Y. Bin, Vasilakos, A. V. and Kim, S. W. (1 apr 2020). The Future of Healthcare Internet of Things: A Survey of Emerging Technologies. IEEE Communications Surveys and Tutorials, v. 22, n. 2, p. 1121–1167.
Qasaimeh, M.; Al-Qassas, R.S.; Ababneh, M. Software Design and Experimental Evaluation of a Reduced AES for IoT Applications. Future Internet 2021, 13, 273. https://doi.org/10.3390/fi13110273
Saba, T., Haseeb, K., Ahmed, I. and Rehman, A. (2020). Secure and energy-efficient framework using Internet of Medical Things for e-healthcare. Journal of Infection and Public Health, v. 13, n. January, p. 1567–1575.
Salem, O., Alsubhi, K., Shaafi, A., et al. (2022). Man-in-the-Middle Attack Mitigation in Internet of Medical Things. IEEE Transactions on Industrial Informatics, v. 18, n. 3, p. 2053–2062.
Sevin, A. and Mohammed, A. A. O. (2021). A survey on software implementation of lightweight block ciphers for IoT devices. Journal of Ambient Intelligence and Humanized Computing, n. 0123456789.
Stellios, I., Kotzanikolaou, P., Psarakis, M., Alcaraz, C. and Lopez, J. (2018). A survey of iot-enabled cyberattacks: Assessing attack paths to critical infrastructures and services. IEEE Communications Surveys and Tutorials, v. 20, n. 4, p. 3453–3495.
Strielkina, A., Kharchenko, V. and Uzun, D. (2018). Availability models for healthcare IoT systems: Classification and research considering attacks on vulnerabilities. Proceedings of 2018 IEEE 9th International Conference on Dependable Systems, Services and Technologies, DESSERT 2018, p. 58–62.
Thakor, V. A., Razzaque, M. A. and Khandaker, M. R. A. (2021). Lightweight Cryptography Algorithms for Resource-Constrained IoT Devices: A Review, Comparison and Research Opportunities. IEEE Access, v. 9, p. 28177–28193.
Thorat, C.G. and Inamdar, V.S. (2018), "Implementation of new hybrid lightweight cryptosystem", Applied Computing and Informatics, Vol. 16 No. 1/2, pp. 195-206. https://doi.org/10.1016/j.aci.2018.05.001
Trnka, M., Abdelfattah, A. S., Shrestha, A., Coffey, M. and Cerny, T. (2022). Systematic Review of Authentication and Authorization Advancements for the Internet of Things. Sensors, v. 22, n. 4, p. 1–24.
Vishnu, S. and Jino Ramson, S. R. (2021). An Internet of Things Paradigm: Pandemic Management (incl. COVID-19). Proceedings - International Conference on Artificial Intelligence and Smart Systems, ICAIS 2021, p. 1371–1375.
Wang, Z., Sun, P., Luo, N. and Guo, B. (2021). A Three-Party Mutual Authentication Protocol for Wearable IOT Health Monitoring System. Proceedings - 5th IEEE International Conference on Smart Internet of Things, SmartIoT 2021, p. 344–347.
Wu, T., Wu, F., Qiu, C., Redouté, J.-M. and Yuce, M. R. (2020). A Rigid-Flex Wearable Health Monitoring Sensor Patch for IoT-Connected Healthcare Applications. IEEE Internet of Things Journal, v. 7, n. 8, p. 6932–6945.
Yu, H. and Zhou, Z. (2021). Optimization of IoT-Based Artificial Intelligence Assisted Telemedicine Health Analysis System. IEEE Access, v. 9, p. 85034–85048.
Zakaria, H., Abu Bakar, N. A., Hassan, N. H. and Yaacob, S. (2019). IoT security risk management model for secured practice in healthcare environment. Procedia Computer Science, v. 161, p. 1241–1248.
Zheng, G., Shankaran, R., Yang, W., et al. (2019). A Critical Analysis of ECG-Based Key Distribution for Securing Wearable and Implantable Medical Devices. IEEE Sensors Journal, v. 19, n. 3, p. 1186–1198.
