|
1
|
Jiang X, Fan J, Zhu Z, Wang Z, Guo Y, Liu X, Jia F, Dai C. Cybersecurity in neural interfaces: Survey and future trends. Comput Biol Med 2023; 167:107604. [PMID: 37883851 DOI: 10.1016/j.compbiomed.2023.107604] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [MESH Headings] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 06/01/2023] [Revised: 09/23/2023] [Accepted: 10/17/2023] [Indexed: 10/28/2023]
Abstract
With the joint advancement in areas such as pervasive neural data sensing, neural computing, neuromodulation and artificial intelligence, neural interface has become a promising technology facilitating both the closed-loop neurorehabilitation for neurologically impaired patients and the intelligent man-machine interactions for general application purposes. However, although neural interface has been widely studied, few previous studies focused on the cybersecurity issues in related applications. In this survey, we systematically investigated possible cybersecurity risks in neural interfaces, together with potential solutions to these problems. Importantly, our survey considers interfacing techniques on both central nervous systems (i.e., brain-computer interfaces) and peripheral nervous systems (i.e., general neural interfaces), covering diverse neural modalities such as electroencephalography, electromyography and more. Moreover, our survey is organized on three different levels: (1) the data level, which mainly focuses on the privacy leakage issue via attacking and analyzing neural database of users; (2) the permission level, which mainly focuses on the prospects and risks to directly use real time neural signals as biometrics for continuous and unobtrusive user identity verification; and (3) the model level, which mainly focuses on adversarial attacks and defenses on both the forward neural decoding models (e.g. via machine learning) and the backward feedback implementation models (e.g. via neuromodulation and stimulation). This is the first study to systematically investigate cybersecurity risks and possible solutions in neural interfaces which covers both central and peripheral nervous systems, and considers multiple different levels to provide a complete picture of this issue.
Collapse
Affiliation(s)
- Xinyu Jiang
- School of Information Science and Technology, Fudan University, Shanghai, China
| | - Jiahao Fan
- The Department of Mechanical Engineering, The Pennsylvania State University, University Park, PA 16802, USA
| | - Ziyue Zhu
- The Department of Bioengineering, Imperial College London, SW7 2AZ London, UK
| | - Zihao Wang
- School of Information Science and Technology, Fudan University, Shanghai, China
| | - Yao Guo
- School of Information Science and Technology, Fudan University, Shanghai, China
| | - Xiangyu Liu
- The College of Communication and Art Design, University of Shanghai for Science and Technology, Shanghai, 200093, China
| | - Fumin Jia
- Institute of Science and Technology for Brain-Inspired Intelligence, Fudan University, Shanghai, China.
| | - Chenyun Dai
- School of Information Science and Technology, Fudan University, Shanghai, China.
| |
Collapse
|
|
2
|
Farady I, Kuo CC, Ng HF, Lin CY. Hierarchical Image Transformation and Multi-Level Features for Anomaly Defect Detection. SENSORS (BASEL, SWITZERLAND) 2023; 23:988. [PMID: 36679785 PMCID: PMC9861680 DOI: 10.3390/s23020988] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [MESH Headings] [Track Full Text] [Figures] [Subscribe] [Scholar Register] [Received: 10/27/2022] [Revised: 11/22/2022] [Accepted: 01/12/2023] [Indexed: 06/17/2023]
Abstract
Anomalies are a set of samples that do not follow the normal behavior of the majority of data. In an industrial dataset, anomalies appear in a very small number of samples. Currently, deep learning-based models have achieved important advances in image anomaly detection. However, with general models, real-world application data consisting of non-ideal images, also known as poison images, become a challenge. When the work environment is not conducive to consistently acquiring a good or ideal sample, an additional adaptive learning model is needed. In this work, we design a potential methodology to tackle poison or non-ideal images that commonly appear in industrial production lines by enhancing the existing training data. We propose Hierarchical Image Transformation and Multi-level Features (HIT-MiLF) modules for an anomaly detection network to adapt to perturbances from novelties in testing images. This approach provides a hierarchical process for image transformation during pre-processing and explores the most efficient layer of extracted features from a CNN backbone. The model generates new transformations of training samples that simulate the non-ideal condition and learn the normality in high-dimensional features before applying a Gaussian mixture model to detect the anomalies from new data that it has never seen before. Our experimental results show that hierarchical transformation and multi-level feature exploration improve the baseline performance on industrial metal datasets.
