{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,1]],"date-time":"2026-02-01T04:20:18Z","timestamp":1769919618366,"version":"3.49.0"},"reference-count":34,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2023,7,24]],"date-time":"2023-07-24T00:00:00Z","timestamp":1690156800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2023,7,24]],"date-time":"2023-07-24T00:00:00Z","timestamp":1690156800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Comput Virol Hack Tech"],"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Healthcare delivery organizations such as hospitals are complex infrastructures comprising a broad range of networked devices. They include connected medical devices which can deliver health care, support hospitals\u2019 operations, and can exchange patients\u2019 data over healthcare network protocols. Previous research has pointed out weaknesses in the implementations of some of these protocols, and demonstrated how they could be abused by malicious actors in hospitals. There are still other healthcare network protocols for which we have limited knowledge, and no security analysis can be found in the literature. This can represent an issue, as these technologies may also have vulnerabilities which could, if exploited, impact hospitals\u2019 operations and patients\u2019 data. For this reason, we investigate in this paper three healthcare protocols found in hospital networks: the <jats:italic>POCT1-A<\/jats:italic> and <jats:italic>LIS02-A<\/jats:italic> standards used by some point-of-care and laboratory devices, and the proprietary protocol <jats:italic>Data Export<\/jats:italic> used by some Philips patient monitors. We explain how to build a test lab to perform security research on medical devices, in which we demonstrate four attacks highlighting how the selected protocols can be abused. This research provides greater knowledge of threats relevant to healthcare delivery organizations, and helps to enhance network security monitoring capabilities such as intrusion detection systems. More specifically, signatures can be created to detect attacks on these protocols and datasets can be assembled to assist the development and testing of hospital-specific intrusion detection systems.<\/jats:p>","DOI":"10.1007\/s11416-023-00479-w","type":"journal-article","created":{"date-parts":[[2023,7,24]],"date-time":"2023-07-24T15:02:27Z","timestamp":1690210947000},"page":"301-314","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Demonstration of new attacks on three healthcare network protocols in a lab environment"],"prefix":"10.1007","volume":"20","author":[{"given":"Guillaume","family":"Dupont","sequence":"first","affiliation":[]},{"given":"Daniel","family":"dos Santos","sequence":"additional","affiliation":[]},{"given":"Stanislav","family":"Dashevskyi","sequence":"additional","affiliation":[]},{"given":"Sangavi","family":"Vijayakumar","sequence":"additional","affiliation":[]},{"given":"Sashaank P.","family":"Murali","sequence":"additional","affiliation":[]},{"given":"Elisa","family":"Costante","sequence":"additional","affiliation":[]},{"given":"Jerry","family":"den Hartog","sequence":"additional","affiliation":[]},{"given":"Sandro","family":"Etalle","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,7,24]]},"reference":[{"key":"479_CR1","doi-asserted-by":"publisher","unstructured":"O\u2019Brien, G., Edwards, S., Littlefield, K., McNab, N., Wang, S., Zheng, K.: Securing Wireless Infusion Pumps in Healthcare Delivery Organizations. Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg (2018). https:\/\/doi.org\/10.6028\/NIST.SP.1800-8","DOI":"10.6028\/NIST.SP.1800-8"},{"issue":"5","key":"479_CR2","doi-asserted-by":"publisher","first-page":"3810","DOI":"10.1109\/JIOT.2018.2849014","volume":"5","author":"A Gatouillat","year":"2018","unstructured":"Gatouillat, A., Badr, Y., Massot, B., Sejdic, E.: Internet of medical things: a review of recent contributions dealing with cyber-physical systems in medicine. IEEE Internet Things J. 5(5), 3810\u20133822 (2018). https:\/\/doi.org\/10.1109\/JIOT.2018.2849014","journal-title":"IEEE Internet Things J."