Please use this identifier to cite or link to this item:

Security Analysis of the Masimo MightySat: Data Leakage to a Nosy Neighbor

File Size Format  
0674.pdf 473.94 kB Adobe PDF View/Open

Item Summary

Title:Security Analysis of the Masimo MightySat: Data Leakage to a Nosy Neighbor
Authors:Long, Stephanie
Dill, Richard
Mullins, Barry
Keywords:Cellular and Wireless Networks
bluetooth low energy
internet of things
show 1 moremedical iot
show less
Date Issued:05 Jan 2021
Abstract:Embedded technology known as the Internet of Things (IoT) has been integrated into everyday life, from the home, to the farm, industry, enterprise, the battlefield, and even for medical devices. With the increased use of networked devices comes an increased attack surface for malicious actors to gather and inject data, putting the privacy of users at risk. This research considers the Masimo MightySat fingertip pulse oximeter and the companion Masimo Professional Health app from a security standpoint, analyzing the Bluetooth Low Energy (BLE) communication from the device to the application and the data leakage between the two. It is found that with some analysis of a personally owned Masimo MightySat Rx through the use of an Ubertooth BLE traffic sniffer, static analysis of the HCI\_snoop.log and application data, and dynamic analysis of the app, data could be reasonably captured for another MightySat and interpret it to learn user health data.
Pages/Duration:8 pages
Rights:Attribution-NonCommercial-NoDerivatives 4.0 International
Appears in Collections: Cellular and Wireless Networks

Please email if you need this content in ADA-compliant format.

This item is licensed under a Creative Commons License Creative Commons