Collapse
Affiliation(s)
- Isack Farady
- Department of Electrical Engineering, Mercu Buana University, Jakarta 11650, Indonesia
- Department of Electrical and Communication Engineering, Yuan Ze University, Taoyuan 320, Taiwan
| | - Chia-Chen Kuo
- National Center for High-Performance Computing, National Applied Research Laboratories, Hsinchu 300, Taiwan
| | - Hui-Fuang Ng
- Department of Computer Science, University Tunku Abdul Rahman, Kampar 31900, Malaysia
| | - Chih-Yang Lin
- Department of Electrical and Communication Engineering, Yuan Ze University, Taoyuan 320, Taiwan
| |
Collapse
|
|
3
|
Personalized insulin dose manipulation attack and its detection using interval-based temporal patterns and machine learning algorithms. J Biomed Inform 2022; 132:104129. [PMID: 35781036 DOI: 10.1016/j.jbi.2022.104129] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 09/27/2021] [Revised: 05/16/2022] [Accepted: 06/21/2022] [Indexed: 11/20/2022]
Abstract
Many patients with diabetes are currently being treated with insulin pumps and other diabetes devices which improve their quality of life and enable effective treatment of diabetes. These devices are connected wirelessly and thus, are vulnerable to cyber-attacks which have already been proven feasible. In this paper, we focus on two types of cyber-attacks on insulin pump systems: an overdose of insulin, which can cause hypoglycemia, and an underdose of insulin, which can cause hyperglycemia. Both of these attacks can result in a variety of complications and endanger a patient's life. Specifically, we propose a sophisticated and personalized insulin dose manipulation attack; this attack is based on a novel method of predicting the blood glucose (BG) level in response to insulin dose administration. To protect patients from the proposed sophisticated and malicious insulin dose manipulation attacks, we also present an automated machine learning based system for attack detection; the detection system is based on an advanced temporal pattern mining process, which is performed on the logs of real insulin pumps and continuous glucose monitors (CGMs). Our multivariate time-series data (MTSD) collection consists of 225,780 clinical logs, collected from real insulin pumps and CGMs of 47 patients with type I diabetes (13 adults and 34 children) from two different clinics at Soroka University Medical Center in Beer-Sheva, Israel over a four-year period. We enriched our data collection with additional relevant medical information related to the subjects. In the extensive experiments performed, we evaluated the proposed attack and detection system and examined whether: (1) it is possible to accurately predict BG levels in order to create malicious data that simulate a manipulation attack and the patient's body in response to it; (2) it is possible to automatically detect such attacks based on advanced machine learning (ML) methods that leverage temporal patterns; (3) the detection capabilities of the proposed detection system differ for insulin overdose and underdose attacks; and (4) the granularity of the learning model (general / adult vs. pediatric clinic / individual patient) affects the detection capabilities. Our results show that (a) it is possible to predict, with nearly 90% accuracy, BG levels using our proposed methods, and by doing so, enable malicious data creation for our detection system evaluation; (b) it is possible to accurately detect insulin manipulation attacks using temporal patterns mining using several ML methods, including Logistic Regression, Random Forest, TPF class model, TPF top k, and ANN algorithms; (c) it is easier to detect an overdose attack than an underdose attack in more than 25%, in terms of AUC scores; and (d) the adult vs. pediatric model outperformed models of other granularities in the detection of overdose attacks, while the general model outperformed the other models in the case of detecting underdose attacks; for both attacks, attack detection among children was found to be more challenging than among adults. In addition to its use in the evaluation of our detection system, the proposed BG prediction method has great importance in the medical domain where it can contribute to improved care of patients with diabetes.
Collapse
|
|
4
|
Ou X, Wu M, Pu Y, Tu B, Zhang G, Xu Z. Cuckoo search algorithm with fuzzy logic and Gauss-Cauchy for minimizing localization error of WSN. Appl Soft Comput 2022. [DOI: 10.1016/j.asoc.2022.109211] [Citation(s) in RCA: 1] [Impact Index Per Article: 0.5] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/02/2022]
|
|
5
|
Mijatovic G, Kljajic D, Kasas-Lazetic K, Milutinov M, Stivala S, Busacca A, Cino AC, Stramaglia S, Faes L. Information Dynamics of Electric Field Intensity before and during the COVID-19 Pandemic. ENTROPY 2022; 24:e24050726. [PMID: 35626609 PMCID: PMC9140641 DOI: 10.3390/e24050726] [Citation(s) in RCA: 1] [Impact Index Per Article: 0.5] [Reference Citation Analysis] [Abstract] [Track Full Text] [Download PDF] [Figures] [Subscribe] [Scholar Register] [Received: 04/16/2022] [Revised: 05/08/2022] [Accepted: 05/17/2022] [Indexed: 11/25/2022]
Abstract
This work investigates the temporal statistical structure of time series of electric field (EF) intensity recorded with the aim of exploring the dynamical patterns associated with periods with different human activity in urban areas. The analyzed time series were obtained from a sensor of the EMF RATEL monitoring system installed in the campus area of the University of Novi Sad, Serbia. The sensor performs wideband cumulative EF intensity monitoring of all active commercial EF sources, thus including those linked to human utilization of wireless communication systems. Monitoring was performed continuously during the years 2019 and 2020, allowing us to investigate the effects on the patterns of EF intensity of varying conditions of human mobility, including regular teaching and exam activity within the campus, as well as limitations to mobility related to the COVID-19 pandemic. Time series analysis was performed using both simple statistics (mean and variance) and combining the information-theoretic measure of information storage (IS) with the method of surrogate data to quantify the regularity of EF dynamic patterns and detect the presence of nonlinear dynamics. Moreover, to assess the possible coexistence of dynamic behaviors across multiple temporal scales, IS analysis was performed over consecutive observation windows lasting one day, week, month, and year, respectively coarse grained at time scales of 6 min, 30 min, 2 h, and 1 day. Our results document that the EF intensity patterns of variability are modulated by the movement of people at daily, weekly, and monthly scales, and are blunted during periods of restricted mobility related to the COVID-19 pandemic. Mobility restrictions also affected significantly the regularity of the EF intensity time series, resulting in lower values of IS observed simultaneously with a loss of nonlinear dynamics. Thus, our analysis can be useful to investigate changes in the global patterns of human mobility both during pandemics or other types of events, and from this perspective may serve to implement strategies for safety assessment and for optimizing the design of networks of EF sensors.
