Fit and Vulnerable: Attacks and Defenses for a Health Monitoring Device

TL;DR

This paper uncovers security vulnerabilities in Fitbit devices through reverse engineering, demonstrating attacks and proposing a lightweight defense system called FitLock that minimally impacts device performance.

Contribution

The paper identifies specific security flaws in Fitbit, develops FitBite tools for exploiting these vulnerabilities, and introduces FitLock, a low-overhead defense mechanism.

Findings

Vulnerabilities enable attacks like eavesdropping, injection, and DoS.

FitLock reduces overhead to 2.4% on tested devices.

Attacks can lead to financial rewards.

Abstract

The fusion of social networks and wearable sensors is becoming increasingly popular, with systems like Fitbit automating the process of reporting and sharing user fitness data. In this paper we show that while compelling, the integration of health data into social networks is fraught with privacy and security vulnerabilities. Case in point, by reverse engineering the communication protocol, storage details and operation codes, we identified several vulnerabilities in Fitbit. We have built FitBite, a suite of tools that exploit these vulnerabilities to launch a wide range of attacks against Fitbit. Besides eavesdropping, injection and denial of service, several attacks can lead to rewards and financial gains. We have built FitLock, a lightweight defense system that protects Fitbit while imposing only a small overhead. Our experiments on BeagleBoard and Xperia devices show that FitLock's end-to-end overhead over Fitbit is only 2.4%.