Home / News & Videos / News / Homeland & Cyber Security /

AI Firewall Protects Hospital Patients From Cyberattacks

AI Firewall Protects Hospital Patients From Cyberattacks

August 30, 2020

Homeland & Cyber Security

The Jerusalem Post — Medical devices that are vulnerable to cyberattacks and computer viruses now have a new line of protection – along with the patients who rely on them – as BGU researchers have developed an intelligent firewall to detect anomalous instructions and sift them out.

Modern hospitals use a range of computerized devices when treating patients, from CT (computed tomography) and MRI (magnetic resonance imaging) to ultrasound machines.

The devices are controlled by instructions sent from a host PC, which leaves them vulnerable to manipulation by abnormal or anomalous instructions due to cyberattacks, human error or a virus in the software of the host PC.

These anomalous instructions are potentially disastrous for patients, leaving them vulnerable to radiation overexposure, manipulation of device components or a false picture within medical images.

Tom Mahler

Ph.D. candidate Tom Mahler, under the supervision of BGU Profs. Yuval Elovici and Prof. Yuval Shahar in the BGU Department of Software and Information Systems Engineering (SISE), have developed an artificial intelligence program that analyzes the instructions sent by the host PC to the device, effectively allowing technicians to weed out bad instructions before they are implemented.

The program uses two types of filter, described as a dual-layer architecture. The architecture focuses on detecting two types of anomalous instructions: (1) context-free (CF) anomalous instructions, which are unlikely values or instructions, such as giving 100x more radiation than typical, and (2) context-sensitive (CS) anomalous instructions, which are normal values or combinations of values of instruction parameters, but are considered anomalous relative to a particular context, such as mismatching the intended scan type, or mismatching the patient’s age, weight or potential diagnosis.

Prof. Yuval Elovici

For example, a normal instruction intended for an adult might be dangerous [anomalous] if applied to an infant. Such instructions may be misclassified when using only the first, CF, layer; however, by adding the second, CS, layer, they can now be detected.

The research team used 8,277 recorded instructions sent to a CT scanner to test the two layers separately, both under a range of circumstances, using algorithms to re-create real world conditions.

Dr. Erez Shalom, a senior research scientist at BGU’s Medical Informatics Research Center played a key role in acquiring the CT scanning data that enabled the new computational architecture.

Read more in The Jerusalem Post >>