International Research Journal of Innovations in Engineering and Technology - IRJIET International Open Access, Monthly, Peer Reviewed, Reputed Journal ISSN (online): 2581-3048

Impact Factor (2025): 6.9

DOI Prefix: 10.47001/IRJIET

Ensure Security and Privacy of Medical Imaging through Secure DICOM

A.N. SomasundaraDepartment of Computer Systems Engineering, Sri Lanka Institute of Information Technology, Malabe, Sri LankaS.T. JayathungeDepartment of Computer Systems Engineering, Sri Lanka Institute of Information Technology, Malabe, Sri LankaD.M.C.P. JayasooriyaDepartment of Computer Systems Engineering, Sri Lanka Institute of Information Technology, Malabe, Sri LankaE.M.H.O. EkanayakaDepartment of Computer Systems Engineering, Sri Lanka Institute of Information Technology, Malabe, Sri LankaKanishka YapaDepartment of Computer Systems Engineering, Sri Lanka Institute of Information Technology, Malabe, Sri LankaUditha DharmakeerthiDepartment of Computer Systems Engineering, Sri Lanka Institute of Information Technology, Malabe, Sri Lanka

Vol 7 No 10 (2023): Volume 7, Issue 10, October 2023 | Pages: 89-96

International Research Journal of Innovations in Engineering and Technology

OPEN ACCESS | Research Article | Published Date: 26-10-2023

doi Logo doi.org/10.47001/IRJIET/2023.710012

pdf iconFull Text PDF
Abstract

The study outlines some of the limitations in four selected security components in the medical imaging standard, Digital Imaging and Communications in Medicine (DICOM), and proposes a set of actions to be taken to resolve the specified issues. The critical requirement of DICOM servers for smooth hospital functionality is discussed while stressing areas such as telemedicine. Furthermore, reviews of past research have been done shedding the spotlight on existing vulnerabilities in the DICOM standard; the root cause of the vulnerabilities while demonstrating proofs of concept to better understand how to resolve the security issues. The method incorporated in presenting the fixes to the issues is discussed in technical terms, for each security component of DICOM.

Keywords

DICOM, PACS, encryption, authentication, access control, error detection, integrity, security


Citation of this Article

A.N. Somasundara, S.T. Jayathunge, D.M.C.P. Jayasooriya, E.M.H.O. Ekanayaka, Kanishka Yapa, Uditha Dharmakeerthi, “Ensure Security and Privacy of Medical Imaging through Secure DICOM” Published in International Research Journal of Innovations in Engineering and Technology - IRJIET, Volume 7, Issue 10, pp 89-96, October 2023. Article DOI https://doi.org/10.47001/IRJIET/2023.710012

