Poster: Threat Intelligence & Modeling Practices for IoMT Devices using Wi-Fi Communications

Authors

Eva Wilson, McKelvey School of Engineering
Cody Ourique, San Jose State University
Bernardo Flores, San Jose State UniversityFollow

Publication Date

8-27-2025

Document Type

Conference Proceeding

Publication Title

2025 Silicon Valley Cybersecurity Conference Svcc 2025

DOI

10.1109/SVCC65277.2025.11133634

Abstract

The integration of internet connectivity into medical devices, known as the Internet of Medical Things (IoMT), is revolutionizing modern healthcare through remote monitoring and advanced diagnostics. Among these devices, the Continuous Positive Airway Pressure (CPAP) machine plays a critical role in managing patients with Sleep Apnea. However, the security of CPAP devices presents significant concerns due to potential vulnerabilities that could lead to critical failures, such as device shutdowns. An analysis was made of the device's connectivity interface, to identify potential exploit points and vulnerabilities. Additionally, we evaluated whether existing threat modeling frameworks - namely the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK)- sufficiently address the threats faced by IoMT devices and propose potential extensions where needed. Our goal is to enhance the security of CPAP machines by highlighting potential threats and advocating for improved security measures by manufacturers.

Keywords

Cybersecurity, IoMT, IoT, Machine Learning, Threat Intelligence

Department

Computer Engineering

Recommended Citation

Eva Wilson, Cody Ourique, and Bernardo Flores. "Poster: Threat Intelligence & Modeling Practices for IoMT Devices using Wi-Fi Communications" 2025 Silicon Valley Cybersecurity Conference Svcc 2025 (2025). https://doi.org/10.1109/SVCC65277.2025.11133634