StegIbiza: New Method for Information Hiding in Club Music

In this paper a new method for information hiding in club music is introduced. The method called StegIbiza is based on using the music tempo as a carrier. The tempo is modulated by hidden messages with a 3-value coding scheme, which is an adoption of Morse code for StegIbiza. The evaluation of the system was performed for several music samples (with and without StegIbiza enabled) on a selected group of testers who had a music background. Finally, for the worst case scenario, none of them could identify any differences in the audio with a 1% margin of changed tempo.Comment: 5 pages, 4 figures, 1 tabl

Literature Survey on Biomedical Steganography

The word “steganography” comes from the Greek origin “concealed writing”. With escalating significance on security, fraud, Steganography is gaining its value due to exponential growth and transmission of   secret information through multimedia like internet. In other words, it can be stated as invisible communication. In biomedical steganography, the secret communication is accomplished, where a patient’s information is embedded into a biomedical signal (ECG, EEG, PPG) or image which is taken as a cover signal or image. This survey analysis various steganography techniques used for biomedical signal or image

Secure Healthcare Applications Data Storage in Cloud Using Signal Scrambling Method

A body sensor network that consists of wearable and/or implantable biosensors has been an important front-end for collecting personal health records. It is expected that the full integration of outside-hospital personal health information and hospital electronic health records will further promote preventative health services as well as global health. However, the integration and sharing of health information is bound to bring with it security and privacy issues. With extensive development of healthcare applications, security and privacy issues are becoming increasingly important. This paper addresses the potential security risks of healthcare data in Internet based applications, and proposes a method of signal scrambling as an add-on security mechanism in the application layer for a variety of healthcare information, where a piece of tiny data is used to scramble healthcare records. The former is kept locally whereas the latter, along with security protection, is sent for cloud storage. The tiny data can be derived from a random number generator or even a piece of healthcare data, which makes the method more flexible. The computational complexity and security performance in terms of theoretical and experimental analysis has been investigated to demonstrate the efficiency and effectiveness of the proposed method. The proposed method is applicable to all kinds of data that require extra security protection within complex networks

State-of-the-art Survey of Data Hiding in ECG Signal

With the development of new communication technologies, the number of biomedical data that is transmitted is constantly increasing. This is sensitive data and therefore it is very important to preserve privacy when transmitting it. For this purpose, techniques for data hiding in biomedical signals are used. This is a comprehensive survey of research papers that covers the latest techniques for data hiding in ECG signal and old techniques that are not covered by the latest surveys. We show an overview of the methodology, robustness, and imperceptibility of the techniques

AI-based Ethical Hacking for Health Information Systems (HIS): a simulation study

Background: Health Information systems (HIS) are continuously targeted by hackers, who aim to bring down the Health Critical Infrastructure. This study is motivated by recent attacks to healthcare organisations that have resulted in the compromise of the sensitive data held in HIS. Existing cyber security research in the healthcare domain places an imbalanced focus on protecting medical devices and data. There is a lack of a systematic way to investigate how attackers may breach a HIS and access healthcare records, with the view to improving cybersecurity in the future. Objective: This research aims to provide new insights regarding HIS cybersecurity protection. We propose a systematic and novel optimized (AI-based) ethical hacking method tailored specifically for HIS, and we compare it with traditional unoptimized ethical hacking method. It allows researchers and practitioners to identify the points and attack pathways of possible penetration attacks to HIS more efficiently. Methods: In this study, we propose a novel methodological approach to ethical hacking for HIS. We launched ethical hacking using both optimized and unoptimized methods in an experimental setting. Specifically, we set up an HIS simulation environment by implementing the OpenEMR (Open Electronic Medical Record) system and followed the National Institute of Standards and Technology's (NIST) ethical hacking framework to launch the attacks. In the experiment, we launched 50 rounds of attacks using both unoptimized and optimized ethical hacking methods. Results: Ethical hacking was successful using both optimized and unoptimized methods. The results show that the optimized ethical hacking method outperforms the unoptimized one in terms of average time used, average success rate of exploit, number of exploits launched, and number of successful exploits. We are able to identify the successful attack paths, and the exploits that are related to remote code execution, cross-site request forgery, improper authentication, vulnerability in the Oracle Business Intelligence Publisher, an elevation of privilege vulnerability (in MediaTek), and remote access backdoor (in the Web GUI for the Linux Virtual Server). Conclusions: This research demonstrates systematic ethical hacking against HIS using optimized and unoptimized methods together with a set of penetration testing tools to identify exploits and combining them to perform ethical hacking. The findings contribute to Health Information Systems (HIS) literature, ethical hacking methodology and mainstream AI-based ethical hacking method as it addresses some key weaknesses of these research fields. The findings also have great significance for the healthcare sector, as OpenEMR is widely adopted by healthcare organisations. Our findings offer novel insights for the protection of HIS and equips researchers toward conducting further research in the HIS cybersecurity domain

Wavelet-based ECG steganography for protecting patient confidential information in point-of-care systems

With the growing number of aging population and a significant portion of that suffering from cardiac diseases, it is conceivable that remote ECG patient monitoring systems are expected to be widely used as point-of-care (PoC) applications in hospitals around the world. Therefore, huge amount of ECG signal collected by body sensor networks from remote patients at homes will be transmitted along with other physiological readings such as blood pressure, temperature, glucose level, etc., and diagnosed by those remote patient monitoring systems. It is utterly important that patient confidentiality is protected while data are being transmitted over the public network as well as when they are stored in hospital servers used by remote monitoring systems. In this paper, a wavelet-based steganography technique has been introduced which combines encryption and scrambling technique to protect patient confidential data. The proposed method allows ECG signal to hide its corresponding patient confidential data and other physiological information thus guaranteeing the integration between ECG and the rest. To evaluate the effectiveness of the proposed technique on the ECG signal, two distortion measurement metrics have been used: the percentage residual difference and the wavelet weighted PRD. It is found that the proposed technique provides high-security protection for patients data with low (less than $\hbox {1\%}$) distortion and ECG data remain diagnosable after watermarking (i.e., hiding patient confidential data) and as well as after watermarks (i.e., hidden data) are removed from the watermarked data