Personalized insulin dose manipulation attack and its detection using interval-based temporal patterns and machine learning algorithms.

Many patients with diabetes are currently being treated with insulin pumps and other diabetes devices which improve their quality of life and enable effective treatment of diabetes. These devices are connected wirelessly and thus, are vulnerable to cyber-attacks which have already been proven feasible. In this paper, we focus on two types of cyber-attacks on insulin pump systems: an overdose of insulin, which can cause hypoglycemia, and an underdose of insulin, which can cause hyperglycemia. Both of these attacks can result in a variety of complications and endanger a patient's life. Specifically, we propose a sophisticated and personalized insulin dose manipulation attack; this attack is based on a novel method of predicting the blood glucose (BG) level in response to insulin dose administration. To protect patients from the proposed sophisticated and malicious insulin dose manipulation attacks, we also present an automated machine learning based system for attack detection; the detection system is based on an advanced temporal pattern mining process, which is performed on the logs of real insulin pumps and continuous glucose monitors (CGMs). Our multivariate time-series data (MTSD) collection consists of 225,780 clinical logs, collected from real insulin pumps and CGMs of 47 patients with type I diabetes (13 adults and 34 children) from two different clinics at Soroka University Medical Center in Beer-Sheva, Israel over a four-year period. We enriched our data collection with additional relevant medical information related to the subjects. In the extensive experiments performed, we evaluated the proposed attack and detection system and examined whether: (1) it is possible to accurately predict BG levels in order to create malicious data that simulate a manipulation attack and the patient's body in response to it; (2) it is possible to automatically detect such attacks based on advanced machine learning (ML) methods that leverage temporal patterns; (3) the detection capabilities of the proposed detection system differ for insulin overdose and underdose attacks; and (4) the granularity of the learning model (general / adult vs. pediatric clinic / individual patient) affects the detection capabilities. Our results show that (a) it is possible to predict, with nearly 90% accuracy, BG levels using our proposed methods, and by doing so, enable malicious data creation for our detection system evaluation; (b) it is possible to accurately detect insulin manipulation attacks using temporal patterns mining using several ML methods, including Logistic Regression, Random Forest, TPF class model, TPF top k, and ANN algorithms; (c) it is easier to detect an overdose attack than an underdose attack in more than 25%, in terms of AUC scores; and (d) the adult vs. pediatric model outperformed models of other granularities in the detection of overdose attacks, while the general model outperformed the other models in the case of detecting underdose attacks; for both attacks, attack detection among children was found to be more challenging than among adults. In addition to its use in the evaluation of our detection system, the proposed BG prediction method has great importance in the medical domain where it can contribute to improved care of patients with diabetes.

Cardio-ML: Detection of malicious clinical programmings aimed at cardiac implantable electronic devices based on machine learning and a missing values resemblance framework.

Patients with life-threatening arrhythmias are often treated with cardiac implantable electronic devices (CIEDs), such as pacemakers and implantable cardioverter defibrillators (ICDs). Recent advancements in CIEDs have enabled advanced functionality and connectivity that make such devices (particularly ICDs) vulnerable to cyber-attacks. One of the most dangerous attacks on CIED ecosystems is a data manipulation attack from a compromised programmer device that sends malicious clinical programmings to the CIED. Such attacks can affect the CIED functioning and impact patient's survival and quality of life. In this paper, we propose Cardio-ML - an automated system for the detection of malicious clinical programmings that is based on machine learning algorithms and a novel missing values resemblance framework. Our system is designed to detect new variants of existing attacks and, more importantly, new unknown (zero-day) attacks, aimed at ICDs. We collected 1651 legitimate clinical programmings from 514 patients, over a four-year period, from programmer devices at two medical centers. Our collection also includes 28 core malicious functionalities created by cardiac electrophysiology experts that were later used to create different variants of malicious programmings. Cardio-ML was evaluated extensively in three comprehensive experiments and showed high detection capabilities in most attack scenarios. We achieved perfect classification results for detecting newly created variants of existing core malicious functionalities, with an AUC of 100%; for completely new unknown (zero-day) malicious clinical programmings, an AUC of 80% was obtained, which is 14% better than the state-of-the-art method. We were able to further improve our detection results by identifying the best combination of legitimate and zero-day malicious programmings in the dataset, achieving an AUC of 87%. CIED clinical programmings have many parameters without values for a large number of samples (programmings). To cope with the extreme amount of missing values in our dataset, we developed a novel missing values-based resemblance framework and evaluated it using three dataset-creation approaches: a standard expert-driven approach, our novel data-driven approach, and a combined approach incorporating both approaches. The results showed that our novel framework handles missing values in the data better than the expert-driven approach which yields an empty dataset. In particular, the combined approach showed a 40% improvement in data utilization compared to the data-driven approach.