Jun Liu,Yaqi Zhou

DOI: https://doi.org/10.1109/ISCID.2013.178

2013-01-01

Abstract:Using the ECG analog front-end and ARM Cortex-M3 processor to develop a portable ECG monitor. The STM32 as the core unit, the ADS1292 as the acquisition analog front-end, it also includes a touch screen display module, an SD card storage module and a voltage conversion module. Automatic ECG analysis algorithms including QRS complex detection, QRS width detection and ST segment detection. ECG can be divided into four kinds of heart beat and eight kinds of arrhythmia rhythm using the extracted ECG parameters. The results have been evaluated on the MIT-BIH Arrhythmia Database, the sensitivity of QRS complex detection was 99% and the sensitivity of heart beat classification was above 95%. The monitor can display the real-time ECG waveform and the current heart rate, to make recommendations for the subjects, and it stored the abnormal ECG waveform that provided to physicians for further analysis and diagnosis. Ultimately the monitor gives a composite score based on heart rate, arrhythmia and ST segment to facilitate subjects for heart health.

Lu Zhang,Luis Vega,Michael Taylor

DOI: https://doi.org/10.48550/arXiv.1605.00681

2016-05-03

Abstract:Power side-channel attacks are a very effective cryptanalysis technique that can infer secret keys of security ICs by monitoring the power consumption. Since the emergence of practical attacks in the late 90s, they have been a major threat to many cryptographic-equipped devices including smart cards, encrypted FPGA designs, and mobile phones. Designers and manufacturers of cryptographic devices have in response developed various countermeasures for protection. Attacking methods have also evolved to counteract resistant implementations. This paper reviews foundational power analysis attack techniques and examines a variety of hardware design mitigations. The aim is to highlight exposed vulnerabilities in hardware-based countermeasures for future more secure implementations.

Cryptography and Security

Jialin Liu,Ning Miao,Chongzhou Fang,Houman Homayoun,Han Wang

2023-04-05

Abstract:The Electrocardiogram (ECG) measures the electrical cardiac activity generated by the heart to detect abnormal heartbeat and heart attack. However, the irregular occurrence of the abnormalities demands continuous monitoring of heartbeats. Machine learning techniques are leveraged to automate the task to reduce labor work needed during monitoring. In recent years, many companies have launched products with ECG monitoring and irregular heartbeat alert. Among all classification algorithms, the time series-based algorithm dynamic time warping (DTW) is widely adopted to undertake the ECG classification task. Though progress has been achieved, the DTW-based ECG classification also brings a new attacking vector of leaking the patients' diagnosis results. This paper shows that the ECG input samples' labels can be stolen via a side-channel attack, Flush+Reload. In particular, we first identify the vulnerability of DTW for ECG classification, i.e., the correlation between warping path choice and prediction results. Then we implement an attack that leverages Flush+Reload to monitor the warping path selection with known ECG data and then build a predictor for constructing the relation between warping path selection and labels of input ECG samples. Based on experiments, we find that the Flush+Reload-based inference leakage can achieve an 84.0\% attacking success rate to identify the labels of the two samples in DTW.

Cryptography and Security,Machine Learning,Signal Processing

Ying He,Ruben Suxo Camacho,Cunjin Luo,Henggui Zhang

DOI: https://doi.org/10.23919/cinc49843.2019.9005775

2019-01-01

Abstract:The medical systems have been targeted by the cyber attackers. This paper is motivated by the recent attacks that have resulted in the compromise of diagnosis results. This study was undertaken to show how the Cardiac Medical Diagnosis Systems (CMDS) can be hacked and propose security recommendations to prevent such attacks. We build a simulation platform by implementing an open source medical system. We feed the ECGs data from the PhysioNet/Computing in Cardiology (CinC) Challenge 2017 to the open source medical system. We then follow the OWASP pen-testing methodology to perform the ethical hacking. The hacking was successful and we have identified a major vulnerability of the system related to authentication. Finally, we are able to gain access to the sensitive ECG data. We then proposed cyber recommendations to prevent such attacks. Future work will consider using a mature CMDS, such as the arrhythmia detection and classification in ambulatory ECGs to investigate how the core of the algorithms can be attacked and protected.