},{"key":"479_CR3","unstructured":"McKee, D.: 80 to 0 in Under 5 Seconds: Falsifying a Medical Patient\u2019s Vitals. https:\/\/bit.ly\/3MDb70P. Accessed 12 Apr 2023 (2018)"},{"key":"479_CR4","volume-title":"Practical IoT Hacking","author":"F Chantzis","year":"2021","unstructured":"Chantzis, F., Stais, I., Calderon, P., Deirmentzoglou, E., Woods, B.: Practical IoT Hacking. No Starch Press, San Francisco (2021)"},{"key":"479_CR5","doi-asserted-by":"publisher","DOI":"10.1371\/journal.pone.0040200","author":"DB Kramer","year":"2012","unstructured":"Kramer, D.B., Baker, M., Ransford, B., Molina-Markham, A., Stewart, Q., Fu, K.: Security and privacy qualities of medical devices: an analysis of FDA postmarket surveillance. PLoS ONE (2012). https:\/\/doi.org\/10.1371\/journal.pone.0040200","journal-title":"PLoS ONE"},{"key":"479_CR6","doi-asserted-by":"publisher","unstructured":"Taylor, C.R., Venkatasubramanian, K., Shue, C.A.: Understanding the security of interoperable medical devices using attack graphs. In: 3rd International Conference on High Confidence Networked Systems. HiCoNS \u201914, pp. 31\u201340. Association for Computing Machinery, New York (2014). https:\/\/doi.org\/10.1145\/2566468.2566482","DOI":"10.1145\/2566468.2566482"},{"key":"479_CR7","unstructured":"Haselhorst, D.: HL7 Data Interfaces in Medical Environments: Attacking and Defending the Achille\u2019s Heel of Healthcare. Technical report, SANS (2017)"},{"key":"479_CR8","doi-asserted-by":"publisher","unstructured":"Rushanan, M., Rubin, A.D., Kune, D.F., Swanson, C.M.: SoK: security and privacy in implantable medical devices and body area networks. In: IEEE Symposium on Security and Privacy, pp. 524\u2013539 (2014). https:\/\/doi.org\/10.1109\/SP.2014.40","DOI":"10.1109\/SP.2014.40"},{"key":"479_CR9","unstructured":"Donovan, F.: Wireless Infusion Pumps Could Increase Cybersecurity Vulnerability. https:\/\/bit.ly\/3AVHTCD. Accessed 12 Apr 2023 (2018)"},{"key":"479_CR10","unstructured":"McKee, D., Laulheret, P.: McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump. https:\/\/bit.ly\/38fdQeY. Accessed 12 Apr 2023 (2021)"},{"key":"479_CR11","unstructured":"Mirsky, Y., Mahler, T., Shelef, I., Elovici, Y.: CT-GAN: Malicious tampering of 3D medical imagery using deep learning. In: 28th USENIX Security Symposium (USENIX Security 19), pp. 461\u2013478. USENIX Association, Santa Clara (2019)"},{"key":"479_CR12","doi-asserted-by":"publisher","first-page":"355","DOI":"10.1007\/978-3-030-58201-2_24","volume-title":"ICT Systems Security and Privacy Protection","author":"G Dupont","year":"2020","unstructured":"Dupont, G., dos Santos, D.R., Costante, E., den Hartog, J., Etalle, S.: A matter of life and death: analyzing the security of healthcare networks. In: H\u00f6lbl, M., Rannenberg, K., Welzer, T. (eds.) ICT Systems Security and Privacy Protection, pp. 355\u2013369. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-58201-2_24"},{"key":"479_CR13","doi-asserted-by":"crossref","unstructured":"Hindy, H., Brosset, D., Bayne, E., Seeam, A., Tachtatzis, C., Atkinson, R., Bellekens, X.: A Taxonomy of Network Threats and the Effect of Current Datasets on Intrusion Detection Systems. arXiv preprint arXiv:1806.03517 (2020)","DOI":"10.1109\/ACCESS.2020.3000179"},{"key":"479_CR14","unstructured":"Florek, C.: Medical Device Security, Part 2: How to Give Medical Devices a Security Checkup. https:\/\/bit.ly\/3s7Hlp4. Accessed 12 Apr 2023 (2019)"},{"key":"479_CR15","unstructured":"Health Level Seven International: HL7 Messaging Standard Version 2.9. https:\/\/bit.ly\/3PdtyYD. Accessed 12 Apr 2023 (2019)"},{"key":"479_CR16","unstructured":"Duggal, A.: Understanding HL7 2.X Standards, Pen Testing, and Defending HL7 2.X Messages. Black Hat US 2016. https:\/\/youtu.be\/MR7cH44fjrc (2016)"},{"key":"479_CR17","unstructured":"Dameff, C., Bland, M., Levchenko, K., Tully, J.: Pestilential Protocol: How Unsecure HL7 Messages Threaten Patient Lives. Black Hat US 2018. https:\/\/youtu.be\/66x3vfac8rA (2018)"},{"key":"479_CR18","unstructured":"NEMA: DICOM PS3.1 2022b\u2014Introduction and Overview. https:\/\/bit.ly\/3Nch8yF. Accessed 12 Apr 2023 (2022)"},{"key":"479_CR19","doi-asserted-by":"publisher","first-page":"252","DOI":"10.1007\/978-3-319-93354-2_12","volume-title":"Information Systems Security and Privacy","author":"M Peacock","year":"2018","unstructured":"Peacock, M., Johnstone, M.N., Valli, C.: An exploration of some security issues within the BACnet protocol. In: Mori, P., Furnell, S., Camp, O. (eds.) Information Systems Security and Privacy, pp. 252\u2013272. