Network Traffic Analysis of Medical Devices

TL;DR

This paper analyzes the network traffic of 8 medical devices to understand their unique traffic patterns, aiding in improved network management and security for healthcare environments.

Contribution

It provides a detailed characterization of network and Bluetooth traffic for multiple medical devices at both device and functionality levels.

Findings

Devices exhibit unique network traffic patterns.

Traffic analysis can inform security and management tools.

Bluetooth traffic characteristics vary across functionalities.

Abstract

The availability of medical devices such as glucose levels and blood pressure measuring devices is continuously increasing. These devices have gained user interest as they are easy to use. However, medical devices introduce extra complexity to the network by being numerous, heterogeneous, and more vulnerable to cyber-attacks. For better network management and overall network security, it is important to understand the network traffic characteristics of the devices. Thus, in this paper, we analyze in detail the traffic characteristics of 8 medical devices both at the device level and at the level of individual functionality of each device. We collect and share both network and Bluetooth traffic from a total of 51 functionalities of the devices. Our analysis includes different metrics such as protocols, amount of incoming/outgoing traffic, DNS queries, and analysis of traffic destinations. We observed that devices have unique network and Bluetooth traffic characteristics, that might be useful in developing networking tools for medical devices.