CardiWall: A trusted firewall for the detection of malicious clinical programming of cardiac implantable electronic devices

Matan Kintzlinger, Aviad Cohen, Nir Nissim, Moshe Rav-Acha, Vladimir Khalameizer, Yuval Elovici, Yuval Shahar, Amos Katz

Research output: Contribution to journalArticlepeer-review

14 Scopus citations

Abstract

Today, cardiac implantable electronic devices (CIEDs), such as pacemakers and implantable cardioverter defibrillators (ICDs), play an increasingly important role in healthcare ecosystems as patient life support devices. Physicians control, program and configure CIEDs on a regular basis using a dedicated programmer device. The programmer device is open to external connections (e.g., USB, Bluetooth, etc.), and thus it is exposed to a variety of cyber-attacks by which an attacker can manipulate the programmer device's operations and consequently harm the patient. In this paper, we present CardiWall, a novel detection and prevention system designed to protect ICDs from cyber-attacks aimed at the programmer device. Our system has six different layers of protection, leveraging medical experts' knowledge, statistical methods, and machine learning algorithms. We evaluated the CardiWall system extensively in two comprehensive experiments. For the evaluation, we gathered data for a period of four years and used 775 benign clinical commands that are related to hundreds of different patients (obtained from different programmer devices located at Barzilai University Medical center) and 28 malicious clinical commands (created by two cardiology experts from different hospitals). The evaluation results show that only two out of the six layers proposed in CardiWall system provided a high detection capability associated with high rates of true positive, and low rates of false positive. With the configuration that provided the best harmonic mean of sensitivity and specificity (HMSS), CardiWall achieved a high true positive rate (TPR) of 91.4% and a very low false positive rate (FPR) of 1%, with an AUC of 94.7%.

Original languageEnglish
Article number9025056
Pages (from-to)48123-48140
Number of pages18
JournalIEEE Access
Volume8
DOIs
StatePublished - 1 Jan 2020

Keywords

  • ICD
  • detection
  • machine learning
  • malware
  • security

ASJC Scopus subject areas

  • General Computer Science
  • General Materials Science
  • General Engineering

Fingerprint

Dive into the research topics of 'CardiWall: A trusted firewall for the detection of malicious clinical programming of cardiac implantable electronic devices'. Together they form a unique fingerprint.

Cite this