Cyber security plays an important role in the modern smart hospital environment. In these environments, one of the key assets brought to attention are the medical devices. Cyber threats relating to medical devices may affect patient safety, privacy, and hospital operations. As these devices are relatively closed on the technical level, possibilities to collect log information about security incidents are limited. At the same time, a wide variety of data is needed to create comprehensive situation awareness of the cyber operating environment. Aware of these challenges, one interesting solution to gather medical device related sensor data are the honeypots. In this paper, honeypot technology is studied to support the situation awareness in medical device networks. Especially detection capabilities of the honeypot systems are considered from the perspective of challenges in technical visibility relating to medical devices. These capabilities focus on the sensor data that honeypots can provide in different attack phases. As a conclusion these metrics are summarized in the construction model, which can be applied to healthcare environment.
Jouni Ihanus, Tero Kokkonen, Timo Hämäläinen
Ihanus, J., Kokkonen, T., Hämäläinen, T. (2022). Modelling Medical Devices with Honeypots: A Conceptual Framework. In: Rocha, A., Adeli, H., Dzemyda, G., Moreira, F. (eds) Information Systems and Technologies. WorldCIST 2022. Lecture Notes in Networks and Systems, vol 468. Springer, Cham.
This research is partially funded by Cyber Security Network of Competence Centres for Europe (CyberSec4Europe) -project of the Horizon 2020 SU-ICT-03-2018 program.
The authors would like to thank Ms. Tuula Kotikoski for proofreading the manuscript.