Aurelien T. Mozipo,John M. Acken

DOI: https://doi.org/10.1109/tdsc.2024.3370711

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Countermeasures and deterrents to power side-channel attacks targeting the alteration or scrambling of the power delivery network have been shown to be effective against local attacks where the malicious agent has physical access to the target system. However, remote attacks that capture the leaked information from within the IC power grid are shown herein to be nonetheless effective at uncovering the secret key in the presence of these countermeasures/deterrents. Theoretical studies and experimental analysis are carried out to define and quantify the impact of integrated voltage regulators, voltage noise injection, and integration of on-package decoupling capacitors for both remote and local attacks. An outcome yielded by the studies is that the use of an integrated voltage regulator as a countermeasure is effective for a local attack. However, remote attacks are still effective and hence break the integrated voltage regulator countermeasure. From the experimental analysis, it is observed that within the range of designs' practical values, the adoption of on-package decoupling capacitors provides only a 1.3x increase in the minimum number of traces required to discover the secret key. However, the injection of noise in the IC power delivery network yields a 37x increase in the minimum number of traces to discover. Thus, increasing the number of on-package decoupling capacitors or the impedance between locally measured power and the IC power grid should not be relied on as countermeasures to power side-channel attacks, for remote attack schemes. Noise injection should be considered as it is more effective at scrambling the leaked signal to eliminate sensitive identifying information.

computer science, information systems, software engineering, hardware & architecture

Ying He,Cunjin Luo,Ruben Suxo Camacho,Kuanquan Wang,Henggui Zhang

DOI: https://doi.org/10.22489/cinc.2020.439

2020-01-01

Abstract:The Cardiac Medical Diagnosis Systems (CMDS) are targeted by the cyber attackers. This paper is motivated by the recent cyber-attacks happened during the COVID 19 that have resulted in the compromise of medical data. This study was carried out to demonstrate how the CMDS can be breached into using an AI-based ethical attack pathway and propose security solutions to prevent such beaches. This study is based on an established simulation platform with an open source medical system, the OpenEMR. The system was fed with the ECGs data from the PhysioNet/Computing in Cardiology (CinC) Challenge 2017. This paper proposed the AI based hacking pathway following the NIST pen-testing methodology based on our previous identified vulnerability related to authentication. We then presented cyber security recommendations to prevent such AI-based attacks. Future work will consider a realistic CMDS, such as the arrhythmia detection and classification in ambulatory ECGs to find out how the algorithms core can be hacked and protected.

Abhinandan Panda,Srinivas Pinisetty,Partha Roop

DOI: https://doi.org/10.1145/3638286

2024-01-06

ACM Transactions on Embedded Computing Systems

Abstract:Wearable and implantable medical devices (IMDs) are increasingly deployed to diagnose, monitor, and provide therapy for critical medical conditions. Such medical devices are safety-critical cyber-physical systems (CPSs). These systems support wireless features introducing potential security vulnerabilities. Although these devices undergo rigorous safety certification processes, runtime security attacks are inevitable. Based on published literature, IMDs such as pacemakers and insulin infusion systems can be remotely controlled to inject deadly electric shocks and excess insulin, posing a threat to a patient’s life. While prior works based on formal methods have been proposed to detect potential attack vectors using different forms of static analysis, these have limitations in preventing attacks at runtime. This paper discusses a formal framework for detecting cyber-physical attacks on a pacemaker by monitoring its security policies at runtime. We propose a wearable device that senses the Electrocardiogram (ECG) and Photoplethysmogram (PPG) of the body to detect attacks in a pacemaker. To facilitate the design of this device, we map the security policies of a pacemaker w.r.t ECG and PPG, paving the way for designing formal verification monitors for pacemakers for the first time using multiple physiological signals. The proposed monitoring framework allows the synthesis of parallel monitors from a given set of desired security policies, where all the monitors execute concurrently and generate an alarm to the user in the case of policy violation. Our implementation and the performance evaluation results demonstrate the technical feasibility of designing such a wearable device for attack detection in pacemakers. This device is separate from the pacemaker, ensuring no need for re-certification of pacemakers. Our approach is amenable to the application of security patches when new attack vectors are detected, making the approach ideal for runtime monitoring of medical CPSs.

