Identifying and Modeling Security Threats for IoMT Edge Network using Markov Chain and Common Vulnerability Scoring System (CVSS) (2104.11580v1)

Abstract: In this work, we defined an attack vector for networks utilizing the Internet of Medical Things (IoMT) devices and compute the probability distribution of IoMT security threats based on Markov chain and Common Vulnerability Scoring System (CVSS). IoMT is an emerging technology that improves patients' quality of life by permitting personalized e-health services without restrictions on time and site. The IoMT consists of embedded objects, sensors, and actuators that transmit and receive medical data. These Medical devices are vulnerable to different types of security threats, and thus, they pose a significant risk to patient's privacy and safety. Because security is a critical factor for successfully merging IoMT into pervasive healthcare systems, there is an urgent need for new security mechanisms to prevent threats on the IoMT edge network. Toward this direction, the first step is defining an attack vector that an attacker or unauthorized user can take advantage of to penetrate and tamper with medical data. In this article, we specify a threat model for the IoMT edge network. We identify any vulnerabilities or weaknesses within the IoMT network that allow unauthorized privileges and threats that can utilize these weaknesses to compromise the IoMT edge network. Finally, we compute the probability distribution of IoMT threats based on the Markov transition probability matrix.