Collapse
Affiliation(s)
- Gorana Mijatovic
- Faculty of Technical Sciences, University of Novi Sad, 21102 Novi Sad, Serbia; (G.M.); (D.K.); (K.K.-L.); (M.M.)
| | - Dragan Kljajic
- Faculty of Technical Sciences, University of Novi Sad, 21102 Novi Sad, Serbia; (G.M.); (D.K.); (K.K.-L.); (M.M.)
| | - Karolina Kasas-Lazetic
- Faculty of Technical Sciences, University of Novi Sad, 21102 Novi Sad, Serbia; (G.M.); (D.K.); (K.K.-L.); (M.M.)
| | - Miodrag Milutinov
- Faculty of Technical Sciences, University of Novi Sad, 21102 Novi Sad, Serbia; (G.M.); (D.K.); (K.K.-L.); (M.M.)
| | - Salvatore Stivala
- Department of Engineering, University of Palermo, 90128 Palermo, Italy; (S.S.); (A.B.); (A.C.C.)
| | - Alessandro Busacca
- Department of Engineering, University of Palermo, 90128 Palermo, Italy; (S.S.); (A.B.); (A.C.C.)
| | - Alfonso Carmelo Cino
- Department of Engineering, University of Palermo, 90128 Palermo, Italy; (S.S.); (A.B.); (A.C.C.)
| | | | - Luca Faes
- Department of Engineering, University of Palermo, 90128 Palermo, Italy; (S.S.); (A.B.); (A.C.C.)
- Correspondence:
| |
Collapse
|
|
6
|
Mahler T, Shalom E, Elovici Y, Shahar Y. A dual-layer context-based architecture for the detection of anomalous instructions sent to medical devices. Artif Intell Med 2022; 123:102229. [PMID: 34998518 DOI: 10.1016/j.artmed.2021.102229] [Citation(s) in RCA: 1] [Impact Index Per Article: 0.5] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 04/15/2021] [Revised: 08/04/2021] [Accepted: 11/30/2021] [Indexed: 11/25/2022]
Abstract
Complex medical devices are controlled by instructions sent from a host personal computer (PC) to the device. Anomalous instructions can introduce many potentially harmful threats to patients (e.g., radiation overexposure), to physical device components (e.g., manipulation of device motors), or to functionality (e.g., manipulation of medical images). Threats can occur due to cyber-attacks, human error (e.g., using the wrong protocol, or misconfiguring the protocol's parameters by a technician), or host PC software bugs. Thus, anomalous instructions might represent an intentional threat to the patient or to the device, a human error, or simply a non-optimal operation of the device. To protect medical devices, we propose a new dual-layer architecture. The architecture analyzes the instructions sent from the host PC to the physical components of the device, to detect anomalous instructions using two detection layers: (1) an unsupervised context-free (CF) layer that detects anomalies based solely on the instruction's content and inter-correlations; and (2) a supervised context-sensitive (CS) layer that detects anomalies in both the clinical objective and patient contexts using a set of supervised classifiers pre-trained for each specific context. The proposed dual-layer architecture was evaluated in the computed tomography (CT) domain, using 4842 CT instructions that we recorded, including two types of CF anomalous instructions, four types of clinical objective context instructions and four types of patient context instructions. The CF layer was evaluated using 14 unsupervised anomaly detection algorithms. The CS layer was evaluated using six supervised classification algorithms applied to each context (i.e., clinical objective or patient). Adding the second CS supervised layer to the architecture improved the overall anomaly detection performance (by improving the detection of CS anomalous instructions [when they were not also CF anomalous]) from an F1 score baseline of 72.6%, to an improved F1 score of 79.1% to 99.5% (depending on the clinical objective or patient context used). Adding, the semantics-oriented CS layer enables the detection of CS anomalies using the semantics of the device's procedure, which is not possible when using just the purely syntactic CF layer. However, adding the CS layer also introduced a somewhat increased false positive rate (FPR), and thus reduced somewhat the specificity of the overall process. We conclude that by using both the CF and CS layers, a dual-layer architecture can better detect anomalous instructions to medical devices. The increased FPR might be reduced, in the future, through the use of stronger models, and by training them on more data. The improved accuracy, and the potential capability of adding explanations to both layers, might be useful for creating decision support systems for medical device technicians.
