New technology spots malware through power consumption

New technology developed by researchers collaborating from several universities can detect malware on medical devices by noting their power usage, as outlined in research that will be presented at the USENIX Workshop on Health Information Technologies in Washington, D.C., next week.

The technology, a tool called WattsUpDoc, gives hospitals an easy way to spot dangerous equipment and take it offline.

"Strict validation requirements make it prohibitively difficult or costly to use anti-virus software or automated operating system updates on these systems" the study's authors explain. "Our add-on monitoring system, WattsUpDoc, uses a traditionally undesirable side channel of power consumption to enable run-time malware detection."

The tool relies on the "side channel of systemwide power consumption, which leaks information about the system's computing activity without requiring any hardware or software modifications," Shane Clark, co-author of the study from the University of Massachusetts Amherst, writes in a recent blog post. "WattsUpDoc uses machine-learning techniques to match patterns of power consumption."

In experiments conducted, WattsUpDoc detected previously known malware with at least 94 percent accuracy--and previously unknown malware with at least 85 percent accuracy--on several embedded devices.

The prevalence of malware on hospital equipment is a big concern for hospitals. For instance, two anonymous provider CIOs recently expressed dismay to the Wall Street Journal for what they perceived to be subpar security efforts by their vendors in the fight security threats.

To learn more:
- see the study (.pdf)
- read the blog post
- read the MIT Technology Review article

Free Webinar

Take Control of Your Escalating Claim Costs through a Comprehensive Pre-payment Hospital Bill Review Solution

Today managing high dollar claim spend is more important than ever for Health Plans, TPAs, Employers, and Reinsurers, and can pose significant financial risks. How can these costs be managed without being a constant financial drain on your company resources? Our combination of the right people and the right technology provides an approach that ensures claims are paid right, the first time. Register Now!

Suggested Articles

A three-way deal between UpHealth, Cloudbreak, and a blank check company has created a new public digital health company valued at $1.35 billion.

By being proactive and using predictive models that target the most at-risk populations, payers can identify members who need help and intervene.

On the heels of its partnership with Cerner, Well Health scored a major funding round and announced that a Haven executive has joined its team.