A framework to detect cyber-attacks against networked medical devices (Internet of Medical Things): an attack-surface-reduction by design approach

Sanaz Kavianpour, Bharanidharan Shanmugam, Ali Zolait, Abdul Razaq

Research output: Contribution to journalArticlepeer-review

39 Downloads (Pure)


The majority of medical devices in the healthcare system are not built-in security concepts. Hence, these devices' built-in vulnerabilities prone them to various cyber-attacks when connected to a hospital network or cloud. Attackers can penetrate devices, tamper, and disrupt services in hospitals and clinics, which results in patients' health and lives threatening. A specialist can Manage Cyber-attacks risks by reducing the system's attack surface. Attack surface analysis, either as a potential source for exploiting a potential vulnerability by attackers or as a medium to reduce cyber-attacks play a significant role in mitigating risks. Furthermore, it is necessitated to perform attack surface analysis in the design phase. This research proposes a framework, which integrates attack surface concepts into the design and development of medical devices. Devices are classified as high-risk, medium-risk, and low-risk. After risk assessment, the employed classification algorithm detects and analyzes the attack surfaces. Accordingly, the relevant adapted security controls will be prompted to hinder the attack. The simulation and evaluation of the framework is the subject of further research.
Original languageEnglish
Number of pages12
JournalInternational Journal of Computing and Digital Systems
Early online date25 Jul 2021
Publication statusE-pub ahead of print - 25 Jul 2021


  • Attack surface
  • Networked medial device
  • Risk assessment
  • Internet of Things
  • Cyber-attack

Cite this