2013 - 0116517870

Upload: asasasas

Post on 17-Feb-2018

216 views

Category:

Documents


0 download

TRANSCRIPT

  • 7/23/2019 2013 - 0116517870

    1/9

    3322 IEEE TRANSACTIONS ON BIOMEDICAL ENGINEERING, VOL. 60, NO. 12, DECEMBER 2013

    Wavelet-Based ECG Steganography for ProtectingPatient Condential Information in

    Point-of-Care SystemsAyman Ibaida and Ibrahim Khalil

    Abstract With the growing number of aging population and asignicant portion of that suffering from cardiac diseases, it is con-ceivable that remote ECGpatient monitoring systems are expectedto be widely used as point-of-care (PoC) applications in hospitalsaround the world. Therefore, huge amount of ECGsignal collectedby body sensor networks from remote patients at homes will betransmitted along with other physiological readings such as bloodpressure, temperature, glucose level, etc., and diagnosed by thoseremote patient monitoring systems. It is utterly important that pa-tient condentiality is protected while data are being transmittedover the public network as well as when they are stored in hos-pital servers used by remote monitoring systems. In this paper, awavelet-based steganographytechniquehas beenintroduced whichcombines encryption and scrambling technique to protect patientcondential data. The proposed method allows ECG signal to hideits corresponding patient condential data and other physiologicalinformation thus guaranteeing the integration between ECG andthe rest. To evaluate the effectiveness of the proposed techniqueon the ECG signal, two distortion measurement metrics have beenused: the percentage residual difference and the wavelet weightedPRD. It is found that the proposedtechniqueprovides high-securityprotection for patients data with low (less than 1%) distortion andECG data remain diagnosable after watermarking (i.e., hiding pa-tient condential data) and as well as after watermarks (i.e.,hiddendata) are removed from the watermarked data.

    Index Terms Condentiality,ECG, encryption,steganography,watermarking, wavelet.

    I. INTRODUCTION

    T HE number of elderly patients is increasing dramaticallydue to the recent medical advancements. Accordingly, toreduce the medical labor cost, the use of remote healthcaremonitoring systems and point-of-care (PoC) technologies havebecome popular [1], [2]. Monitoring patients at their home candrastically reduce the increasing trafc at hospitals and medicalcenters. Moreover, PoC solutions can provide more reliability

    ManuscriptreceivedFebruary 15, 2013;revised April23, 2013;accepted May14, 2013. Date of publication May 21, 2013; date of current version November18, 2013. Asterisk indicates corresponding author.

    A. Ibaida is with the Department of Computer Science and Informa-tion Technology, RMIT University, Melbourne VIC 3082, Australia (e-mail:[email protected]).

    I. Khalil is with the Department of Computer Science and Informa-tion Technology, RMIT University, Melbourne VIC 3082, Australia (e-mail:[email protected]).

    Color versions of one or more of the gures in this paper are available onlineat http://ieeexplore.ieee.org.

    Digital Object Identier 10.1109/TBME.2013.2264539

    in emergency services as patient medical information (e.g., di-agnosis) can be sent immediately to doctors and response orappropriate action can be taken without delay. However, remotehealth care systems are used in large geographical areas es-sentially for monitoring purposes, and, the Internet representsthe main communication channel used to exchange informa-tion. Typically, patient biological signals and other physiologi-cal readings arecollected using body sensors. Next, thecollected

    signals are sent to the patient PDA device for further process-ing or diagnoses. Finally, the signals and patient condentialinformation as well as diagnoses report or any urgent alerts aresent to the central hospital servers via the Internet. Doctors cancheck those biomedical signals and possibly make a decision incase of an emergency from anywhere using any device [3].

    Using Internet as main communication channel introducesnew security and privacy threats as well as data integrationissues. According to the Health Insurance Portability and Ac-countability Act (HIPAA), information sent through the Internetshould be protected and secured. HIPAA mandates that whiletransmitting information through the internet a patients privacyand condentiality be protected as follows [4].

    1) Patient privacy : It is of crucial importance that a patientcan control who will use his/her condential health in-formation, such as name, address, telephone number, andMedicare number. As a result, the security protocol shouldprovide further control on who can access patients dataand who cannot.

    2) Security : The methods of computer software should guar-antee the security of the information inside the communi-cation channels as well as the information stored on thehospital server.

    Accordingly, it is of crucial importance to implement a se-curity protocol which will have powerful communication and

    storage security [5].Several researchers have proposed various security proto-

    cols to secure patient condential information. Techniques usedcan be categorized into two subcategories. First, there are tech-niques that are based on encryption and cryptographic algo-rithms. These techniques are used to secure data during thecommunication and storage. As a result, the nal data will bestored in encrypted format [2], [4], [6], [7]. The disadvantageof using encryption-based techniques is its large computationaloverhead. Therefore, encryption-based methods are not suit-able in resource-constrained mobile environment. Alternatively,many security techniques are based on hiding its sensitive in-formation inside another insensitive host data without incurring

    0018-9294 2013 IEEE

  • 7/23/2019 2013 - 0116517870

    2/9

    IBAIDA AND KHALIL: WAVELET-BASED ECG STEGANOGRAPHY FOR PROTECTING PATIENT CONFIDENTIAL INFORMATION 3323

    Fig. 1. ECG steganography scenario in Point-of-Care (PoC) systems where body sensors collect different readings as well as ECG signal and watermarkingprocess implemented inside the patients mobile device.

    any increase in the host data size and huge computational over-head. These techniques are called steganography techniques.Steganography is the art of hiding secret information inside an-other type of data called host data [8]. However, steganographytechniques alone will not solve the authentication problem andcannot give the patients the required ability to control who canaccess their personal information as stated by HIPAA.

