Abstract
A Continuous Glucose Monitoring System is a medical device that continuously monitors a patient’s blood glucose concentration, which is essential in the treatment of diabetes. Although such devices are increasingly used, their security has not been thoroughly studied. In this paper, we analyze a widely used wireless blood glucose monitor, the Dexcom G4. We practically demonstrate a series of security issues in this device that enable, amongst others, the tracking of a user and the forging of incorrect sensor readings. The attacks can be carried out at minimal cost using software-defined radio and
low-cost RF chipsets. Finally, we devise and practically implement an efficient protocol based on best practices and well-known crypto algorithms to mitigate the weaknesses we discovered.
low-cost RF chipsets. Finally, we devise and practically implement an efficient protocol based on best practices and well-known crypto algorithms to mitigate the weaknesses we discovered.
Original language | English |
---|---|
Title of host publication | Proceedings of the 11th USENIX Workshop on Offensive Technologies (WOOT '17) |
Publisher | USENIX Association |
Number of pages | 10 |
Publication status | Published - 14 Aug 2017 |
Event | WOOT '17, 11th USENIX Workshop on Offensive Technologies - Vancouver, Canada Duration: 14 Aug 2017 → 15 Aug 2017 |
Conference
Conference | WOOT '17, 11th USENIX Workshop on Offensive Technologies |
---|---|
Country/Territory | Canada |
City | Vancouver |
Period | 14/08/17 → 15/08/17 |