computer science, software engineering, hardware & architecture

Saleh Khalaj Monfared,Tahoura Mosavirik,Shahin Tajik

DOI: https://doi.org/10.48550/arXiv.2310.07014

2023-05-08

Cryptography and Security

Abstract:The threat of physical side-channel attacks and their countermeasures is a widely researched field. Most physical side-channel attacks rely on the unavoidable influence of computation or storage on voltage or current fluctuations. Such data-dependent influence can be exploited by, for instance, power or electromagnetic analysis. In this work, we introduce a novel non-invasive physical side-channel attack, which exploits the data-dependent changes in the impedance of the chip. Our attack relies on the fact that the temporarily stored contents in registers alter the physical characteristics of the circuit, which results in changes in the die's impedance. To sense such impedance variations, we deploy a well-known RF/microwave method called scattering parameter analysis, in which we inject sine wave signals with high frequencies into the system's power distribution network (PDN) and measure the echo of the signals. We demonstrate that according to the content bits and physical location of a register, the reflected signal is modulated differently at various frequency points enabling the simultaneous and independent probing of individual registers. Such side-channel leakage violates the $t$-probing security model assumption used in masking, which is a prominent side-channel countermeasure. To validate our claims, we mount non-profiled and profiled impedance analysis attacks on hardware implementations of unprotected and high-order masked AES. We show that in the case of profiled attack, only a single trace is required to recover the secret key. Finally, we discuss how a specific class of hiding countermeasures might be effective against impedance leakage.

J. Longo,E. De Mulder,D. Page,M. Tunstall

DOI: https://doi.org/10.1007/978-3-662-48324-4_31

2015-01-01

Abstract:Increased complexity in modern embedded systems has presented various important challenges with regard to side-channel attacks. In particular, it is common to deploy SoC-based target devices with high clock frequencies in security-critical scenarios; understanding how such features align with techniques more often deployed against simpler devices is vital from both destructive (i.e., attack) and constructive (i.e., evaluation and/or countermeasure) perspectives. In this paper, we investigate electromagnetic-based leakage from three different means of executing cryptographic workloads (including the general purpose ARM core, an on-chip co-processor, and the NEON core) on the AM335x SoC. Our conclusion is that addressing challenges of the type above is feasible, and that key recovery attacks can be conducted with modest resources.

Pouya Narimani,Meng Wang,Ulysse Planta,Ali Abbasi

2024-10-15

Abstract:Power side-channel (PSC) attacks are widely used in embedded microcontrollers, particularly in cryptographic applications, to extract sensitive information. However, expanding the applications of PSC attacks to broader security contexts in the embedded systems domain faces significant challenges. These include the need for specialized hardware setups to manage high noise levels in real-world targets and assumptions regarding the attacker's knowledge and capabilities. This paper systematically analyzes these challenges and introduces a novel signal-processing method that addresses key limitations, enabling effective PSC attacks in real-world embedded systems without requiring hardware modifications. We validate the proposed approach through experiments on real-world black-box embedded devices, verifying its potential to expand its usage in various embedded systems security applications beyond traditional cryptographic applications.

