Challenges in Medical Device Communication: A Review of Security and Privacy Concerns in Bluetooth Low Energy (BLE)

Terzidis, Michail; Mengidis, Notis; Rizos, Georgios; Mazi, Mariana S.; Milousi, Konstantina; Voulgaridis, Antonis; Votis, Konstantinos

Home // CYBER 2023, The Eighth International Conference on Cyber-Technologies and Cyber-Systems // View article

Challenges in Medical Device Communication: A Review of Security and Privacy Concerns in Bluetooth Low Energy (BLE)

Authors:
Michail Terzidis
Notis Mengidis
Georgios Rizos
Mariana S. Mazi
Konstantina Milousi
Antonis Voulgaridis
Konstantinos Votis

Keywords: Bluetooth; BLE; Internet of Things; IoT; Cybersecurity; Medical Devices.

Abstract:
The employment of medical devices and sensors in healthcare is growing rapidly each year, as their contribution in diagnosis and treatment is immeasurable. Given the paramount importance of security and privacy in the healthcare sector, the increasing number of devices in the industry also brings a rise in potential targets for exploitation and security misconfigurations. Most of these devices communicate using Bluetooth Low Energy (BLE), and despite BLE’s advantage in providing a communication protocol characterized by low energy consumption, an indispensable requirement for medical applications, its simplified protocol stack and general architecture render it susceptible to various security and privacy flaws. Consequently, a comprehensive analysis of the BLE protocol becomes imperative in order to assess the security aspects of medical devices thoroughly. Furthermore, this analysis aims to identify the most critical vulnerabilities and specific attacks targeting the Bluetooth protocol that necessitate mitigation and remediation.

Pages: 69 to 74

Copyright: Copyright (c) IARIA, 2023

Publication date: September 25, 2023

Published in: conference

ISSN: 2519-8599

ISBN: 978-1-68558-113-8

Location: Porto, Portugal

Dates: from September 25, 2023 to September 29, 2023