An Israeli researcher in how to stymie cyber attacks is presenting his team’s approach to solutions using artificial intelligence (AI) on Monday (Nov. 27) at the Radiological Society of North America (RSNA) in Chicago — an association of 54,000 professionals in the field.
Tom Mahler, a PhD candidate and researcher in Cyber@bgu — at Ben-Gurion University of the Negev (BGU) — is slated to show how a hacker might bypass security mechanisms in a CT machine in order to manipulate its behavior. Because CT uses ionizing radiation, changes to dose could negatively affect image quality, or—in extreme cases—pose harm to the patient.
Hacking a system is the first step in determining vulnerabilities and creating solutions, says Mahler.
The internet has been beneficial for health care, radiology included; improving access in remote areas, allowing for faster and better diagnoses, and vastly improving the management and transfer of medical records and images. Medical imaging devices such as X-ray, mammography, MRI and CT machines play a crucial role in diagnosis and treatment.
But as these devices are typically connected to hospital networks, they can be potentially susceptible to sophisticated cyberattacks, including ransomware attacks that can disable the machines.
“In the current phase of our research, we focus on developing an anomaly detection system using advanced AI methods to train the system with actual commands recorded from actual equipment,” says Mahler. “The system will monitor scan protocols to detect whether outgoing commands are malicious before they are executed and will alert or possibly stop if it detects an issue.
“While other solutions have focused on securing the entire hospital network, our solution is device-oriented. Our goal is to be the last line of defense for medical imaging devices to prevent as many attacks as possible.”
The BGU approach to detect anomalies includes developing a system using AI to train data, consisting of real commands recorded from actual devices. The model learns to recognize typical imaging scan protocols and to predict if a new, unseen command is legitimate or not. If an attacker sends a malicious command to the device, the system will detect it and alert the operator before the command is executed.
Mahler notes that the system is not yet complete, but the results are a significant milestone on the path to securing medical imaging devices.
“The medical information device development process, from concept to market, takes three to seven years. Cyber threats can change significantly over that period, which leaves medical imaging devices highly vulnerable,” Mahler says. “If health care manufacturers and hospitals take a proactive approach, we can prevent such attacks from happening in the first place.”
The next step in this process is to collect more scans from different devices and sites to create a more accurate model.
The CTrl-Alt-Radiate? research team includes Prof. Yuval Shahar, head of BGU’s Medical Informatics Research Center and a member of the BGU Department of Software and Information Systems Engineering and Prof., Yuval Elovici, PhD, director of the Telekom Innovation Labs@BGU, director of Cyber@BGU and a member of the BGU Department of Software and Information Systems Engineering. Also on the team are Dr. Erez Shalom, Senior Researcher at BGU’s Medical Informatics Research Center, as well as collaborators from Clalit Health Services: Dr. Arnon Makori, Prof. Ilan Shelef, of the BGU Faculty of Health Sciences and the director of the imaging department at Soroka Hospital; and Mr. Israel Goldenberg, Chief Information Security Officer at Data Protection and Cyber-Security Department, Clalit Health Services Clalit Health Services.