Cryptography and Security

Hasindu Gamaarachchi,Harsha Ganegoda

DOI: https://doi.org/10.48550/arXiv.1801.00932

2018-01-03

Abstract:Power analysis is a branch of side channel attacks where power consumption data is used as the side channel to attack the system. First using a device like an oscilloscope power traces are collected when the cryptographic device is doing the cryptographic operation. Then those traces are statistically analysed using methods such as Correlation Power Analysis (CPA) to derive the secret key of the system. Being possible to break Advanced Encryption Standard (AES) in few minutes, power analysis attacks have become a serious security issue for cryptographic devices such as smart card. As the first phase of our project, we build a testbed for doing research on power analysis attacks. As power analysis is a practical type of attack in order to do any research, a testbed is the first requirement. Since building a test bed is a complicated process, having a pre-built testbed would save the time of future researchers. The second phase of our project is to attack the latest cryptographic algorithm called Speck which has been released by National Security Agency (NSA) for use in embedded systems. In spite it has lot of differences to AES making impossible to directly use the power analysis approach used for AES, we introduce novel approaches to break Speck in less than an hour. In the third phase of the project, we select few already introduced countermeasures and practically attack them on our testbed to do a comparative analysis. We show that software countermeasures such as random instruction injection and randomly shuffling S-boxes are good enough for their simplicity and cost. But we identify the possible threat due to the problem of generating a good seed for the pseudo-random algorithm running on the microcontroller. We attempt to address this issue by using a hardware-based true random generator that amplifies a random electrical signal and samples to generate a proper seed.

Cryptography and Security

Benjamin Hettwer,Stefan Gehrer,Tim Güneysu

DOI: https://doi.org/10.1007/s13389-019-00212-8

2019-04-11

Journal of Cryptographic Engineering

Abstract:With increasing expansion of the Internet of Things, embedded devices equipped with cryptographic modules become an important factor to protect sensitive data. Even though the employed algorithms in such devices are mathematically secure in theory, adversaries may still be able to compromise them by means of side-channel attacks. In power-based side-channel attacks, the instantaneous power consumption of the target is analyzed with statistical tools to draw conclusions about the secret keys that are used. There is a recent line of work that additionally makes use of techniques from the machine learning domain to attack cryptographic implementations. Since a complete review of this emerging field has not been done so far, this research aims to survey the current state of the art. We use a target-based classification to differentiate published work and drive general conclusions according to a common machine learning workflow. Furthermore, we outline the relationship between traditional power analysis techniques and machine learning-based attacks. This enables researchers to gain a better understanding of the topic in order to design new attack methods as well as potential countermeasures.

computer science, theory & methods

José Ricardo Cárdenas-Valdez,Ramón Ramírez-Villalobos,Catherine Ramirez-Ubieta,Everardo Inzunza-Gonzalez

DOI: https://doi.org/10.3390/e26090787

IF: 2.738

2024-09-15

Entropy

Abstract:Protecting sensitive patient data, such as electrocardiogram (ECG) signals, during RF wireless transmission is essential due to the increasing demand for secure telemedicine communications. This paper presents an innovative chaotic-based encryption system designed to enhance the security and integrity of telemedicine data transmission. The proposed system utilizes a multi-scroll chaotic system for ECG signal encryption based on master–slave synchronization. The ECG signal is encrypted by a master system and securely transmitted to a remote location, where it is decrypted by a slave system using an extended state observer. Synchronization between the master and slave is achieved through the Lyapunov criteria, which ensures system stability. The system also supports Orthogonal Frequency Division Multiplexing (OFDM) and adaptive n-quadrature amplitude modulation (n-QAM) schemes to optimize signal discretization. Experimental validations with a custom transceiver scheme confirmed the system's effectiveness in preventing channel overlap during 2.5 GHz transmissions. Additionally, a commercial RF Power Amplifier (RF-PA) for LTE applications and a development board were integrated to monitor transmission quality. The proposed encryption system ensures robust and efficient RF transmission of ECG data, addressing critical challenges in the wireless communication of sensitive medical information. This approach demonstrates the potential for broader applications in modern telemedicine environments, providing a reliable and efficient solution for the secure transmission of healthcare data.