Collapse
Affiliation(s)
- Tom Mahler
- Department of Software and Information Systems Engineering (SISE), Ben-Gurion University of the Negev, 84105 Beer Sheva, Israel.
| | - Erez Shalom
- Department of Software and Information Systems Engineering (SISE), Ben-Gurion University of the Negev, 84105 Beer Sheva, Israel
| | - Yuval Elovici
- Department of Software and Information Systems Engineering (SISE), Ben-Gurion University of the Negev, 84105 Beer Sheva, Israel
| | - Yuval Shahar
- Department of Software and Information Systems Engineering (SISE), Ben-Gurion University of the Negev, 84105 Beer Sheva, Israel
| |
Collapse
|
|
7
|
A Hybrid Lightweight System for Early Attack Detection in the IoMT Fog. SENSORS 2021; 21:s21248289. [PMID: 34960384 PMCID: PMC8708644 DOI: 10.3390/s21248289] [Citation(s) in RCA: 2] [Impact Index Per Article: 0.7] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Download PDF] [Figures] [Subscribe] [Scholar Register] [Received: 10/11/2021] [Revised: 11/29/2021] [Accepted: 12/02/2021] [Indexed: 11/16/2022]
Abstract
Cyber-attack detection via on-gadget embedded models and cloud systems are widely used for the Internet of Medical Things (IoMT). The former has a limited computation ability, whereas the latter has a long detection time. Fog-based attack detection is alternatively used to overcome these problems. However, the current fog-based systems cannot handle the ever-increasing IoMT’s big data. Moreover, they are not lightweight and are designed for network attack detection only. In this work, a hybrid (for host and network) lightweight system is proposed for early attack detection in the IoMT fog. In an adaptive online setting, six different incremental classifiers were implemented, namely a novel Weighted Hoeffding Tree Ensemble (WHTE), Incremental K-Nearest Neighbors (IKNN), Incremental Naïve Bayes (INB), Hoeffding Tree Majority Class (HTMC), Hoeffding Tree Naïve Bayes (HTNB), and Hoeffding Tree Naïve Bayes Adaptive (HTNBA). The system was benchmarked with seven heterogeneous sensors and a NetFlow data infected with nine types of recent attack. The results showed that the proposed system worked well on the lightweight fog devices with ~100% accuracy, a low detection time, and a low memory usage of less than 6 MiB. The single-criteria comparative analysis showed that the WHTE ensemble was more accurate and was less sensitive to the concept drift.
Collapse
|
|
8
|
Hameed SS, Hassan WH, Abdul Latiff L, Ghabban F. A systematic review of security and privacy issues in the internet of medical things; the role of machine learning approaches. PeerJ Comput Sci 2021; 7:e414. [PMID: 33834100 PMCID: PMC8022640 DOI: 10.7717/peerj-cs.414] [Citation(s) in RCA: 10] [Impact Index Per Article: 3.3] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 10/16/2020] [Accepted: 02/04/2021] [Indexed: 05/27/2023]
Abstract
BACKGROUND The Internet of Medical Things (IoMTs) is gradually replacing the traditional healthcare system. However, little attention has been paid to their security requirements in the development of the IoMT devices and systems. One of the main reasons can be the difficulty of tuning conventional security solutions to the IoMT system. Machine Learning (ML) has been successfully employed in the attack detection and mitigation process. Advanced ML technique can also be a promising approach to address the existing and anticipated IoMT security and privacy issues. However, because of the existing challenges of IoMT system, it is imperative to know how these techniques can be effectively utilized to meet the security and privacy requirements without affecting the IoMT systems quality, services, and device's lifespan. METHODOLOGY This article is devoted to perform a Systematic Literature Review (SLR) on the security and privacy issues of IoMT and their solutions by ML techniques. The recent research papers disseminated between 2010 and 2020 are selected from multiple databases and a standardized SLR method is conducted. A total of 153 papers were reviewed and a critical analysis was conducted on the selected papers. Furthermore, this review study attempts to highlight the limitation of the current methods and aims to find possible solutions to them. Thus, a detailed analysis was carried out on the selected papers through focusing on their methods, advantages, limitations, the utilized tools, and data. RESULTS It was observed that ML techniques have been significantly deployed for device and network layer security. Most of the current studies improved traditional metrics while ignored performance complexity metrics in their evaluations. Their studies environments and utilized data barely represent IoMT system. Therefore, conventional ML techniques may fail if metrics such as resource complexity and power usage are not considered.
