Benessa Defend scite author profile

Abstract-Our study analyzes the security and privacy properties of an implantable cardioverter defibrillator (ICD). Introduced to the U.S. market in 2003, this model of ICD includes pacemaker technology and is designed to communicate wirelessly with a nearby external programmer in the 175 kHz frequency range. After partially reverse-engineering the ICD's communications protocol with an oscilloscope and a software radio, we implemented several software radio-based attacks that could compromise patient safety and patient privacy. Motivated by our desire to improve patient safety, and mindful of conventional trade-offs between security and power consumption for resourceconstrained devices, we introduce three new zero-power defenses based on RF power harvesting. Two of these defenses are humancentric, bringing patients into the loop with respect to the security and privacy of their implantable medical devices (IMDs). Our contributions provide a scientific baseline for understanding the potential security and privacy risks of current and future IMDs, and introduce human-perceptible and zero-power mitigation techniques that address those risks. To the best of our knowledge, this paper is the first in our community to use general-purpose software radios to analyze and attack previously unknown radio communications protocols.

show abstract

Privacy for Public Transportation

Heydt-Benjamin

Chae

Defend

et al. 2006

View full text Add to dashboard Cite

Cryptanalysis of Two Lightweight RFID Authentication Schemes

Defend

Juels³

2007

View full text Add to dashboard Cite

Vajda and Buttyán proposed several lightweight authentication protocols for authenticating RFID tags to readers, and left open the quantifiable cryptographic strength. Our cryptanalysis answers this open question by implementing and measuring attacks against their XOR and SUBSET protocols. A passive eavesdropper can impersonate a tag in the XOR protocol after observing only 70 challengeresponse transactions between the tag and reader.In contrast, the theoretical maximum strength of the XOR protocol could have required 16! * 2 observed transactions to break the key. Our experiments also show that a passive eavesdropper can recover the shared secret used in the XOR protocol by observing an expected 1,092 transactions. Additionally, a nearly optimal active attack against the SUBSET protocol extracts almost one bit of information for each bit emitted by the tag.

show abstract

Implementation of privacy-friendly aggregation for the smart grid

Defend¹,

Kursawe²

2013

View full text Add to dashboard Cite

Abstract. In recent years a number of protocols have been suggested towards privacy-preserving aggregation of smart meter data, allowing electricity network operators to perform a large part of grid maintenance and administrative operations without having to touch any privacy-sensitive data. In light of upcoming European legislation, this approach has gained quite some attention. However, to allow such protocols to have a chance to make it into a real system, it is vital to add credibility by demonstrating that the approach scales, is reasonably robust, and can be integrated into the existing and planned smart metering chains. This paper presents results from integration and scalability tests performed on 100 DLMS/COSEM smart meters in collaboration with a meter manufacturer and a Dutch utility. We outline the lessons learned and choices that had to be made to allow the protocols to run in a real system, as well as some privacy challenges that cannot be covered by this technology.

show abstract

Smart energy grid security workshop (SEGS'13)

Kursawe¹,

Defend²

2013

View full text Add to dashboard Cite

The Smart Energy Grid Security (SEGS) Workshop aims to foster innovative research and discussion about smart energy grid security and privacy challenges, issues, approaches, and solutions. SEGS publications offer perspectives from both academia and industry, and present novel research on theoretical and practical aspects of smart grid security and privacy, including design, analysis, experimentation, and fielded systems. SEGS also includes presentations from other communities, such as law, economics, and HCI, that present these communities' perspectives on technological issues. The scope of the workshop encompasses all aspects of the smart grid, including distribution, transmission, generation, metering, e-mobility, and integration of distributed energy resources.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Benessa Defend

Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses

Privacy for Public Transportation

Cryptanalysis of Two Lightweight RFID Authentication Schemes

Implementation of privacy-friendly aggregation for the smart grid

Smart energy grid security workshop (SEGS'13)

Contact Info

Product

Resources

About