physics, multidisciplinary

Galya Georgieva-Tsaneva,Evgeniya Gospodinova,Krasimir Cheshmedzhiev

DOI: https://doi.org/10.3390/diagnostics14090926

IF: 3.6

2024-04-30

Diagnostics

Abstract:The paper presents a system for analyzing cardiac activity with the possibility of continuous and remote monitoring. The created sensor mobile device monitors heart activity by means of the convenient and imperceptible registration of cardiac signals. At the same time, the behavior of the human body is also monitored through the accelerometer and gyroscope built into the device, thanks to which it is possible to signal in the event of loss of consciousness or fall (in patients with syncope). Conducting real-time cardio monitoring and the analysis of recordings using various mathematical methods (linear, non-linear, and graphical) enables the research, accurate diagnosis, timely assistance, and correct treatment of cardiovascular diseases. The paper examines the recordings of patients diagnosed with arrhythmia and syncope recorded by electrocardiography (ECG) sensors in real conditions. The obtained results are subjected to statistical analysis to determine the accuracy and significance of the obtained results. The studies show significant deviations in the patients with arrhythmia and syncope regarding the obtained values of the studied parameters of heart rate variability (HRV) from the accepted normal values (for example, the root mean square of successive differences between normal heartbeats (RMSSD) in healthy individuals is 24.02 ms, while, in patients with arrhythmia (6.09 ms) and syncope (5.21 ms), it is much lower). The obtained quantitative and graphic results identify some possible abnormalities and demonstrate disorders regarding the activity of the autonomic nervous system, which is directly related to the work of the heart.

medicine, general & internal

Lei Wang,Xingwei Wang,Dalin Zhang,Xiaolei Ma,Yong Zhang,Haipeng Dai,Chenren Xu,Z. B. Li,Tao Gu

DOI: https://doi.org/10.1145/3610871

2023-01-01

Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies

Abstract:Electrocardiogram (ECG) monitoring has been widely explored in detecting and diagnosing cardiovascular diseases due to its accuracy, simplicity, and sensitivity. However, medical- or commercial-grade ECG monitoring devices can be costly for people who want to monitor their ECG on a daily basis. These devices typically require several electrodes to be attached to the human body which is inconvenient for continuous monitoring. To enable low-cost measurement of ECG signals with off-the-shelf devices on a daily basis, in this paper, we propose a novel ECG sensing system that uses acceleration data collected from a smartphone. Our system offers several advantages over previous systems, including low cost, ease of use, location and user independence, and high accuracy. We design a two-tiered denoising process, comprising SWT and Soft-Thresholding, to effectively eliminate interference caused by respiration, body, and hand movements. Finally, we develop a multi-level deep learning recovery model to achieve efficient, real-time and user-independent ECG measurement on commercial mobile phones. We conduct extensive experiments with 30 participants (with nearly 36,000 heartbeat samples) under a user-independent scenario. The average errors of the PR interval, QRS interval, QT interval, and RR interval are 12.02 ms, 16.9 ms, 16.64 ms, and 1.84 ms, respectively. As a case study, we also demonstrate the strong capability of our system in signal recovery for patients with common heart diseases, including tachycardia, bradycardia, arrhythmia, unstable angina, and myocardial infarction.

Kun Xu,Yi Yang,Yu Li,Yahui Zhang,Limin Zhang

DOI: https://doi.org/10.3390/s24041088

IF: 3.9

2024-02-08

Sensors

Abstract:Wearable devices have been widely used for the home monitoring of physical activities and healthcare conditions, among which ambulatory electrocardiogram (ECG) stands out for the diagnostic cardiovascular information it contains. Continuous and unobtrusive sensing often requires the integration of wearable sensors to existing devices such as watches, armband, headphones, etc.; nonetheless, it is difficult to detect high-quality ECG due to the nature of low signal amplitude at these areas. In this paper, a high-performance system with multi-channel signal superposition for weak ECG real-time detection is proposed. Firstly, theoretical analysis and simulation is performed to demonstrate the effectiveness of this system design. The detection system, including electrode array, acquisition board, and the application (APP), is then developed and the electrical characteristics are measured. A common mode rejection ratio (CMRR) of up to 100 dB and input inferred voltage noise below 1 μV are realized. Finally, the technique is implemented in form of ear-worn and armband devices, achieving an SNR over 20 dB. Results are also compared with the simultaneous recording of standard lead I ECG. The correlation between the heart rates derived from experimental and standard signals is higher than 0.99, showing the feasibility of the proposed technique.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Huangxun Chen,Chenyu Huang,Qianyi Huang,Qian Zhang,Wei Wang

