Behavior Rule Specification-Based Intrusion Detection for Safety Critical Medical Cyber Physical Systems

Robert Mitchell, Ing-Ray Chen
2015 IEEE Transactions on Dependable and Secure Computing  
We propose and analyze a behavior-rule specification-based technique for intrusion detection of medical devices embedded in a medical cyber physical system (MCPS) in which the patient's safety is of the utmost importance. We propose a methodology to transform behavior rules to a state machine, so that a device that is being monitored for its behavior can easily be checked against the transformed state machine for deviation from its behavior specification. Using vital sign monitor medical
more » ... as an example, we demonstrate that our intrusion detection technique can effectively trade false positives off for a high detection probability to cope with more sophisticated and hidden attackers to support ultra safe and secure MCPS applications. Moreover, through a comparative analysis, we demonstrate that our behavior-rule specificationbased IDS technique outperforms two existing anomaly-based techniques for detecting abnormal patient behaviors in pervasive healthcare applications.
doi:10.1109/tdsc.2014.2312327 fatcat:zxq4sedh25ff7ocwpp64d4tsmi