A Lightweight Botnet Exploiting HTTP for Control Flow Denial on Open-Source Medical Systems.

The recent emergence of open-source medical cyber-physical systems has rapidly transformed the healthcare industry. This can be attributed to advancements in 3D printing technology and the growing popularity of open-source microcomputer systems like Arduino and Raspberry Pi. However, the increased use of these systems in hospitals has also raised cybersecurity concerns. In particular, new technologies, such as IoT devices and other mobile devices, have posed new challenges in exploiting modern botnets and determining their effectiveness with limited resources. In this paper, we propose a lightweight and full-encrypted cross-platform botnet system that provides a proof-of-concept demonstration of how a botnet attack can block control flow from the syringe pump in a testbed of an IoT medical network. The emphasis is placed on minimal deployment time and resource usage, making this lightweight botnet different from most traditional botnets, thus furthering cybersecurity research in intrusion detection for open-source medical systems.