Securing Wireless Neurostimulators [2018]

-
[This post based on the Securing Wireless Neurotransmitters, Marin et al., 2018]

How can we make sure Brain-Computer Interfaces (BCIs) don't get hacked?

A brain implant is a huge security risk. Currently, an attacker who successfully hacks such an implant could gain total control over a patient's life. In the future, if/when BCIs are able to read and write neural data at the thought level, a hacker could literally rewrite someone's thoughts, memories, and beliefs by compromising a target's BCI. The paper we discuss here proposes a method for securing current neurostimulators, with applications to all current and future wireless medical devices and BCIs. 

Executed Hack

Other researchers have already demonstrated that the implanted medical devices used for treating conditions like diabetes or irregular heartbeats are vulnerable to attack, and for the first time, this study demonstrated attacks on a device implanted in the brain. The researchers were able to carry out a broad array of attacks on the device, including delivering arbitrary messages to it, remotely reading its output data, and rapidly depleting its battery using a DoS attack.

The researchers' setup was simple and cheap, consisting solely of a laptop, antennas (for communicating with the device), and a USB-6351 DAQ (to connect the antennas to the laptop). This setup monitored the transmissions between the neurostimulator and its controller to obtain the necessary data to reverse-engineer the stimulator-controller communication protocol. After successfully deducing the message format and phases of a communication (initialization, reprogramming, and termination), the researchers moved on to executing four types of attacks:

  1. Replay: Using valid, intercepted transmissions over again to modify the neurostimulator.
  2. Spoofing: Sending arbitrary messages to the neurostimulator. 
  3. Privacy: Intercepting communications to learn medical details, or even using the unique serial number as a way to track the patient physically.
  4. DoS: Sending many messages to deplete stimulator resources quickly. 
The main takeaway from this portion of the study is that, even with limited resources, the neurostimulator was fairly easy to hack, and the successful hacks compromised essentially every part of the device. Given that this device has direct neural access, such poor security is extremely concerning.

Solution

Fortunately, the researchers were able to use this experience to devise an effective way for securing wireless neurotransmitters, taking into account the unique constraints these medical devices have (e.g., low resource availability and emergency access requirements). 

Their solution is designed to protect against a strong adversary that can be close to the patient for as much as a few seconds and can "eavesdrop or jam the wireless channel, as well as modify, replay, or forge messages." The three parts of the solution are as follows: 
  1. Key Generation: A "128-bit symmetric key" is generated independently for each session, using the brain's local field potentials as an entropy source. 
  2. Key Transport: The device programmer is placed on the skin directly above the neurostimulator to transmit the key using minimal power (<1mV). Experiments at a distance of "3 meters to a few centimeters" found eavesdropping remotely on this low-power communication was impossible.
  3. Secure Data Exchange: A new message format that adds a counter field (to prevent replay attacks) and a 64-bit Message Authentication Code (MAC) to verify the sender was created. Since cryptographic energy costs are minimal compared to communication energy costs, no special encryption scheme beyond what already exists is needed.
Taken together, these elements form a solution that is practical, effective, and secure for resource-constrained wireless medical devices.

Applications & Conclusion

In addition to securing neurostimulators, other wireless medical devices implanted in or attached to the body that are controlled wirelessly -- like some insulin pumps -- can be properly secured. In industry, companies developing bi-directional BCIs (like Neuralink) are in particular need of a secure architecture like the one the researchers designed. Otherwise, the danger posed by an attacker's being able to arbitrarily read/write data (i.e., memories) to a brain will render such devices entirely unusable, and the advances BCIs promise will remain out of reach.

Sources

Comments

  1. AnonymousMarch 17, 2022 at 6:03 AM

    Casino king - Casino in Jordan - Airjordan21 Retro
    Casino king - Casino in Jordan. Airjordan21 how can i order air jordan 18 retro varsity red Retro. air jordan 18 stockx from my site Find all 꽁머니홍보 about the 실시간 라이브 스코어 games, equipment, accessories jordan 18 white royal blue online site and gaming experience!

    ReplyDelete

Post a Comment

Popular posts from this blog

Neuralink White Paper [2019]

-
[Elon Musk & Neuralink's "An Integrated Brain-Machine Interface Platform With Thousands Of Channels"  inspires this post.] What is Neuralink's primary goal, and what have they done to achieve it? Neuralink's primary goal is to make a high-bandwidth, high-resolution brain computer interface that is also highly scalable and suitable for chronic implantation. While each of the four components of this goal -- bandwidth, resolution, scaling, longevity -- is difficult on its own, Neuralink has made significant progress on each one over the last few years. This post will summarize what Neuralink has achieved in each category, according to their published paper (note: apparently even more has happened than just what they've publicly announced). Bandwidth The very high electrode density in Neuralink's device requires a very high bandwidth transmission interface. Even the USB-C interface (which can carry up to 40Gb/s) discussed in the paper, isn't fast...
Read more

BCIH: "Bidirectional Neural Interfaces" [Chp. 37]

-
[This post based on the  Brain-Computer Interfaces Handbook, Chapter 37 ] What is a bi-directional brain-computer interface? Bi-directional brain-computer interfaces (BCIs) are BCIs that can both read and write data from the brain. For example, a bi-directional BCI might read motor data from the brain to control a prosthetic arm, and then write sensory data back to the brain about where that prosthetic is in space. Bi-directional BCIs can be divided into their afferent (write) and efferent (read) elements, modeled after afferent and efferent neurons in the body: A fferent Neurons: A ssimilate  information in the brain by sending info towards the Central Nervous System (CNS). E fferent Neurons: E xport  information away from the brain/CNS and towards the rest of the body. Thus, in the example above, the afferent element is the sensory data about where the prosthetic is in space, and the efferent element is the motor data that controls the prosthetic arm's ...
Read more

BCIH: "Introduction (BCI Basics)" [Chp. 1 Sec. 1]

-
Image
[This post based on the  Brain-Computer Interfaces Handbook, Section 1.1 ] Why are Brain-Computer Interfaces (BCIs) important, and how do we classify them?  BCIs enable humans to affect the world in ways other than physical movements by providing new output pathways. These new 'output pathways' can enable us to restore lost functions to patients with neural damage, as well as provide new capabilities to healthy users. One example of how these new output pathways can be used is this  2015 study in which a BCI was used to control a quadcopter. An analysis of that BCI based on the classification criteria presented here is at the end of this post. Usually, BCIs use the following pipeline to read and understand data: In this post, we'll analyze how we classify BCIs based on the first two steps of that pipeline. Step 1 For the first step (Brain Activity Pattern Generation), there are two main classes of how the BCI affects the brain activity generation step: Act...
Read more