DOI: https://doi.org/10.48550/arXiv.1901.03808

2020-01-14

Abstract:Deep neural networks (DNNs)-powered Electrocardiogram (ECG) diagnosis systems recently achieve promising progress to take over tedious examinations by cardiologists. However, their vulnerability to adversarial attacks still lack comprehensive investigation. The existing attacks in image domain could not be directly applicable due to the distinct properties of ECGs in visualization and dynamic properties. Thus, this paper takes a step to thoroughly explore adversarial attacks on the DNN-powered ECG diagnosis system. We analyze the properties of ECGs to design effective attacks schemes under two attacks models respectively. Our results demonstrate the blind spots of DNN-powered diagnosis systems under adversarial attacks, which calls attention to adequate countermeasures.

Machine Learning,Signal Processing

T. Martin,E. Jovanov,D. Raskovic

DOI: https://doi.org/10.1109/iswc.2000.888463

2020-03-11

Abstract:In this paper we discuss issues surrounding wearable computers used as intelligent health monitors. Unlike existing health monitors (for example, ECG and EEG holters), that are used mainly for data acquisition, the devices we discuss provide real-time feedback to the patient, either as a warning of impending medical emergency or as a monitoring aid during exercise. These medical applications are to be distinguished from applications of wearable computing for medical personnel, e.g. doctors, nurses, and emergency medical technicians. Medical monitoring applications differ from other wearable applications in their I/O requirements, sensors, reliability, privacy issues, and user interface. The paper describes a prototype wearable ECG monitor based upon a high-performance, low-power digital signal processor and the development environment for its design.

Jianlei Yang,Chenguang Wang,Yici Cai,Qiang Zhou

DOI: https://doi.org/10.1109/fpt.2014.7082770

2014-01-01

Abstract:Side Channel Attack (SCA) aims to extract the secret information from cryptography chips by analyzing the leakage of physical parameters. Power analysis based SCA is a popular approach to obtain secret keys by monitoring the power consumption of cryptography chips. However, most SCA evaluation methods are performed on FPGA platforms while many parasitic physical effects cannot be revealed before the cryptography chips are taped out. Roughly ignoring these effects will significantly increase the attack difficulties due to the corresponding measurement noise. Power supply noise has been observed to be critical for power analysis based SCA. This paper demonstrates a power supply noise aware evaluation framework for practical side channel attack from cryptography system design to physical design. On-chip power delivery network is implemented among physical design stage. Consequently the supply noise of power network can be explored according to the post-layout implementation. Additionally, the countermeasures of cryptography chips could be enhanced by on-chip decapacitors placement due to its influences on the characteristics of power delivery network.

Yan Zhang,Yi Tian,Zhaobin Wang,Yide Ma,Yurun Ma

DOI: https://doi.org/10.1109/wosspa.2013.6602364

2013-01-01

Abstract:This work presents a novel easy-to-use, portable, low-power, real-time, and autoalarm electrocardiogram (ECG) intelligent diagnosis system on MSP430 microcontroller. The real-time ECG signal is acquired at V1 lead and instantaneously amplified and filtered on front end circuit, and then, the signal is converted from analog ECG signal to digital value and filtered with Cohen Daubechies Feauveau 9/7 wavelet. Also, the ECG waveform is displayed on LCD and the real-time calculated heart rate is displayed on segment LCD, refreshed every 4 seconds. The buzzer alarms and the alarm message with the position information of the patient are sent to the doctors or relatives immediately, once an abnormal ECG is detected. A real-time R-wave detection algorithm based on integral projection function has been implemented, which is specially designed to be adaptive against the most common sources of noise and interference present and baseline wandering when acquiring the ECG. The system can identify premature ventricular contractions(PVC), which are very important for the subjects who are being monitored. Experimental results show the R-wave detection accuracy of the proposed system is 98.8% and the PVC detection and identification of the proposed system is 92.1%.