International Research Journal of Innovations in Engineering and Technology - IRJIET International Open Access, Monthly, Peer Reviewed, Reputed Journal ISSN (online): 2581-3048

Impact Factor (2025): 6.9

DOI Prefix: 10.47001/IRJIET

Ensure Security and Privacy of Medical Imaging through Secure DICOM

Abstract

The study outlines some of the limitations in four selected security components in the medical imaging standard, Digital Imaging and Communications in Medicine (DICOM), and proposes a set of actions to be taken to resolve the specified issues. The critical requirement of DICOM servers for smooth hospital functionality is discussed while stressing areas such as telemedicine. Furthermore, reviews of past research have been done shedding the spotlight on existing vulnerabilities in the DICOM standard; the root cause of the vulnerabilities while demonstrating proofs of concept to better understand how to resolve the security issues. The method incorporated in presenting the fixes to the issues is discussed in technical terms, for each security component of DICOM.

Country : Sri Lanka

1 A.N. Somasundara2 S.T. Jayathunge3 D.M.C.P. Jayasooriya4 E.M.H.O. Ekanayaka5 Kanishka Yapa6 Uditha Dharmakeerthi

  1. Department of Computer Systems Engineering, Sri Lanka Institute of Information Technology, Malabe, Sri Lanka
  2. Department of Computer Systems Engineering, Sri Lanka Institute of Information Technology, Malabe, Sri Lanka
  3. Department of Computer Systems Engineering, Sri Lanka Institute of Information Technology, Malabe, Sri Lanka
  4. Department of Computer Systems Engineering, Sri Lanka Institute of Information Technology, Malabe, Sri Lanka
  5. Department of Computer Systems Engineering, Sri Lanka Institute of Information Technology, Malabe, Sri Lanka
  6. Department of Computer Systems Engineering, Sri Lanka Institute of Information Technology, Malabe, Sri Lanka

IRJIET, Volume 7, Issue 10, October 2023 pp. 89-96

doi.org/10.47001/IRJIET/2023.710012

Full Paper
Download

References

  1. H. Tachibana, M. Omatsu, K. Higuchi, and T. Umeda, “Design and development of a secure DICOM-Network Attached Server,” Comput. Methods Programs Biomed., vol. 81, no. 3, pp. 197–202, Mar. 2006, doi: 10.1016/j.cmpb.2005.11.015.
  2. D. Peck, “Digital Imaging and Communications in Medicine (DICOM): A Practical Introduction and Survival Guide,” J. Nucl. Med., vol. 50, no. 8, pp. 1384–1384, Aug. 2009, doi: 10.2967/jnumed.109.064592.
  3. H. K. Huang and H. K. Huang, PACS and imaging informatics: basic principles and applications, 2nd ed. Hoboken, N.J: Wiley-Liss, 2004.
  4. P. Subhasri and D. A. Padmapriya, “Authentication based Access Control mechanism for Ensuring Privacy of DICOM contents in Public Cloud,” Aust. J. Basic Appl. Sci., 2017.
  5. Health IT Security, “DICOM Flaw Enables Malware to Hide Behind Medical Images,” HealthITSecurity, Apr. 18, 2019. https://healthitsecurity.com/news/dicom-flaw-enables-malware-to-hide-behind-medical-images (accessed Jun. 24, 2023).
  6. B. Desjardins et al., “DICOM Images Have Been Hacked! Now What?,” Am. J. Roentgenol., vol. 214, no. 4, pp. 727–735, Apr. 2020, doi: 10.2214/AJR.19.21958.
  7. P. M. Kuzmak and R. E. Dayhoff, “Minimizing Digital Imaging and Communications in Medicine (DICOM) Modality Worklist patient/study selection errors,” J. Digit. Imaging, vol. 14, no. S1, pp. 153–157, Jun. 2001, doi: 10.1007/BF03190323.
  8. M. Dzwonkowski and R. Rykaczewski, “Secure Quaternion Feistel Cipher for DICOM Images,” IEEE Trans. Image Process., vol. 28, no. 1, pp. 371–380, Jan. 2019, doi: 10.1109/TIP.2018.2868388.
  9. Z. Wang, Q. Li, Y. Wang, B. Liu, J. Zhang, and Q. Liu, “Medical Protocol Security: DICOM Vulnerability Mining Based on Fuzzing Technology,” in Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, London United Kingdom: ACM, Nov. 2019, pp. 2549–2551. doi: 10.1145/3319535.3363253.
  10. V.-H. Le and H. Zhang, “Log-based Anomaly Detection Without Log Parsing,” in 2021 36th IEEE/ACM International Conference on Automated Software Engineering (ASE), Melbourne, Australia: IEEE, Nov. 2021, pp. 492–504. doi: 10.1109/ASE51524.2021.9678773.
  11. S. Collin, “Side channel attacks against the Solo key - HMAC-SHA256 scheme,” 2020.
  12. S. Gadamsetty, R. Ch, A. Ch, C. Iwendi, and T. R. Gadekallu, “Hash-Based Deep Learning Approach for Remote Sensing Satellite Imagery Detection,” Water, vol. 14, no. 5, p. 707, Feb. 2022, doi: 10.3390/w14050707.
  13. J. Li, S. Liu, P. Reviriego, L. Xiao, and F. Lombardi, “Scheme for periodical concurrent fault detection in parallel CRC circuits,” IET Comput. Digit. Tech., vol. 14, no. 2, pp. 80–85, Mar. 2020, doi: 10.1049/iet-cdt.2018.5183.
  14. R. Lebre, L. Bastiao, and C. Costa, “An Accounting Mechanism for Standard Medical Imaging Services,” in 2019 IEEE 6th Portuguese Meeting on Bioengineering (ENBENG), Lisbon, Portugal: IEEE, Feb. 2019, pp. 1–4. doi: 10.1109/ENBENG.2019.8692545.
  15. R. Lebre, L. B. Silva, and C. Costa, “A Cloud-Ready Architecture for Shared Medical Imaging Repository,” J. Digit. Imaging, vol. 33, no. 6, pp. 1487–1498, Dec. 2020, doi: 10.1007/s10278-020-00373-7.
  16. G. Kang and Y.-G. Kim, “Secure Collaborative Platform for Health Care Research in an Open Environment: Perspective on Accountability in Access Control,” J. Med. Internet Res., vol. 24, no. 10, p. e37978, Oct. 2022, doi: 10.2196/37978.
  17. H. Wang and C. Gong, “Design and Implementation of Unified Identity Authentication Service Based on AD,” in 2016 8th International Conference on Computational Intelligence and Communication Networks (CICN), Tehri, India: IEEE, Dec. 2016, pp. 394–398. doi: 10.1109/CICN.2016.84.
  18. N. Alanizy, A. Alanizy, N. Baghoza, M. AlGhamdi, and A. Gutub, “3-LAYER PC TEXT SECURITYVIA COMBININGCOMPRESSION, AES CRYPTOGRAPHY2LSB IMAGE STEGANOGRAPHY,” J. Res. Eng. Appl. Sci., vol. 03, no. 04, pp. 118–124, Oct. 2018, doi: 10.46565/jreas.2018.v03i04.001.
  19. J. Zhang, “DICOM Image Secure Communication with Internet Protocols,” in Teleradiology, S. Kumar and E. A. Krupinski, Eds., Berlin, Heidelberg: Springer Berlin Heidelberg, 2008, pp. 33–47. doi: 10.1007/978-3-540-78871-3_4.

Copyright @ 2026-2017 IRJIET. All Right Reserved.

Developed by Byzero Technologies