    In this paper, a new security technique is proposed to guaran-tee secure transmission of patient condential information com-bined with patient physiological readings from body sensors.The proposed technique is a hybrid between the two precedingcategories. First, it is based on using steganography techniquesto hide patient condential information inside patient biomed-ical signal. Moreover, the proposed technique uses encryption-based model to allow only the authorized persons to extract thehidden data. In this paper, the patient ECG signal is used asthe host signal that will carry the patient secret information aswell as other readings from other sensors such as temperature,glucose, position, and blood pressure. The ECG signal is usedhere due to the fact that most of the healthcare systems willcollect ECG information. Moreover, the size of the ECG signalis large compared to the size of other information. Therefore, itwill be suitable to be a host for other small size secret informa-tion. As a result, the proposed technique will follow HIPAAguidelines in providing open access for patients biomedicalsignal but prevents unauthorized access to patient condentialinformation.

    In this model body sensor nodes will be used to collect ECGsignal, glucose reading, temperature, position and blood pres-sure, the sensors will send their readings to patients PDA de-vice via Bluetooth. Then, inside the patients PDA device the

    steganography technique will be applied and patient secret in-

    formation and physiological readings will be embedded insidethe ECG host signal. Finally, the watermarked ECG signal issent to the hospital server via the Internet. As a result, the realsize of the transmitted data is the size of the ECG signal onlywithout adding any overhead, because the other information arehidden inside the ECG signal without increasing its size. Athospital server the ECG signal and its hidden information willbe stored. Any doctor can see the watermarked ECG signal andonly authorizeddoctors and certain administrative personnel canextract the secret information and have access to the condentialpatient information as well as other readings stored in the hostECG signal. This system is shown in Fig. 1.

    The proposed steganography technique has been designed insuch a waythat guarantees minimum acceptable distortion in theECGsignal, Furthermore,it will provide thehighest security thatcan be achieved. The use of this technique will slightly affect thequality of ECG signal. However, watermarked ECG signal canstill be used for diagnoses purposes as it is proven in this paper.In this paper, the following research questions are answered.

    1) Can the proposed technique protect patient condentialdata as explained in the HIPAA security and privacyguidelines?

    2) What will be the effect on the original ECG signal afterapplying the proposed steganography technique in termsof size and quality?

    Rest of the paper is organized as follows. Section II brieydiscusses the related works and what other researchers did inthis area. In Section III, we discuss the basic system design, theembedding process (i.e., patient sensitive data into ECG signal),and the extraction process. Next, in Section IV security analysisis proposed. Then, Section V explains diagnosability measure-

    ment. Section VI shows the results of PRD calculated before

  • 7/23/2019 2013 - 0116517870

    3/9

    3324 IEEE TRANSACTIONS ON BIOMEDICAL ENGINEERING, VOL. 60, NO. 12, DECEMBER 2013

    and after secret data extraction. Finally, Section VII concludesthe paper.

    II. RELATED WORK

    There are many approaches to secure patient sensitive data[2], [7], [9], [10]. However, one approach [11], [12], [13] pro-posed to secure data is based on using steganography techniquesto hide secret information inside medical images. The challeng-ing factors of these techniques are how much information canbe stored, and to what extent the method is secure. Finally, whatwill be the resultant distortion on the original medical image orsignal.

    Zheng and Qian [13] proposed a new reversible data hidingtechnique based on wavelet transform. Their method is basedon applying B-spline wavelet transform on the original ECGsignal to detect QRS complex. After detecting R waves, Haarlifting wavelet transform is applied again on the original ECGsignal. Next, the non-QRS high-frequency wavelet coefcientsare selected by comparing and applying index subscript map-

    ping. Then, the selected coefcients are shifted 1 bit to the leftand the watermark is embedded. Finally, the ECG signal is re-constructed by applying reverse haar lifting wavelet transform.Moreover, before they embed the watermark, Arnold transformis applied for watermark scrambling. This method has low ca-pacity since it is shifting 1 bit. As a result only 1 bit can bestored for each ECG sample value. Furthermore, the securityin this algorithm relies on the algorithm itself, it does not usea user-dened key. Finally, this algorithm is based on normalECG signal in which QRS complex can be detected. However,for abnormal signal in which QRS complex cannot be detected,the algorithm will not perform well.

