ISCAS 2025 Conference Paper
Hacking Health: Unveiling Vulnerabilities in BLE-Enabled Wearable Sensor Nodes
Authors: Mohammad Alhussan, Francesca Boem, Sara Ghoreishizadeh, Anna Maria Mandalari
Conference: 2025 IEEE International Symposium on Circuits and Systems (ISCAS)
Date: May 25–28, 2025
Location: London, United Kingdom
BLE Sniffing & MITM Execution Process.
Overview
The rise of the Internet of Medical Things (IoMT) in healthcare brings benefits like continuous monitoring, remote patient care, and data-driven treatments. However, it also poses cybersecurity risks. While prior research has investigated this issue, it has not looked at advanced wearable sensor nodes that use Bluetooth Low Energy (BLE) alongside other wireless protocols.
In this work, we conduct a black-box audit of wearable sensor nodes to explore vulnerabilities. Our systematic approach:
- Investigates whether common attacks are effective against BLE-enabled sensor nodes.
- Groups vulnerabilities based on susceptibility to MITM, sniffing, and DoS threats.
- Provides an in-depth security gap analysis for commercial devices used in an IoMT setting.
We present results from hundreds of experiments using popular commercial sensor nodes, showing that not only are these devices vulnerable to common attacks, but their weaknesses also pose threats to patient safety and data integrity.