University of Illinois Urbana-Champaign

A demonstration of holes in the unified security in the internet of medical things

Battista, Jude

Permalink

https://hdl.handle.net/2142/132606

Description

Title
A demonstration of holes in the unified security in the internet of medical things
Author(s)
Battista, Jude
Issue Date
2025-12-12
Director of Research (if dissertation) or Advisor (if thesis)
Nahrstedt, Klara
Department of Study
Siebel School Comp & Data Sci
Discipline
Computer Science
Degree Granting Institution
University of Illinois Urbana-Champaign
Degree Name
M.S.
Degree Level
Thesis
Keyword(s)
  • Internet of Medical Things
  • Security
  • Privacy
Abstract
The internet of medical things (IoMT) is a subset of the internet of things focused on medical devices. Its ecosystem is comprised of everything from disposable wearable devices that cost tens or hundreds of USD to hospital equipment worth thousands of USD. As with virtually every facet of the modern world, these devices are becoming increasingly networked. With this growth comes an expanded attack surface: rather than needing to access a physician’s office or a hospital room to steal a patient’s medical information or change the settings on an infusion pump, an adversary can now take advantage of remote access capabilities to launch an attack from anywhere with internet access. While IoMT devices inherit the intrinsic vulnerabilities of their more generic IoT brethren, also they have their unique concerns, including the sensitivity of medical data, and potential health impact of device exploitation, making it crucial to ensure the security of each device and its communications. Because of their limited size and compute capacity, in situ analysis is often difficult or impossible. Many of these devices are designed for short lifespans, making firmware updates unnecessary. Without channels intended for software delivery, simply obtaining copies of the firmware for external analysis can be a challenge in its own right. This thesis examines the threats to IoMT devices and investigates tools and tactics to analyze both device and data security. To achieve this, we develop a taxonomy of cybersecurity threats, examine a swatch of available reconnaissance tools, explore both simulation and emulation options, and analyze devices from opposite ends of the IoMT spectrum.
Graduation Semester
2025-12
Type of Resource
Thesis
Handle URL
https://hdl.handle.net/2142/132606
Copyright and License Information
Copyright 2025 Jude Battista

Owning Collections

Graduate Dissertations and Theses at Illinois PRIMARY
Graduate Theses and Dissertations at Illinois