Vulnerabilities Associated with Wi-Fi Protected Setup in a Medical Environment

Daniel Costantin, Krishnun Sansurooah, Patricia Williams

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    Developed in the mid-2000s by the Wi-Fi Alliance, the Wi-Fi Protected (WPS) protocol assists configuration of mobile and wireless networks. Its development grew from the needs of less technology knowledgeable end-users to be able to setup wireless networks, primarily for the home environment. However, the technology is also used by small to medium sized businesses including medical environments and this presents multiple security vulnerabilities. WPS can employ four different types of authentication, with the PIN method the most popular. Consequently, Near Field Communication (NFC), Push Button, and USB are less documented and arguable less understood by users. This research describes in detail the methods and their vulnerabilities, and uses controlled experiments to test the security vulnerabilities of WPS authentication and how they can be exploited. The research suggests that a multi-faceted approach to mitigation and elimination of the vulnerabilities of WPS is warranted. Such an approach includes: education for end-users in the vulnerabilities and what precautions they should use to mitigate these; improvement in lockout policy implementation by vendors; and for the Wi-Fi Alliance to consider review of the vendor certification regarding lockout policy during attack detection. The balance between ease of use and security is a common problem, however the breaches in security in a medical environment can have many detrimental impacts for the healthcare provider organisation as well as for the patient including potential impact on patient safety and the reputation of the medical institution.

    Original languageEnglish
    Title of host publicationACSW '17
    Subtitle of host publicationProceedings of the Australasian Computer Science Week Multiconference
    Place of PublicationNY
    PublisherAssociation for Computing Machinery
    Number of pages12
    ISBN (Print)978-1-4503-4768-6, 9781450347686, 1450347681
    DOIs
    Publication statusPublished - Jan 2017
    Event2017 Australasian Computer Science Week Multiconference, ACSW 2017 -
    Duration: 31 Jan 2017 → …

    Publication series

    NameInternational Conference Proceeding Series (ICPS)
    PublisherAssociation for Computing Machinery

    Conference

    Conference2017 Australasian Computer Science Week Multiconference, ACSW 2017
    Period31/01/17 → …

    Keywords

    • Medical environment
    • Medical equipment
    • Patient safety
    • Wi-fi protected setup
    • Wireless hacking
    • WPS

    Fingerprint Dive into the research topics of 'Vulnerabilities Associated with Wi-Fi Protected Setup in a Medical Environment'. Together they form a unique fingerprint.

  • Cite this

    Costantin, D., Sansurooah, K., & Williams, P. (2017). Vulnerabilities Associated with Wi-Fi Protected Setup in a Medical Environment. In ACSW '17: Proceedings of the Australasian Computer Science Week Multiconference [58] (International Conference Proceeding Series (ICPS)). Association for Computing Machinery. https://doi.org/10.1145/3014812.3014872