Dear all,

    I’d kindly ask you to participate in the forthcoming EURASIP BForSec TAC webinar on “DICOM Standard – What we know about its secturity?“, by Aleksandra Mileva.

The webinar will be given on June 22, 2023, 11am CEST

The webinar will be feely accessible at: https://us02web.zoom.us/j/85911696668?pwd=VjRsNDVFU3pyWnRpeFNMWUN6cHdJZz09

More information about EURASIP Seminars are available at https://eurasip.org/seminars/

___________________________________________________________________________________________________________________________

“DICOM Standard – What we know about its secturity?“, by Aleksandra Mileva

Abstract:

The new era of healthcare digitization brings many advantages for patients and medical staff, but also transforms the medical institutions into a novel and valuable target of cybercriminals. Cybersecurity hazards involving healthcare institutions, such as big data breaches with stolen medical records, ransomware attacks, (Distributed) Denial of Service attacks followed by interruptions of various medical processes or insider threats, can be found nowadays in many headlines of world news agencies. The Picture Archiving and Communication Systems (PACS) infrastructure of modern hospitals deploys different standards and protocols for storing and transferring data between different modalities. The most used and important standard is DICOM (Digital Imaging and COmmunication in Medicine), which provide a framework for a diagnostically-accurate representation, processing, transfer, storage and display of medical imaging data. DICOM files combine medical media with patient/study/equipment/other metadata, while different transport mechanisms are defined for their exchange.

This webinar tries to demonstrate different security problems connected with the DICOM standard, such as the abuse of insecure or poorly-configured DICOM/PACS servers available on Internet; the possibility to access or perform different malicious manipulations on stored DICOM files, such as adding or removing evidence of medical conditions from volumetric medical scans by deep learning techniques, which can even deceive radiologists and state-of-the-art AI screening tools; abuse of information hiding techniques with the possibility to hide an executable code into a DICOM file, or to create covert channels useful for covert communication, privacy-leakage or data exfiltration, or to create and spread stegomalware; etc. In addition, security features currently used in DICOM are presented, together with crash course in DICOM.

Speaker:

Aleksandra Mileva is a Full professor at the Faculty of Computer Science, Goce Delcev University in Stip, N. Macedonia, where she is also the Head of the Laboratory of Computer Security and Computer Forensics. She received her PhD in Computer Science from the Ss. Cyril and Methodius University – Skopje in 2010. Her research interests include computer and network security, digital steganography, IoT protocols and information security, cryptography, computer forensics, and quasi-groups theory. She was with the management committee of two COST actions IC1201: BETTY and IC1306: Cryptography for Secure Digital Interaction, and she was Advisory Board member of H2020 SIMARGL project. She served as a guest editor for IEEE Internet of Things Journal, IEEE Security & Privacy, Journal of Universal Computer Science, co-chair of several conferences and workshops, and currently, she is a conference chair of the European Interdisciplinary Cybersecurity Conference (EICC) 2023. She is also a member of the editorial boards of Journal of Cyber Security and Mobility; Frontiers of Computer Science and Mathematics, Computer Science and Education. She is a co-author and developer of the NaSHA family of hash functions, which was the First Round Candidate of the NIST SHA-3 Competition (2007-2012). She was a coordinator of several scientific projects with PR of China, Portugal and Bulgaria. She has a certificate for Assessing and exploiting control systems and IIoT – Black Hat Edition. Mileva is a member of the EURASIP SAT on Biometrics, Data Forensics, and Security from 2019.

Personal             http://biomedia4n6.uniroma3.it/maiorana.html