Detecting Data Manipulation Attacks on Physiological Sensor Measurements in Wearable Medical Systems

• Main Author: Cai, Hang
• Other Authors: Craig A. Shue, Committee Member
• Format: Others
• Published: Digital WPI 2018
• Subjects: Detection Data Manipulation Attacks Wearable Medical System
• Online Access: https://digitalcommons.wpi.edu/etd-dissertations/502; https://digitalcommons.wpi.edu/cgi/viewcontent.cgi?article=1494&context=etd-dissertations

Recent years have seen the dramatic increase of wearable medical systems (WMS) that have demonstrated promise for improving health monitoring and overall well-being. Ensuring that the data collected are secure and trustworthy is crucial. This is especially true in the presence of adversaries who want to mount data manipulation attacks on WMS, which aim to manipulate the sensor measurements with fictitious data that is plausible but not accurate. Such attacks force clinicians or any decision support system AI analyzing the WMS data, to make incorrect diagnosis and treatment decisions about the user’s health. Given that there are different possible vulnerabilities found in WMS that can lead to data manipulation attacks, we take a different angle by developing an attack-agnostic approach, called Signal Interrelationship CApture for Physiological-process (SICAP), to detect data manipulation attacks on physiological sensor measurements in a WMS. SICAP approach leverages the idea that different physiological signals in the user’s body driven by the same underlying physiological process (e.g., cardiac process) are inherently related to each other. By capturing the interrelationship patterns between the related physiological signals, it can detect if any signal is maliciously altered. This is because the incorrect user data introduced by adversaries will have interrelationship patterns that are uncharacteris- tic of the individual’s physiological process and hence quite different from the ones SICAP expects. We demonstrate the efficacy of our approach in detecting data manipulation attacks by building different detection solutions for two commonly measured physiological sensor measurements in a WMS environment – electrocardiogram and arterial blood pressure. The advantage of using this approach is that it allows for detection of data manipulation attacks by taking advantage of different types of physiological sensors, which already exist in typical WMS, thus avoiding the need of redundant sensors of the same type. Furthermore, SICAP approach is not designed to be stand-alone but provides the last line of defense for WMS. It is complementary to, and coexist with, any existing or future security solutions that may be introduced to protect WMS against data manipulation attacks.