

<strong>Paper Title</strong><br>

Enhancing Security in Implantable Medical Devices: A Proactive Framework for Data Protection<br>

<br>


<strong>Abstract</strong><br>

Cyber Security challenges associated with the unauthorized access and misuse of patients’ confidential information, and hack of intended medical device functionality, is becoming an alarming issue with regard to the security threats posed from the use of Implantable Medical Devices (IMDs). Current cyber security models like MITRE ATT& amp; CK, Zero Trust Architecture (ZTA), and other symmetric key encryption algorithms emphasize the need for network-based security as opposed to mitigating device- specific threats. These traditional models fail to mitigate device level vulnerabilities thus making IMDs open to Man-in-the- Middle (MITM) attacks along with unauthorized firmware changes and data tampering. This proposed research work aims to design a security mechanism that utilizes the combination of AES-GCM encryption, HMAC-based integrity authentication, and an attacker emulation environment capable of both exposing and shielding IMD data transmission gaps. The framework includes a secure sender component responsible for data encryption and integrity authentication, a receiver component for decrypting and verifying authenticity, and a simulation module designed to emulate man-in-the-middle (MITM) attacks for evaluating potential threats. Employing socket programming with implemented python cryptographic libraries, the system is executed on a cyber attack simulation environment to test its robustness. This research aims to develop a more robust and proactive defense strategy to reduce the risk of unauthorized data modifications or breaches during wireless transmissions. On a broader scale, the work aligns with and supports the objectives of the Sustainable Development Goal 3 focusing on good health and well-being by protecting life-affecting medical devices, providing confidentiality of the user&#39;s data, and strengthening the security of the healthcare systems.

Keywords - AES-GCM Encryption, Cyber Security in Healthcare, Healthcare Cyber Threats, HMAC Integrity Verification, Implantable Medical Devices (IMDs), Man-in-the-Middle (MITM) Attack, Medical Device Security, MITRE ATT&CK Framework, Wireless Transmission Security, and Zero Trust Architecture (ZTA).