I hope the posts on attacking medical devices has given a good overview of the picture of these attacks on life critical devices. My last post in this domain is a doozy one!
Data analytics in healthcare is booming with several companies cropping up and changing the nature of how we view medical data. This has also lead to some very optimistic conclusions that show the future for big data analytics in healthcare. But taking a moment to think about any vulnerabilities in this system might lead to erroneous and probably appalling conclusions.
The following reference poisons training data itself for these machine learning algorithms that work on big data analytics. This can lead to severe security attacks as it changes conclusions of the algorithms. This is a vulnerability for the entire healthcare industry and data cleansing is required - Systematic Poisoning Attacks on and Defenses for Machine Learning in Healthcare. Summarizing:
Data analytics in healthcare is booming with several companies cropping up and changing the nature of how we view medical data. This has also lead to some very optimistic conclusions that show the future for big data analytics in healthcare. But taking a moment to think about any vulnerabilities in this system might lead to erroneous and probably appalling conclusions.
The following reference poisons training data itself for these machine learning algorithms that work on big data analytics. This can lead to severe security attacks as it changes conclusions of the algorithms. This is a vulnerability for the entire healthcare industry and data cleansing is required - Systematic Poisoning Attacks on and Defenses for Machine Learning in Healthcare. Summarizing:
- The attack model chosen is of causative attacks called poisoning attacks where an attacker can add malicious data to the training set with the assumption that there is access to a super awesome computer, knowledge of training set and adding malicious data is not suspicious.
- The attack scheme is a generic and algorithm-independent one and can be implanted without any knowledge of the type of machine learning algorithm used.
- Malicious instances I whose attribute values match the attacked class and labels the attacking class are generated using weighted pseudo-random values for the attributes. Attacking without access to the database is based on generating an artificial dataset off the feedback from the machine learning algorithm
No fear, as counter measures are proposed which seem to be viable.
- Periodically constructing a model using training dataset and evaluating it with a validation dataset and notifying if there is a sudden change in accuracy metrics. Metrics include currently-classified instances and kappa statistics. The first pass evaluation computes the golden value from the trusted state and the further evaluations are checked with this golden value to check for attacks.
Excellent work, but I am less optimistic, even after all the advances. Malware in medical devices is a scary prospect. Is this just another way for hackers to create havoc, like they did by breaking into a jeep? Unfortunately, the repercussions on these attacks in the medical device industry (and healthcare in general) can create deadly outcomes. I can see ransomware being exploited to save a person's life!!
ReplyDelete