Collapse
Affiliation(s)
- Shilan S. Hameed
- Malaysia-Japan International Institute of Technology (MJIIT), Universiti Teknologi Malaysia, Kuala Lumpur, Malaysia
- Directorate of Information Technology, Koya University, Koya, Kurdistan Region, Iraq
| | - Wan Haslina Hassan
- Malaysia-Japan International Institute of Technology (MJIIT), Universiti Teknologi Malaysia, Kuala Lumpur, Malaysia
| | - Liza Abdul Latiff
- Razak Faculty of Technology and Informatics, Universiti Teknologi Malaysia, Kuala Lumpur, Malaysia
| | - Fahad Ghabban
- Information Systems Department, College of Computer Sciences and Engineering, Taibah University, Medina, Saudi Arabia
| |
Collapse
|
|
9
|
Dahmen J, Cook DJ. Indirectly-Supervised Anomaly Detection of Clinically-Meaningful Health Events from Smart Home Data. ACM T INTEL SYST TEC 2021; 12:1-18. [PMID: 34336375 PMCID: PMC8323613 DOI: 10.1145/3439870] [Citation(s) in RCA: 9] [Impact Index Per Article: 3.0] [Reference Citation Analysis] [Abstract] [Key Words] [Grants] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 08/01/2019] [Accepted: 11/01/2020] [Indexed: 10/22/2022]
Abstract
Anomaly detection techniques can extract a wealth of information about unusual events. Unfortunately, these methods yield an abundance of findings that are not of interest, obscuring relevant anomalies. In this work, we improve upon traditional anomaly detection methods by introducing Isudra, an Indirectly-Supervised Detector of Relevant Anomalies from time series data. Isudra employs Bayesian optimization to select time scales, features, base detector algorithms, and algorithm hyperparameters that increase true positive and decrease false positive detection. This optimization is driven by a small amount of example anomalies, driving an indirectly-supervised approach to anomaly detection. Additionally, we enhance the approach by introducing a warm start method that reduces optimization time between similar problems. We validate the feasibility of Isudra to detect clinically-relevant behavior anomalies from over 2 million sensor readings collected in 5 smart homes, reflecting 26 health events. Results indicate that indirectly-supervised anomaly detection outperforms both supervised and unsupervised algorithms at detecting instances of health-related anomalies such as falls, nocturia, depression, and weakness.
Collapse
|
|
10
|
Intelligent automated drug administration and therapy: future of healthcare. Drug Deliv Transl Res 2021; 11:1878-1902. [PMID: 33447941 DOI: 10.1007/s13346-020-00876-4] [Citation(s) in RCA: 6] [Impact Index Per Article: 2.0] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Accepted: 11/09/2020] [Indexed: 12/13/2022]
Abstract
In the twenty-first century, the collaboration of control engineering and the healthcare sector has matured to some extent; however, the future will have promising opportunities, vast applications, and some challenges. Due to advancements in processing speed, the closed-loop administration of drugs has gained popularity for critically ill patients in intensive care units and routine life such as personalized drug delivery or implantable therapeutic devices. For developing a closed-loop drug delivery system, the control system works with a group of technologies like sensors, micromachining, wireless technologies, and pharmaceuticals. Recently, the integration of artificial intelligence techniques such as fuzzy logic, neural network, and reinforcement learning with the closed-loop drug delivery systems has brought their applications closer to fully intelligent automatic healthcare systems. This review's main objectives are to discuss the current developments, possibilities, and future visions in closed-loop drug delivery systems, for providing treatment to patients suffering from chronic diseases. It summarizes the present insight of closed-loop drug delivery/therapy for diabetes, gastrointestinal tract disease, cancer, anesthesia administration, cardiac ailments, and neurological disorders, from a perspective to show the research in the area of control theory.
