Security Analysis of the Masimo MightySat: Data Leakage to a Nosy Neighbor
Files
Date
2021-01-05
Contributor
Advisor
Department
Instructor
Depositor
Speaker
Researcher
Consultant
Interviewer
Narrator
Transcriber
Annotator
Journal Title
Journal ISSN
Volume Title
Publisher
Volume
Number/Issue
Starting Page
6893
Ending Page
Alternative Title
Abstract
Embedded technology known as the Internet of Things (IoT) has been integrated into everyday life, from the home, to the farm, industry, enterprise, the battlefield, and even for medical devices. With the increased use of networked devices comes an increased attack surface for malicious actors to gather and inject data, putting the privacy of users at risk. This research considers the Masimo MightySat fingertip pulse oximeter and the companion Masimo Professional Health app from a security standpoint, analyzing the Bluetooth Low Energy (BLE) communication from the device to the application and the data leakage between the two. It is found that with some analysis of a personally owned Masimo MightySat Rx through the use of an Ubertooth BLE traffic sniffer, static analysis of the HCI\_snoop.log and application data, and dynamic analysis of the app, data could be reasonably captured for another MightySat and interpret it to learn user health data.
Description
Keywords
Cellular and Wireless Networks, ble, bluetooth low energy, cybersecurity, internet of things, medical iot
Citation
Extent
8 pages
Format
Geographic Location
Time Period
Related To
Proceedings of the 54th Hawaii International Conference on System Sciences
Related To (URI)
Table of Contents
Rights
Attribution-NonCommercial-NoDerivatives 4.0 International
Rights Holder
Local Contexts
Collections
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.