Zanon, V., Romancini, E., Ourique, F., and Morales, A. S. (2021). Dispositivo com Interface Vestível para a Aquisição, Processamento e Transmissão do Sinal Cardíaco em Exame de Eletrocardiograma. In Anais do XXI Simpósio Brasileiro de Computação Aplicada à Saúde, (pp. 48-59). Porto Alegre: SBC. doi:10.5753/sbcas.2021.16052
Zanon, V. R., Romancini, E. M. R., de Oliveira Ourique, F., and Morales, A. S. (2022). Wearable technology for electrocardiogram and vectocardiogram using the Dower Transformation. Journal of Health Informatics, 14(1).
Al-Turjman, F., Nawaz, M. H. and Ulusar, U. D. (15 jan 2020). Intelligence in the Internet of Medical Things era: A systematic review of current and future trends. Computer Communications, v. 150, n. December 2019, p. 644–660.
Banik, S., Bogdanov, A., Regazzoni, F. (2016). Exploring Energy Efficiency of Lightweight Block Ciphers. In: Dunkelman, O., Keliher, L. (eds) Selected Areas in Cryptography – SAC 2015. SAC 2015. Lecture Notes in Computer Science, vol 9566. Springer, Cham. https://doi.org/10.1007/978-3-319-31301-6_10
Bhatia, H., Panda, S. N. and Nagpal, Di. (2020). Internet of Things and its Applications in Healthcare-A Survey. ICRITO 2020 - IEEE 8th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions), p. 305–310.
Buhrow, B., Riemer, P., Shea, M., Gilbert, B., Daniel, E. (2015). Block Cipher Speed and Energy Efficiency Records on the MSP430: System Design Trade-Offs for 16-Bit Embedded Applications. In: Aranha, D., Menezes, A. (eds) Progress in Cryptology - LATINCRYPT 2014. LATINCRYPT 2014. Lecture Notes in Computer Science, vol 8895. Springer, Cham. https://doi.org/10.1007/978-3-319-16295-9_6
Dang, V. B., Farahmand, F., Andrzejczak, M., et al. (2020). Implementation and Benchmarking of Round 2 Candidates in the NIST Post-Quantum Cryptography Standardization Process Using Hardware and Software/Hardware Co-design Approaches. Cryptology ePrint Archive,
Dutta, I. K., Ghosh, B. and Bayoumi, M. (2019). Lightweight cryptography for internet of insecure things: A survey. 2019 IEEE 9th Annual Computing and Communication Workshop and Conference, CCWC 2019, p. 475–481.
Firouzi, F., Rahmani, A. M., Mankodiya, K., et al. (2018). Internet-of-Things and big data for smarter healthcare: From device to architecture, applications and analytics. Future Generation Computer Systems, v. 78, p. 583–586.
Gandhi, D. A. and Ghosal, M. (2018). Intelligent Healthcare Using IoT: A Extensive Survey. Proceedings of the International Conference on Inventive Communication and Computational Technologies, ICICCT 2018, n. Icicct, p. 800–802.
Ghubaish, A., Salman, T., Zolanvari, M., et al. (2021). Recent Advances in the Internet-of-Medical-Things (IoMT) Systems Security. IEEE Internet of Things Journal, v. 8, n. 11, p. 8707–8718.
Hatzivasilis, G., Fysarakis, K., Papaefstathiou, I. and Manifavas, C. (2018). A review of lightweight block ciphers. Journal of Cryptographic Engineering, v. 8, n. 2, p. 141–184.
Hei, X., Du, X., Lin, S., Lee, I. and Sokolsky, O. (2015). Patient Infusion Pattern based Access Control Schemes for Wireless Insulin Pump System. IEEE Transactions on Parallel and Distributed Systems, v. 26, n. 11, p. 3108–3121.
Hickey, B. A., Chalmers, T., Newton, P., et al. (2021). Smart devices and wearable technologies to detect and monitor mental health conditions and stress: A systematic review. Sensors, v. 21, n. 10, p. 1–17.
Makarenko, I. ; Semushin, S.; Suhai, S.; Ahsan Kazmi,S. M.; Oracevic, A. and Hussain, R. "A Comparative Analysis of Cryptographic Algorithms in the Internet of Things," 2020 International Scientific and Technical Conference Modern Computer Network Technologies (MoNeTeC), 2020, pp. 1-8, doi: 10.1109/MoNeTeC49726.2020.9258156.
