Malware on Drugs: Detecting Misbehaving Drug-delivering Medical Devices at the A2Y.asm Computer Security Conference
Infusion pumps are computerized medical devices that deliver drugs directly to a patient's blood stream. These devices are uniquely vulnerable to software compromise, yet difficult to protect with traditional anti-virus software. In this talk, we will present our results detecting infusion pump misbehavior. Our technique monitors device power consumption, builds a model of correct behavior, and detects anomalies using machine learning. Visibility into a machine's behavior is the cornerstone of an effective anti-malware strategy, and we will show examples of how our technique can reliably detect undesired behavior with very low false-positive rates.