Working in cybersecurity is fascinating and I am very happy with my job. However, when I talk about it, people tend to picture me like an old school computer hacker from the movies, trying to get into the FBI website or the CIA. Somebody like Boris Grishenko from 007’s Goldeneye. My work, though, is a bit different and, despite it involves a rather large amount of coding in Python, Java and Matlab, does not involve hacking into computers. I am actually quite bad with Linux environments and shell programming.

My work involves identifying new security vulnerabilities in low layers of cellular networks and determine whether proof of concept threats are, indeed, a threat. Also, to keep myself distracted and working in different new things, I also work on other projects involving data analysis and Android development. You can find out a bit more about my work here.

Anyhow, I am very interested in anything that is very hands on and also anything related to security of wireless systems. And if you combine both, I am even more interested. This is why I found this article specially interesting. I was already familiar with the vulnerabilities identified in insulin pumps and pace makers, but this looks to me like the first security system aiming to secure embedded devices. Very interesting.

From IEEE The Institute:

A team of professors and graduate students from Purdue University, in West Lafayette, Ind., and Princeton University recently developed a prototype firewall that could go a long way in warding off attacks.

The group includes Meng Zhang, an electrical engineering graduate student at Princeton; IEEE Fellow Anand Raghunathan, a professor of electrical and computer engineering at Purdue; and IEEE Fellow Niraj K. Jha, a professor of electrical engineering at Princeton.

The team was inspired to develop its prototype, Medmon, after researching the vulnerability of a variety of medical devices in 2011, including pacemakers, glucose-monitoring and insulin-delivery systems, neural implants, and so-called smart prosthetics. “Our work showed that these are surprisingly easy to hack,” Raghunathan says.

Developing Medmon was a challenge, according to the researchers. Unlike your computer, medical devices are more complicated when it comes to protection. “Unfortunately, many of the solutions that have been developed for other classes of computing platforms, such as servers, PCs, and mobile phones, cannot be used for medical devices due to the extreme computation and battery constraints,” Raghunathan says, “and because of the unique way medical appliances are used.”

Medmon works by monitoring all communications to and from wireless medical devices in its vicinity, using algorithms such as multilayered anomaly detection to spot malicious communications.

“It triggers response mechanisms that could warn the user or jam the malicious communication,” Raghunathan explains. “This is similar to how firewalls secure home or corporate computer networks, by identifying and blocking malicious traffic.”

In a test, the researchers used Medmon to protect against an attack on a diabetes patient’s system consisting of a glucose monitor and an insulin pump. Although the prototype still needs work, the team predicts several possibilities for it. Medmon could be built into a separate unit worn by a patient with a medical implant or a wearable device, Jha says, or it could be integrated into a mobile device such as a smartphone or watch. “But this will require us to significantly reduce the size of our prototype while increasing its energy efficiency,” he adds.

Advertisements