Collapse
|
|
11
|
Fritz RL, Dermody G. Interpreting Health Events in Big Data Using Qualitative Traditions. INTERNATIONAL JOURNAL OF QUALITATIVE METHODS 2020; 19:10.1177/1609406920976453. [PMID: 33790703 PMCID: PMC8009495 DOI: 10.1177/1609406920976453] [Citation(s) in RCA: 1] [Impact Index Per Article: 0.3] [Reference Citation Analysis] [Abstract] [Key Words] [Grants] [Track Full Text] [Download PDF] [Figures] [Subscribe] [Scholar Register] [Indexed: 06/12/2023]
Abstract
The training of artificial intelligence requires integrating real-world context and mathematical computations. To achieve efficacious smart health artificial intelligence, contextual clinical knowledge serving as ground truth is required. Qualitative methods are well-suited to lend consistent and valid ground truth. In this methods article, we illustrate the use of qualitative descriptive methods for providing ground truth when training an intelligent agent to detect Restless Leg Syndrome. We show how one interdisciplinary, inter-methodological research team used both sensor-based data and the participant's description of their experience with an episode of Restless Leg Syndrome for training the intelligent agent. We make the case for clinicians with qualitative research expertise to be included at the design table to ensure optimal efficacy of smart health artificial intelligence and a positive end-user experience.
Collapse
|
|
12
|
Awan MF, Bose P, Khaleghi A, Kansanen K, Balasingham I. Evaluation of Secrecy Capacity for Next-Generation Leadless Cardiac Pacemakers. IEEE Trans Biomed Eng 2019; 67:2297-2308. [PMID: 31831404 DOI: 10.1109/tbme.2019.2958748] [Citation(s) in RCA: 4] [Impact Index Per Article: 0.8] [Reference Citation Analysis] [Abstract] [MESH Headings] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/11/2022]
Abstract
Secure communication can be considered as an integral part of the next generation implantable medical devices. With the advent of Physical Layer Security (PLS) methods, confidential messages can be transmitted without the use of encryption keys. For analyzing the effectiveness of PLS for next-generation leadless cardiac pacemakers, we provide secrecy analysis using a performance metric of secrecy capacity. Secrecy capacity defines the secure transmission rate between legitimate nodes without leakage of information to an eavesdropper and depends on respective channel attenuations. The legitimate and eavesdropper channel attenuations are evaluated by 3D numerical electromagnetic simulations using a detailed human model. We do not assume eavesdropper to be located in specific directions or positions and considers it to be located anywhere around the body. We evaluate the secrecy capacity by defining a spherical grid for eavesdropper positions around the body with a radius of 1 m. The secrecy capacity of the entire space is evaluated by extrapolating the grid to different radial distances using free space path loss model. Moreover, by fixing application based secure communication rate, the entire space is divided into secure and in-secure volumes. The in-secure volume consists of all the eavesdropper positions from which the pacemaker can be eavesdropped. We also evaluated the angle from which the maximum leakage of information takes place and referred it as "Eve's sweet spot angle." Data for channel attenuations from phantom and in-vivo experiments is also utilized to validate and observe the differences between simulations and experiments. This article will help in design of the communication module of implanted leadless cardiac pacemakers with enhanced security on the physical layer.
Collapse
|
|
13
|
Kintzlinger M, Nissim N. Keep an eye on your personal belongings! The security of personal medical devices and their ecosystems. J Biomed Inform 2019; 95:103233. [PMID: 31201966 DOI: 10.1016/j.jbi.2019.103233] [Citation(s) in RCA: 8] [Impact Index Per Article: 1.6] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 10/14/2018] [Revised: 04/12/2019] [Accepted: 06/11/2019] [Indexed: 12/27/2022]
Abstract
Today, personal medical devices (PMDs) play an increasingly important role in healthcare ecosystems as patient life support equipment. As a result of technological advances, PMDs now encompass many components and functionalities that open the door to a variety of cyber-attacks. In this paper we present a taxonomy of ten widely-used PMDs based on the five diseases they were designed to treat. We also provide a comprehensive survey that covers 17 possible attacks aimed at PMDs, as well as the attacks' building blocks. For each PMD type, we create an ecosystem and data and attack flow diagram, which comprehensively describes the roles and interactions of the players associated with the PMD and presents the most vulnerable vectors and components within the PMDs' ecosystems; such knowledge can increase security awareness among PMD users and their healthcare providers. We also present the basic, yet important, building blocks that constitute the steps by which each of the attacks presented is carried out. Doing so allowed us to establish the foundations for the future development of a novel risk analysis methodology for medical devices. For each attack we mapped the building blocks required to carry out the attack and found that 50% of the attacks rely upon the ability to remotely connect to the PMD, while 61% of them rely on the physical proximity of the attacker to the PMD. Finally, by surveying 21 existing security mechanisms and mapping their coverage for the attacks, we identify the gaps between PMDs' security mechanisms and the possible attacks. We show that current security mechanisms generally fail to provide protection from all of the attacks against PMDs and suggest the development of a comprehensive framework to secure PMDs and protect the patients that rely upon them.
