ABSTRACT
Recently, smart medical devices have become preva-lent in remote monitoring of patients and the delivery of medication. The ongoing Covid-19 pandemic situation has boosted the upward trend of the popularity of smart medical devices in the healthcare system. Simultaneously, different device manufacturers and technologies compete for a share in a smart medical device's market, which forces the integration of diverse smart medical de-vices into a common healthcare ecosystem. Hence, modern unified healthcare communication systems (UHCSs) combine ISO/IEEE 11073 and Health Level Seven (HL7) communication standards to support smart medical devices' interoperability and their communication with healthcare providers. Despite their advantages in supporting various smart medical devices and communication technologies, these standards do not provide any security and suffer from vulnerabilities. Existing studies provide stand-alone security solutions to components of UHCSs and do not cover UHCSs holistically. In this paper, we perform a systematic threat analysis of UHCSs that relies on attack-defense tree (ADTree) formalisms. Considering the attack landscape and defense ecosys-tem, we build an ADTree for UHCSs and convert the ADTree to stochastic timed automata (STA) to perform quantitative analysis. Our analysis using UPPAAL SMC shows that the Man-in-the-Middle and unauthorized remote access attacks are the most probable attacks that a malicious entity could pursue, causing mistreatment to patients. We also extract valuable information about the top threats, the likelihood of performing different individual and simultaneous attacks, and the expected cost for attackers. © 2022 IEEE.
ABSTRACT
Emerging blockchain and cryptocurrency-based technologies are redefining the way we conduct business in cyberspace. Today, a myriad of blockchain and cryp-tocurrency systems, applications, and technologies are widely available to companies, end-users, and even malicious actors who want to exploit the computational resources of regular users through cryptojacking malware. Especially with ready-to-use mining scripts easily provided by service providers (e.g., Coinhive) and untraceable cryptocurrencies (e.g., Monero), cryptojacking malware has become an indispensable tool for attackers. Indeed, the banking industry, major commercial websites, government and military servers (e.g., US Dept. of Defense), online video sharing platforms (e.g., Youtube), gaming platforms (e.g., Nintendo), critical infrastructure resources (e.g., routers), and even recently widely popular remote video conferencing/meeting programs (e.g., Zoom during the Covid-19 pandemic) have all been the victims of powerful cryptojacking malware campaigns. Nonetheless, existing detection methods such as browser extensions that protect users with blacklist methods or antivirus programs with different analysis methods can only provide a partial panacea to this emerging crypto-jacking issue as the attackers can easily bypass them by using obfuscation techniques or changing their domains or scripts frequently. Therefore, many studies in the literature proposed cryptojacking malware detection methods using various dynamic/behavioral features. However, the literature lacks a systemic study with a deep understanding of the emerging cryptojacking malware and a comprehensive review of studies in the literature. To fill this gap in the literature, in this SoK paper, we present a systematic overview of cryptojacking malware based on the information obtained from the combination of academic research papers, two large cryptojacking datasets of samples, and 45 major attack instances. Finally, we also present lessons learned and new research directions to help the research community in this emerging area. © 2021 IEEE.