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-93354-2_12"},{"key":"479_CR20","unstructured":"Dunka, L.J., et al.: POCT01-A2\u2014Point-of-Care Connectivity, 2nd edn. Standard, Clinical and Laboratory Standards Institute (CLSI), Wayne (2006)"},{"key":"479_CR21","unstructured":"Mountain, P.J., et al.: LIS02-A2\u2014Specification for Transferring Information Between Clinical Laboratory Instruments and Information Systems, 2nd edn. Standard, Clinical and Laboratory Standards Institute (CLSI), Wayne (2004)"},{"key":"479_CR22","unstructured":"Philips: Data Export Interface Programming Guide. https:\/\/www.documents.philips.com\/doclib\/enc\/fetch\/2000\/4504\/577242\/577243\/577247\/582636\/582882\/X2%2C_MP%2C_MX_ &_FM_Series_Rel._L.0_Data_Export_Interface_Program._Guide_4535_645_88011_(ENG).pdf. Accessed 12 Apr 2023 (2015)"},{"issue":"5","key":"479_CR23","doi-asserted-by":"publisher","first-page":"262","DOI":"10.1016\/S1470-2045(19)30149-4","volume":"20","author":"KY Ngiam","year":"2019","unstructured":"Ngiam, K.Y., Khor, W.: Big data and machine learning algorithms for health-care delivery. Lancet Oncol 20(5), 262\u2013273 (2019)","journal-title":"Lancet Oncol"},{"key":"479_CR24","unstructured":"Schwarzschild, A., Goldblum, M., Gupta, A., Dickerson, J.P., Goldstein, T.: Just how toxic is data poisoning? A unified benchmark for backdoor and data poisoning attacks. In: International Conference on Machine Learning, pp. 9389\u20139398. PMLR (2021)"},{"key":"479_CR25","unstructured":"Siemens Healthcare Diagnostics: DCA Vantage Analyzer Host Computer Communications Link. https:\/\/bit.ly\/3HqAkWU. Accessed 12 Apr 2023 (2011)"},{"key":"479_CR26","unstructured":"MedlinePlus: Hemoglobin A1C (HbA1c) Test. https:\/\/bit.ly\/3up6FJV. Accessed 12 Apr 2023 (2021)"},{"key":"479_CR27","unstructured":"Heiland, D.: IoT Security Testing Methodology. https:\/\/bit.ly\/3umYVZ5. Accessed 12 Apr 2023 (2017)"},{"key":"479_CR28","unstructured":"HIMSS: 2019 HIMSS Cybersecurity Survey. https:\/\/bit.ly\/34v2q4u. Accessed 12 Apr 2023 (2019)"},{"key":"479_CR29","unstructured":"ISE: Securing Hospitals: A Research Study and Blueprint. https:\/\/bit.ly\/3GkFp1v. Accessed 12 Apr 2023 (2016)"},{"key":"479_CR30","doi-asserted-by":"publisher","unstructured":"Achleitner, S., La\u00a0Porta, T., McDaniel, P., Sugrim, S., Krishnamurthy, S.V., Chadha, R.: Cyber deception: virtual networks to defend insider reconnaissance. In: ACM 8th CCS International Workshop on Managing Insider Security Threats, pp. 57\u201368 (2016). https:\/\/doi.org\/10.1145\/2995959.2995962","DOI":"10.1145\/2995959.2995962"},{"key":"479_CR31","unstructured":"Shevchenko, N., Chick, T.A., O\u2019Riordan, P., Scanlon, T.P., Woody, C.: Threat Modeling: a Summary of Available Methods. Technical report, Carnegie Mellon University Software Engineering Institute Pittsburgh United-States (2018)"},{"key":"479_CR32","unstructured":"Karahasanovic, A., Kleberger, P., Almgren, M.: Adapting threat modeling methods for the automotive industry. In: 15th ESCAR Conference, pp. 1\u201310 (2017)"},{"key":"479_CR33","doi-asserted-by":"publisher","unstructured":"Martins, G., Bhatia, S., Koutsoukos, X., Stouffer, K., Tang, C., Candell, R.: Towards a systematic threat modeling approach for cyber-physical systems. In: Resilience Week (RWS), pp. 1\u20136. https:\/\/doi.org\/10.1109\/RWEEK.2015.7287428. IEEE (2015)","DOI":"10.1109\/RWEEK.2015.7287428"},{"key":"479_CR34","unstructured":"Siemens Healthcare Diagnostics: DCA Vantage Operator\u2019s Guide. https:\/\/bit.ly\/3Holjoo. Accessed 12 Apr 2023 (2012)"}],"container-title":["Journal of Computer Virology and Hacking Techniques"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-023-00479-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11416-023-00479-w\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-023-00479-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,4,18]],"date-time":"2024-04-18T18:12:25Z","timestamp":1713463945000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11416-023-00479-w"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,7,24]]},"references-count":34,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2024,6]]}},"alternative-id":["479"],"URL":"https:\/\/doi.org\/10.1007\/s11416-023-00479-w","relation":{},"ISSN":["2263-8733"],"issn-type":[{"value":"2263-8733","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,7,24]]},"assertion":[{"value":"20 May 2022","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"28 March 2023","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"24 July 2023","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors have no competing interests to declare that are relevant to the content of this article. The authors have no relevant financial or non-financial interests to disclose.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}]}}