Skip to main content
USENIX
  • Conferences
  • Students
Sign in
  • Home
  • Attend
    • Registration Information
    • Registration Discounts
    • Venue, Hotel, and Travel
    • Students and Grants
    • Co-located Workshops
  • Program
    • Workshop Program
  • Sponsorship
  • Participate
    • Instructions for Authors and Speakers
    • Call for Papers
  • About
    • Workshop Organizers
    • Questions
    • Services
    • Past Workshops
  • Home
  • Attend
  • Program
  • Sponsorship
  • Participate
  • About

help promote

WOOT '16 button

connect with us


  •  Twitter
  •  Facebook
  •  LinkedIn
  •  Google+
  •  YouTube

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home » This Ain't Your Dose: Sensor Spoofing Attack on Medical Infusion Pump
Tweet

connect with us

This Ain't Your Dose: Sensor Spoofing Attack on Medical Infusion Pump

Authors: 

Youngseok Park, Yunmok Son, Hocheol Shin, Dohyun Kim, and Yongdae Kim, Korea Advanced Institute of Science and Technology (KAIST)

Abstract: 

Sensors measure physical quantities of the environment for sensing and actuation systems, and are widely used in many commercial embedded systems such as smart devices, drones, and medical devices because they offer convenience and accuracy. As many sensing and actuation systems depend entirely on data from sensors, these systems are naturally vulnerable to sensor spoofing attacks that use fabricated physical stimuli. As a result, the systems become entirely insecure and unsafe.

In this paper, we propose a new type of sensor spoofing attack based on saturation. A sensor shows a linear characteristic between its input physical stimuli and output sensor values in a typical operating region. However, if the input exceeds the upper bound of the operating region, the output is saturated and does not change as much as the corresponding changes of the input. Using saturation, our attack can make a sensor to ignore legitimate inputs. To demonstrate our sensor spoofing attack, we target two medical infusion pumps equipped with infrared (IR) drop sensors to control precisely the amount of medicine injected into a patients’ body. Our experiments based on analyses of the drop sensors show that the output of them could be manipulated by saturating the sensors using an additional IR source. In addition, by analyzing the infusion pumps’ firmware, we figure out the vulnerability in the mechanism handling the output of the drop sensors, and implement a sensor spoofing attack that can bypass the alarm systems of the targets. As a result, we show that both over-infusion and under-infusion are possible: our spoofing attack can inject up to 3.33 times the intended amount of fluid or 0.65 times of it for a 10 minute period.

Youngseok Park, Korea Advanced Institute of Science and Technology (KAIST)

Yunmok Son, Korea Advanced Institute of Science and Technology (KAIST)

Hocheol Shin, Korea Advanced Institute of Science and Technology (KAIST)

Dohyun Kim, Korea Advanced Institute of Science and Technology (KAIST)

Yongdae Kim, Korea Advanced Institute of Science and Technology (KAIST)

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {198480,
author = {Youngseok Park and Yunmok Son and Hocheol Shin and Dohyun Kim and Yongdae Kim},
title = {This Ain{\textquoteright}t Your Dose: Sensor Spoofing Attack on Medical Infusion Pump},
booktitle = {10th {USENIX} Workshop on Offensive Technologies ({WOOT} 16)},
year = {2016},
address = {Austin, TX},
url = {https://www.usenix.org/conference/woot16/workshop-program/presentation/park},
publisher = {{USENIX} Association},
month = aug,
}
Download
Park PDF
View the slides
  • Log in or    Register to post comments

© USENIX

  • Privacy Policy
  • Conference Policies
  • Contact Us