Collapse
Affiliation(s)
- Matan Kintzlinger
- Malware Lab, Cyber Security Research Center, Ben-Gurion University of the Negev, Beer-Sheva, Israel; Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel
| | - Nir Nissim
- Malware Lab, Cyber Security Research Center, Ben-Gurion University of the Negev, Beer-Sheva, Israel; Department of Industrial Engineering and Management, Ben-Gurion University of the Negev, Beer-Sheva, Israel; Department of Neurobiology, Stanford University, Stanford, CA 94305, USA.
| |
Collapse
|
|
14
|
Camara C, Martín H, Peris-Lopez P, Aldalaien M. Design and Analysis of a True Random Number Generator Based on GSR Signals for Body Sensor Networks. SENSORS (BASEL, SWITZERLAND) 2019; 19:E2033. [PMID: 31052275 PMCID: PMC6540050 DOI: 10.3390/s19092033] [Citation(s) in RCA: 9] [Impact Index Per Article: 1.8] [Reference Citation Analysis] [Abstract] [Key Words] [Grants] [Track Full Text] [Download PDF] [Figures] [Subscribe] [Scholar Register] [Received: 03/24/2019] [Revised: 04/21/2019] [Accepted: 04/23/2019] [Indexed: 11/17/2022]
Abstract
Today, medical equipment or general-purpose devices such as smart-watches or smart-textiles can acquire a person's vital signs. Regardless of the type of device and its purpose, they are all equipped with one or more sensors and often have wireless connectivity. Due to the transmission of sensitive data through the insecure radio channel and the need to ensure exclusive access to authorised entities, security mechanisms and cryptographic primitives must be incorporated onboard these devices. Random number generators are one such necessary cryptographic primitive. Motivated by this, we propose a True Random Number Generator (TRNG) that makes use of the GSR signal measured by a sensor on the body. After an exhaustive analysis of both the entropy source and the randomness of the output, we can conclude that the output generated by the proposed TRNG behaves as that produced by a random variable. Besides, and in comparison with the previous proposals, the performance offered is much higher than that of the earlier works.
Collapse
Affiliation(s)
- Carmen Camara
- Department of Computer Science, University Carlos III of Madrid, 28911 Leganes, Spain.
| | - Honorio Martín
- Department of Electronic Technology, University Carlos III of Madrid, 28911 Leganes, Spain.
| | - Pedro Peris-Lopez
- Department of Computer Science, University Carlos III of Madrid, 28911 Leganes, Spain.
| | - Muawya Aldalaien
- Higher Colleges of Technology, Abu Dhabi Women's College, Abu Dhabi 41012, United Arab Emirates.
| |
Collapse
|
|
15
|
Awan MF, Perez-Simbor S, Garcia-Pardo C, Kansanen K, Cardona N. Experimental Phantom-Based Security Analysis for Next-Generation Leadless Cardiac Pacemakers. SENSORS 2018; 18:s18124327. [PMID: 30544594 PMCID: PMC6308590 DOI: 10.3390/s18124327] [Citation(s) in RCA: 6] [Impact Index Per Article: 1.0] [Reference Citation Analysis] [Abstract] [Key Words] [MESH Headings] [Track Full Text] [Download PDF] [Figures] [Subscribe] [Scholar Register] [Received: 10/31/2018] [Revised: 11/28/2018] [Accepted: 12/05/2018] [Indexed: 11/16/2022]
Abstract
With technological advancement, implanted medical devices can treat a wide range of chronic diseases such as cardiac arrhythmia, deafness, diabetes, etc. Cardiac pacemakers are used to maintain normal heart rhythms. The next generation of these pacemakers is expected to be completely wireless, providing new security threats. Thus, it is critical to secure pacemaker transmissions between legitimate nodes from a third party or an eavesdropper. This work estimates the eavesdropping risk and explores the potential of securing transmissions between leadless capsules inside the heart and the subcutaneous implant under the skin against external eavesdroppers by using physical-layer security methods. In this work, we perform phantom experiments to replicate the dielectric properties of the human heart, blood, and fat for channel modeling between in-body-to-in-body devices and from in-body-to-off-body scenario. These scenarios reflect the channel between legitimate nodes and that between a legitimate node and an eavesdropper. In our case, a legitimate node is a leadless cardiac pacemaker implanted in the right ventricle of a human heart transmitting to a legitimate receiver, which is a subcutaneous implant beneath the collar bone under the skin. In addition, a third party outside the body is trying to eavesdrop the communication. The measurements are performed for ultrawide band (UWB) and industrial, scientific, and medical (ISM) frequency bands. By using these channel models, we analyzed the risk of using the concept of outage probability and determine the eavesdropping range in the case of using UWB and ISM frequency bands. Furthermore, the probability of positive secrecy capacity is also determined, along with outage probability of a secrecy rate, which are the fundamental parameters in depicting the physical-layer security methods. Here, we show that path loss follows a log-normal distribution. In addition, for the ISM frequency band, the probability of successful eavesdropping for a data rate of 600 kbps (Electromyogram (EMG)) is about 97.68% at an eavesdropper distance of 1.3 m and approaches 28.13% at an eavesdropper distance of 4.2 m, whereas for UWB frequency band the eavesdropping risk approaches 0.2847% at an eavesdropper distance of 0.22 m. Furthermore, the probability of positive secrecy capacity is about 44.88% at eavesdropper distance of 0.12 m and approaches approximately 97% at an eavesdropper distance of 0.4 m for ISM frequency band, whereas for UWB, the same statistics are 96.84% at 0.12 m and 100% at 0.4 m. Moreover, the outage probability of secrecy capacity is also determined by using a fixed secrecy rate.