Licence Copyright (c) 2026 International Research Journal of Innovations in Engineering and Technology creative common licence This work is licensed under Creative common Attribution Non Commercial 4.0 Internation Licence
References
  1. H. Tachibana, M. Omatsu, K. Higuchi, and T. Umeda, “Design and development of a secure DICOM-Network Attached Server,” Comput. Methods Programs Biomed., vol. 81, no. 3, pp. 197–202, Mar. 2006, doi: 10.1016/j.cmpb.2005.11.015.
  2. D. Peck, “Digital Imaging and Communications in Medicine (DICOM): A Practical Introduction and Survival Guide,” J. Nucl. Med., vol. 50, no. 8, pp. 1384–1384, Aug. 2009, doi: 10.2967/jnumed.109.064592.
  3. H. K. Huang and H. K. Huang, PACS and imaging informatics: basic principles and applications, 2nd ed. Hoboken, N.J: Wiley-Liss, 2004.
  4. P. Subhasri and D. A. Padmapriya, “Authentication based Access Control mechanism for Ensuring Privacy of DICOM contents in Public Cloud,” Aust. J. Basic Appl. Sci., 2017.
  5. Health IT Security, “DICOM Flaw Enables Malware to Hide Behind Medical Images,” HealthITSecurity, Apr. 18, 2019. https://healthitsecurity.com/news/dicom-flaw-enables-malware-to-hide-behind-medical-images (accessed Jun. 24, 2023).
  6. B. Desjardins et al., “DICOM Images Have Been Hacked! Now What?,” Am. J. Roentgenol., vol. 214, no. 4, pp. 727–735, Apr. 2020, doi: 10.2214/AJR.19.21958.
  7. P. M. Kuzmak and R. E. Dayhoff, “Minimizing Digital Imaging and Communications in Medicine (DICOM) Modality Worklist patient/study selection errors,” J. Digit. Imaging, vol. 14, no. S1, pp. 153–157, Jun. 2001, doi: 10.1007/BF03190323.
  8. M. Dzwonkowski and R. Rykaczewski, “Secure Quaternion Feistel Cipher for DICOM Images,” IEEE Trans. Image Process., vol. 28, no. 1, pp. 371–380, Jan. 2019, doi: 10.1109/TIP.2018.2868388.
  9. Z. Wang, Q. Li, Y. Wang, B. Liu, J. Zhang, and Q. Liu, “Medical Protocol Security: DICOM Vulnerability Mining Based on Fuzzing Technology,” in Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, London United Kingdom: ACM, Nov. 2019, pp. 2549–2551. doi: 10.1145/3319535.3363253.
  10. V.-H. Le and H. Zhang, “Log-based Anomaly Detection Without Log Parsing,” in 2021 36th IEEE/ACM International Conference on Automated Software Engineering (ASE), Melbourne, Australia: IEEE, Nov. 2021, pp. 492–504. doi: 10.1109/ASE51524.2021.9678773.
  11. S. Collin, “Side channel attacks against the Solo key - HMAC-SHA256 scheme,” 2020.
  12. S. Gadamsetty, R. Ch, A. Ch, C. Iwendi, and T. R. Gadekallu, “Hash-Based Deep Learning Approach for Remote Sensing Satellite Imagery Detection,” Water, vol. 14, no. 5, p. 707, Feb. 2022, doi: 10.3390/w14050707.
  13. J. Li, S. Liu, P. Reviriego, L. Xiao, and F. Lombardi, “Scheme for periodical concurrent fault detection in parallel CRC circuits,” IET Comput. Digit. Tech., vol. 14, no. 2, pp. 80–85, Mar. 2020, doi: 10.1049/iet-cdt.2018.5183.
  14. R. Lebre, L. Bastiao, and C. Costa, “An Accounting Mechanism for Standard Medical Imaging Services,” in 2019 IEEE 6th Portuguese Meeting on Bioengineering (ENBENG), Lisbon, Portugal: IEEE, Feb. 2019, pp. 1–4. doi: 10.1109/ENBENG.2019.8692545.
  15. R. Lebre, L. B. Silva, and C. Costa, “A Cloud-Ready Architecture for Shared Medical Imaging Repository,” J. Digit. Imaging, vol. 33, no. 6, pp. 1487–1498, Dec. 2020, doi: 10.1007/s10278-020-00373-7.
  16. G. Kang and Y.-G. Kim, “Secure Collaborative Platform for Health Care Research in an Open Environment: Perspective on Accountability in Access Control,” J. Med. Internet Res., vol. 24, no. 10, p. e37978, Oct. 2022, doi: 10.2196/37978.
  17. H. Wang and C. Gong, “Design and Implementation of Unified Identity Authentication Service Based on AD,” in 2016 8th International Conference on Computational Intelligence and Communication Networks (CICN), Tehri, India: IEEE, Dec. 2016, pp. 394–398. doi: 10.1109/CICN.2016.84.
  18. N. Alanizy, A. Alanizy, N. Baghoza, M. AlGhamdi, and A. Gutub, “3-LAYER PC TEXT SECURITYVIA COMBININGCOMPRESSION, AES CRYPTOGRAPHY2LSB IMAGE STEGANOGRAPHY,” J. Res. Eng. Appl. Sci., vol. 03, no. 04, pp. 118–124, Oct. 2018, doi: 10.46565/jreas.2018.v03i04.001.
  19. J. Zhang, “DICOM Image Secure Communication with Internet Protocols,” in Teleradiology, S. Kumar and E. A. Krupinski, Eds., Berlin, Heidelberg: Springer Berlin Heidelberg, 2008, pp. 33–47. doi: 10.1007/978-3-540-78871-3_4.

Copyright @ 2026 IRJIET. All Right Reserved.

Licensed underCreative Commons Attribution 4.0 International License.