Jiang, D. and Shi, G. (2021). Research on Data Security and Privacy Protection of Wearable Equipment in Healthcare. Journal of Healthcare Engineering, v. 2021.
Keerthika, N., Rai, R. S., Iyswariya, A., et al. (2021). IoT Secure Framework for Wearable Sensor Data for E-health System. Proceedings of the 5th International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud), I-SMAC 2021, p. 211–215.
Meneghello, F., Calore, M., Zucchetto, D., Polese, M. and Zanella, A. (2019). IoT: Internet of Threats? A Survey of Practical Security Vulnerabilities in Real IoT Devices. IEEE Internet of Things Journal, v. 6, n. 5, p. 8182–8201.
Monteiro, A., Soares, A., José, A., et al. (2021). Diretriz para o Registro de Dados de Pacientes na vigência da Lei Geral de Proteção de Dados ( LGPD ). p. 1–11.
Morales, A. S., Ourique, F. D. O., & Cazella, S. C. (2021). A Comprehensive Review on the Challenges for Intelligent Systems Related with Internet of Things for Medical Decision. Enhanced Telemedicine and e-Health, 221-240.
Moses, J.C.; Adibi, S.; Angelova, M.; Islam, S.M.S. (2022). Smart Home Technology Solutions for Cardiovascular Diseases: A SystematicReview. Appl. Syst. Innov.,5, 51. https://doi.org/10.3390/asi5030051
Oliveira, G. M. M. De, Brant, L. C. C., Polanczyk, C. A., et al. (2020). Estatística Cardiovascular – Brasil 2020. Arquivos Brasileiros de Cardiologia, v. 115, n. 3, p. 308–439.
Ometov, A., Shubina, V., Klus, L., et al. (2021). A Survey on Wearable Technology: History, State-of-the-Art and Current Challenges. Computer Networks, v. 193, n. December 2020.
Papaioannou, M., Karageorgou, M., Mantas, G., et al. (2020). A Survey on Security Threats and Countermeasures in Internet of Medical Things (IoMT). Transactions on Emerging Telecommunications Technologies, n. June, p. 1–15.
Perwej, Y., Akhtar, N., Neha Kulshrestha and Mishra, P. (2022). A Methodical Analysis of Medical Internet of Things (MIoT) Security and Privacy in Current and Future Trends. Journal of Emerging Technologies and Innovative Research, v. 9, n. 1, p. d346–d371.
Prieto-Avalos, G., Cruz-Ramos, N. A., Alor-Hernández, G., Sánchez-Cervantes, J. L., Rodríguez-Mazahua, L., & Guarneros-Nolasco, L. R. (2022). Wearable Devices for Physical Monitoring of Heart: A Review. Biosensors, 12(5), 292. https://doi.org/10.3390/bios12050292
Qadri, Y. A., Nauman, A., Zikria, Y. Bin, Vasilakos, A. V. and Kim, S. W. (1 apr 2020). The Future of Healthcare Internet of Things: A Survey of Emerging Technologies. IEEE Communications Surveys and Tutorials, v. 22, n. 2, p. 1121–1167.
Qasaimeh, M.; Al-Qassas, R.S.; Ababneh, M. Software Design and Experimental Evaluation of a Reduced AES for IoT Applications. Future Internet 2021, 13, 273. https://doi.org/10.3390/fi13110273
Saba, T., Haseeb, K., Ahmed, I. and Rehman, A. (2020). Secure and energy-efficient framework using Internet of Medical Things for e-healthcare. Journal of Infection and Public Health, v. 13, n. January, p. 1567–1575.
Salem, O., Alsubhi, K., Shaafi, A., et al. (2022). Man-in-the-Middle Attack Mitigation in Internet of Medical Things. IEEE Transactions on Industrial Informatics, v. 18, n. 3, p. 2053–2062.
Sevin, A. and Mohammed, A. A. O. (2021). A survey on software implementation of lightweight block ciphers for IoT devices. Journal of Ambient Intelligence and Humanized Computing, n. 0123456789.
