心电数据变异性对可穿戴设备侧信道攻击成功率的影响

IF 2.2 3区 工程技术 Q3 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE
Pablo Perez-Tirador , Ruzica Jevtic , Carmen Cabezaolias , Teresa Romero , Abraham Otero , Gabriel Caffarena
{"title":"心电数据变异性对可穿戴设备侧信道攻击成功率的影响","authors":"Pablo Perez-Tirador ,&nbsp;Ruzica Jevtic ,&nbsp;Carmen Cabezaolias ,&nbsp;Teresa Romero ,&nbsp;Abraham Otero ,&nbsp;Gabriel Caffarena","doi":"10.1016/j.vlsi.2025.102385","DOIUrl":null,"url":null,"abstract":"<div><div>As the connectivity and number of health monitoring devices has increased dramatically in recent years, various security issues have become a serious threat to the integrity of patient data. Side-channel attacks are particularly dangerous for these devices because they do not rely on the mathematical complexity of the cryptographic algorithm, but instead exploit physical information leakage. In this work, we analyze electromagnetic and power side-channel attacks on portable electrocardiogram (ECG) monitoring devices. Unlike other work that uses random data, we analyze attacks based on real ECG data and show that the data distribution significantly affects the success rate of the attacks. We build a wearable ECG garment that records a single-lead ECG and sends it to a low-power microcontroller for encryption using AES. The results show that the first-round attack success rate is strongly influenced by the number of bits used to encrypt each ECG sample and the intensity level of the patient’s physical activity. More intense activity produces more artifacts in the ECG that increase the overall signal variability. An increase in variability generally results in an 86% reduction in the number of power samples required for an attack. The final attack also shows a dependence on input variability, but to a lesser extent. Input data with higher variability reduces the number of traces required for this attack by up to 50%, and the attack only becomes unsuccessful in the presence of extremely high levels of noise during the ECG recording. Based on these results, mitigation measures that exploit a change in signal variability are proposed.</div></div>","PeriodicalId":54973,"journal":{"name":"Integration-The Vlsi Journal","volume":"103 ","pages":"Article 102385"},"PeriodicalIF":2.2000,"publicationDate":"2025-02-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"The effect of ECG data variability on side-channel attack success rate in wearable devices\",\"authors\":\"Pablo Perez-Tirador ,&nbsp;Ruzica Jevtic ,&nbsp;Carmen Cabezaolias ,&nbsp;Teresa Romero ,&nbsp;Abraham Otero ,&nbsp;Gabriel Caffarena\",\"doi\":\"10.1016/j.vlsi.2025.102385\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>As the connectivity and number of health monitoring devices has increased dramatically in recent years, various security issues have become a serious threat to the integrity of patient data. Side-channel attacks are particularly dangerous for these devices because they do not rely on the mathematical complexity of the cryptographic algorithm, but instead exploit physical information leakage. In this work, we analyze electromagnetic and power side-channel attacks on portable electrocardiogram (ECG) monitoring devices. Unlike other work that uses random data, we analyze attacks based on real ECG data and show that the data distribution significantly affects the success rate of the attacks. We build a wearable ECG garment that records a single-lead ECG and sends it to a low-power microcontroller for encryption using AES. The results show that the first-round attack success rate is strongly influenced by the number of bits used to encrypt each ECG sample and the intensity level of the patient’s physical activity. More intense activity produces more artifacts in the ECG that increase the overall signal variability. An increase in variability generally results in an 86% reduction in the number of power samples required for an attack. The final attack also shows a dependence on input variability, but to a lesser extent. Input data with higher variability reduces the number of traces required for this attack by up to 50%, and the attack only becomes unsuccessful in the presence of extremely high levels of noise during the ECG recording. Based on these results, mitigation measures that exploit a change in signal variability are proposed.</div></div>\",\"PeriodicalId\":54973,\"journal\":{\"name\":\"Integration-The Vlsi Journal\",\"volume\":\"103 \",\"pages\":\"Article 102385\"},\"PeriodicalIF\":2.2000,\"publicationDate\":\"2025-02-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Integration-The Vlsi Journal\",\"FirstCategoryId\":\"5\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0167926025000422\",\"RegionNum\":3,\"RegionCategory\":\"工程技术\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Integration-The Vlsi Journal","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167926025000422","RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0