Collapse
Affiliation(s)
- Muhammad Faheem Awan
- Department of Electronic Systems, Norwegian University of Science and Technology, NTNU, NO-7491 Trondheim, Norway.
| | | | | | - Kimmo Kansanen
- Department of Electronic Systems, Norwegian University of Science and Technology, NTNU, NO-7491 Trondheim, Norway.
| | - Narcis Cardona
- iTEAM, Universitat Politècnica de València, 46022 Valencia, Spain.
| |
Collapse
|
|
16
|
|
|
17
|
Zheng G, Yang W, Valli C, Qiao L, Shankaran R, Orgun MA, Mukhopadhyay SC. Finger-to-Heart (F2H): Authentication for Wireless Implantable Medical Devices. IEEE J Biomed Health Inform 2018; 23:1546-1557. [PMID: 30106744 DOI: 10.1109/jbhi.2018.2864796] [Citation(s) in RCA: 26] [Impact Index Per Article: 4.3] [Reference Citation Analysis] [Abstract] [MESH Headings] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/08/2022]
Abstract
Any proposal to provide security for implantable medical devices (IMDs), such as cardiac pacemakers and defibrillators, has to achieve a trade-off between security and accessibility for doctors to gain access to an IMD, especially in an emergency scenario. In this paper, we propose a finger-to-heart (F2H) IMD authentication scheme to address this trade-off between security and accessibility. This scheme utilizes a patient's fingerprint to perform authentication for gaining access to the IMD. Doctors can gain access to the IMD and perform emergency treatment by scanning the patient's finger tip instead of asking the patient for passwords/security tokens, thereby, achieving the necessary trade-off. In the scheme, an improved minutia-cylinder-code-based fingerprint authentication algorithm is proposed for the IMD by reducing the length of each feature vector and the number of query feature vectors. Experimental results show that the improved fingerprint authentication algorithm significantly reduces both the size of messages in transmission and computational overheads in the device, and thus, can be utilized to secure the IMD. Compared to existing electrocardiogram signal-based security schemes, the F2H scheme does not require the IMD to capture or process biometric traits in every access attempt since a fingerprint template is generated and stored in the IMD beforehand. As a result, the scarce resources in the IMD are conserved, making the scheme sustainable as well as energy efficient.
Collapse
|
|
18
|
Symmetric Encryption Relying on Chaotic Henon System for Secure Hardware-Friendly Wireless Communication of Implantable Medical Systems. JOURNAL OF SENSOR AND ACTUATOR NETWORKS 2018. [DOI: 10.3390/jsan7020021] [Citation(s) in RCA: 3] [Impact Index Per Article: 0.5] [Reference Citation Analysis] [Track Full Text] [Subscribe] [Scholar Register] [Indexed: 11/16/2022]
|
|
19
|
Security Belt for Wireless Implantable Medical Devices. J Med Syst 2017; 41:172. [PMID: 28929373 DOI: 10.1007/s10916-017-0813-5] [Citation(s) in RCA: 4] [Impact Index Per Article: 0.6] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 07/10/2017] [Accepted: 08/29/2017] [Indexed: 10/18/2022]
Abstract
In this study, a new protective design compatible with existing non-secure systems was proposed, since it is focused on the secure communication of wireless IMD systems in all transmissions. This new protector is an external wearable device and appears to be a belt fitted around for the patients IMD implanted. However, in order to provide effective full duplex transmissions and physical layer security, some sophisticated transceiver antennas have been placed on the belt. In this approach, beam-focused multi-antennas in optimal positions on the belt are randomly switched when transmissions to the IMD are performed and multi-jammer switching with MRC combining or majority-rule based receiving techniques are applied when transmissions from the IMD are carried out. This approach can also reduce the power consumption of the IMDs and contribute to the prolongation of the IMD's battery life.
Collapse
|
|
20
|
Security and privacy issues in implantable medical devices: A comprehensive survey. J Biomed Inform 2015; 55:272-89. [DOI: 10.1016/j.jbi.2015.04.007] [Citation(s) in RCA: 165] [Impact Index Per Article: 18.3] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 08/21/2014] [Revised: 03/19/2015] [Accepted: 04/17/2015] [Indexed: 11/24/2022]
|