• Title/Summary/Keyword: MITRE ATT&CK Mobile

Search Result 1, Processing Time 0.013 seconds

Enhancing the Cybersecurity Checklist for Mobile Applications in DTx based on MITRE ATT&CK for Ensuring Privacy

  • Gee-hee Yun;Kyoung-jin Kim
    • Journal of Internet Computing and Services
    • /
    • v.24 no.4
    • /
    • pp.15-24
    • /
    • 2023

  • Digital therapeutics (DTx) are utilized to replace or supplement drug therapy to treat patients. DTx are developed as a mobile application for portability and convenience. The government requires security verification to be performed on digital medical devices that manage sensitive information during the transmission and storage of patient data. Although safety verification is included in the approval process for DTx, the cybersecurity checklist used as a reference does not reflect the characteristics of mobile applications. This poses the risk of potentially overlooking vulnerabilities during security verification. This study aims to address this issue by comparing and analyzing existing items based on the mobile tactics, techniques, and procedures of MITRE ATT&CK, which manages globally known and occurring vulnerabilities through regular updates. We identify 16 items that require improvement and expand the checklist to 29 items to propose improvement measures. The findings of this study may contribute to the safe development and advancement of DTx for managing sensitive patient information.

  • https://doi.org/10.7472/jksii.2023.24.4.15 인용 PDF HTML