摘要

近年来,随着健康监测设备的连接和数量急剧增加,各种安全问题已经成为对患者数据完整性的严重威胁。侧信道攻击对这些设备来说尤其危险,因为它们不依赖于加密算法的数学复杂性,而是利用物理信息泄漏。在这项工作中,我们分析了便携式心电图(ECG)监测设备的电磁和功率侧信道攻击。与使用随机数据的其他研究不同,我们基于真实的心电数据分析攻击,并表明数据分布显著影响攻击的成功率。我们制造了一种可穿戴的ECG服装,可以记录单导联ECG并将其发送到低功耗微控制器,使用AES进行加密。结果表明,第一轮攻击成功率受到用于加密每个心电样本的比特数和患者身体活动强度的强烈影响。更强烈的活动在心电图中产生更多的伪影,从而增加了整体信号的可变性。可变性的增加通常会导致攻击所需的功率样本数量减少86%。最后的攻击也显示了对输入可变性的依赖,但程度较小。具有较高可变性的输入数据将这种攻击所需的迹线数量减少了多达50%,并且只有在ECG记录期间存在极高水平的噪声时,攻击才会失败。基于这些结果,提出了利用信号变率变化的缓解措施。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
The effect of ECG data variability on side-channel attack success rate in wearable devices
As the connectivity and number of health monitoring devices has increased dramatically in recent years, various security issues have become a serious threat to the integrity of patient data. Side-channel attacks are particularly dangerous for these devices because they do not rely on the mathematical complexity of the cryptographic algorithm, but instead exploit physical information leakage. In this work, we analyze electromagnetic and power side-channel attacks on portable electrocardiogram (ECG) monitoring devices. Unlike other work that uses random data, we analyze attacks based on real ECG data and show that the data distribution significantly affects the success rate of the attacks. We build a wearable ECG garment that records a single-lead ECG and sends it to a low-power microcontroller for encryption using AES. The results show that the first-round attack success rate is strongly influenced by the number of bits used to encrypt each ECG sample and the intensity level of the patient’s physical activity. More intense activity produces more artifacts in the ECG that increase the overall signal variability. An increase in variability generally results in an 86% reduction in the number of power samples required for an attack. The final attack also shows a dependence on input variability, but to a lesser extent. Input data with higher variability reduces the number of traces required for this attack by up to 50%, and the attack only becomes unsuccessful in the presence of extremely high levels of noise during the ECG recording. Based on these results, mitigation measures that exploit a change in signal variability are proposed.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Integration-The Vlsi Journal
Integration-The Vlsi Journal 工程技术-工程:电子与电气
CiteScore
3.80
自引率
5.30%
发文量
107
审稿时长
6 months
期刊介绍: Integration''s aim is to cover every aspect of the VLSI area, with an emphasis on cross-fertilization between various fields of science, and the design, verification, test and applications of integrated circuits and systems, as well as closely related topics in process and device technologies. Individual issues will feature peer-reviewed tutorials and articles as well as reviews of recent publications. The intended coverage of the journal can be assessed by examining the following (non-exclusive) list of topics: Specification methods and languages; Analog/Digital Integrated Circuits and Systems; VLSI architectures; Algorithms, methods and tools for modeling, simulation, synthesis and verification of integrated circuits and systems of any complexity; Embedded systems; High-level synthesis for VLSI systems; Logic synthesis and finite automata; Testing, design-for-test and test generation algorithms; Physical design; Formal verification; Algorithms implemented in VLSI systems; Systems engineering; Heterogeneous systems.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信