Stellios, I., Kotzanikolaou, P., Psarakis, M., Alcaraz, C. and Lopez, J. (2018). A survey of iot-enabled cyberattacks: Assessing attack paths to critical infrastructures and services. IEEE Communications Surveys and Tutorials, v. 20, n. 4, p. 3453–3495.
Strielkina, A., Kharchenko, V. and Uzun, D. (2018). Availability models for healthcare IoT systems: Classification and research considering attacks on vulnerabilities. Proceedings of 2018 IEEE 9th International Conference on Dependable Systems, Services and Technologies, DESSERT 2018, p. 58–62.
Thakor, V. A., Razzaque, M. A. and Khandaker, M. R. A. (2021). Lightweight Cryptography Algorithms for Resource-Constrained IoT Devices: A Review, Comparison and Research Opportunities. IEEE Access, v. 9, p. 28177–28193.
Thorat, C.G. and Inamdar, V.S. (2018), "Implementation of new hybrid lightweight cryptosystem", Applied Computing and Informatics, Vol. 16 No. 1/2, pp. 195-206. https://doi.org/10.1016/j.aci.2018.05.001
Trnka, M., Abdelfattah, A. S., Shrestha, A., Coffey, M. and Cerny, T. (2022). Systematic Review of Authentication and Authorization Advancements for the Internet of Things. Sensors, v. 22, n. 4, p. 1–24.
Vishnu, S. and Jino Ramson, S. R. (2021). An Internet of Things Paradigm: Pandemic Management (incl. COVID-19). Proceedings - International Conference on Artificial Intelligence and Smart Systems, ICAIS 2021, p. 1371–1375.
Wang, Z., Sun, P., Luo, N. and Guo, B. (2021). A Three-Party Mutual Authentication Protocol for Wearable IOT Health Monitoring System. Proceedings - 5th IEEE International Conference on Smart Internet of Things, SmartIoT 2021, p. 344–347.
Wu, T., Wu, F., Qiu, C., Redouté, J.-M. and Yuce, M. R. (2020). A Rigid-Flex Wearable Health Monitoring Sensor Patch for IoT-Connected Healthcare Applications. IEEE Internet of Things Journal, v. 7, n. 8, p. 6932–6945.
Yu, H. and Zhou, Z. (2021). Optimization of IoT-Based Artificial Intelligence Assisted Telemedicine Health Analysis System. IEEE Access, v. 9, p. 85034–85048.
Zakaria, H., Abu Bakar, N. A., Hassan, N. H. and Yaacob, S. (2019). IoT security risk management model for secured practice in healthcare environment. Procedia Computer Science, v. 161, p. 1241–1248.
Zheng, G., Shankaran, R., Yang, W., et al. (2019). A Critical Analysis of ECG-Based Key Distribution for Securing Wearable and Implantable Medical Devices. IEEE Sensors Journal, v. 19, n. 3, p. 1186–1198.
Zanon, V., Romancini, E., Ourique, F., and Morales, A. S. (2021). Dispositivo com Interface Vestível para a Aquisição, Processamento e Transmissão do Sinal Cardíaco em Exame de Eletrocardiograma. In Anais do XXI Simpósio Brasileiro de Computação Aplicada à Saúde, (pp. 48-59). Porto Alegre: SBC. doi:10.5753/sbcas.2021.16052
Zanon, V. R., Romancini, E. M. R., de Oliveira Ourique, F., and Morales, A. S. (2022). Wearable technology for electrocardiogram and vectocardiogram using the Dower Transformation. Journal of Health Informatics, 14(1).
Published
2022-09-12
How to Cite
ZANON, Vinícius Rodrigues; ROMANCINI, Eliel M. Rocha; MANOEL, Bianca de Espindola; LAU, Jim; OURIQUE, Fabrício de O.; MORALES, Analúcia Schiaffino.
Experimental evaluation of a security layer implemented in a cardiac wearable device for the Internet of Medical Things. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 22. , 2022, Santa Maria.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2022
.
p. 97-110.
DOI: https://doi.org/10.5753/sbseg.2022.224659.
