Security Defense Strategy for Cardiac Medical Diagnosis System (CMDS)
- Resource Type
- Conference
- Authors
- He, Ying; Camacho, Ruben Suxo; Luo, Cunjin; Zhang, Henggui
- Source
- 2019 Computing in Cardiology (CinC) Computing in Cardiology (CinC), 2019. :Page 1-Page 4 Sep, 2019
- Subject
- Bioengineering
Computing and Processing
Signal Processing and Analysis
Medical services
Electrocardiography
Authentication
Medical diagnostic imaging
Biomedical engineering
- Language
- ISSN
- 2325-887X
The medical systems have been targeted by the cyber attackers. This paper is motivated by the recent attacks that have resulted in the compromise of diagnosis results. This study was undertaken to show how the Cardiac Medical Diagnosis Systems (CMDS) can be hacked and propose security recommendations to prevent such attacks. We build a simulation platform by implementing an open source medical system. We feed the ECGs data from the PhysioNet/Computing in Cardiology (CinC) Challenge 2017 to the open source medical system. We then follow the OWASP pen-testing methodology to perform the ethical hacking. The hacking was successful and we have identified a major vulnerability of the system related to authentication. Finally, we are able to gain access to the sensitive ECG data. We then proposed cyber recommendations to prevent such attacks. Future work will consider using a mature CMDS, such as the arrhythmia detection and classification in ambulatory ECGs to investigate how the core of the algorithms can be attacked and protected.