    Golpira and Danyali [12] proposed a reversible blind water-marking for medical images based on wavelet histogram shift-ing. In this paper, medical images such as MRI is used as hostsignal. A 2-D wavelet transform is applied to the image. Then,the histogram of the high-frequency subbands is determined.Next, two thresholds are selected, the rst is in the beginningand the other is in the last portion of the histogram. For eachthreshold, a zero point is created by shifting the left histogrampart of the rst threshold to the left, and shifting the right his-togram part of the second threshold to the right. The locationsof the thresholds and the zero points are used for inserting thebinary watermark data. This algorithm performs well for MRIimages but not for ECG host signals. Moreover, the capacity of this algorithms is low. Moreover, no encryption key is involvedin its watermarking process.

    Finally, Kaur et al. [11] proposed new digital watermarkingof ECG data for secure wireless communication. In their work,each ECG sample is quantized using 10 bits, and is divided intosegments. The segment size is equal to the chirp signal that theyuse. Therefore, for each ECG segment a modulated chirp signalis added. Patient ID is used in the modulation process of thechirp signal. Next, the modulated chirp signal is multiplied bya window-dependent factor, and then added to the ECG signal.The resulting watermarked signal is 11 bits per sample. Thenal signal consists of 16 bits per sample, with 11 bits for

    watermarked ECG, and 5 bits for the factor and patient ID.

    Fig. 2. Original data consisting of patient information and sensor readings aswell as patient biometric information.

    III. M ETHODOLOGY

    Thesender side of theproposedsteganographytechnique con-sists of four integrated stages as shown in Fig. 4. The proposedtechnique is designed to ensure secure information hiding withminimal distortion of the host signal. Moreover, this techniquecontains an authentication stage to prevent unauthorized usersfrom extracting the hidden information.

    A. Stage 1: Encryption

    The aim of this stage is to encrypt the patient condentialinformation in such a way that prevents unauthorized personswho does not have the shared keyfrom accessing patient con-dential data. In this stage, XOR ciphering technique is usedwith an ASCII coded shared key which will play the role of thesecurity key. XORciphering is selected because of its simplicity.As a result, XOR ciphering can be easily implemented insidea mobile device. Fig. 2 shows an example of what informationcould be stored inside the ECG signal [14].

    B. Stage 2: Wavelet Decomposition

    Wavelet transform is a process that can decompose the givensignal into coefcients representing frequency components of the signal at a given time. Wavelet transform can be dened asfollows:

    C (S, P ) =

    f (t) (S, P ) dt (1)

    where represents wavelet function. S and P are positive inte-gers representing transform parameters. C represents the coef-cients which is a function of scale and position parameters [15].Wavelet transform is a powerful tool to combine time domainwith frequency domain in one transform. In most applications,discrete signals are used. Therefore, discrete wavelet transform(DWT) must be used instead of continuous wavelet transform.

    DWT decomposition can be performed by applying wavelet

  • 7/23/2019 2013 - 0116517870

    4/9

    IBAIDA AND KHALIL: WAVELET-BASED ECG STEGANOGRAPHY FOR PROTECTING PATIENT CONFIDENTIAL INFORMATION 3325

    Fig. 3. Effectof applying steganography using differentlevels on the resultingPRD for each of the 32 subbands.

    transform to the signal using band lters. The result of the bandltering operation will be two different signals, one will be re-lated to the high-frequency components and the other relatedto the low-frequency components of the original signal. If thisprocess is repeated multiple times, then it is called multilevelpacket wavelet decomposition. DWT can be dened as follows:

    W (i, j ) =i j

    X (i) ij (n) (2)

    where W (i, j ) represents the DWT coefcients, i and j are thescale and shift transform parameters, and ij (n) is the waveletbasis time function with nite energy andfast decay. Thewaveletfunction can be dened as follows:

    ij (n) = 2 i/ 2 (2 i n j ). (3)

    In this paper, a ve-level wavelet packet decomposition has

    been applied to the host signal. Accordingly, 32 subbands re-sulted from this decomposition process as shown in Fig. 7. Ineach decomposition iteration, the original signal is divided intotwo signals. Moreover, the frequency spectrum is distributed onthese two signal. Therefore, one of the resulting signals willrepresent the high-frequency component and the other one rep-resents the low-frequency component. Most of the importantfeatures of the ECG signal are related to the low-frequency sig-nal. Therefore, this signal is called the approximation signal (A).On the other hand, the high-frequency signal represents mostlythe noise part of the ECG signaland iscalleddetail signal (D). Asa result, a small number of the 32 subbands will be highly corre-lated with the important ECG features while the other subbandswill be correlated with the noise components in the originalECG signal [16]. Therefore, in our proposed technique differ-ent number of bits will be changed in each wavelet coefcient(usually called steganography level) based on its subband. As aresult, a different steganography level will be selected for eachband in such a way that guarantees the minimal distortion of the important features for the host ECG signal. The process of steganography levels selection was performed by applying lot of experimentation as shown in Fig. 3. It is clear that, hiding datain some subbands will highly affect the original signal, whilehiding in other subbands would result in small distortion effect.Accordingly, the selected steganography level for bands from 1

    to 17 is 5 bits and 6 bits for the other bands.

    Fig. 4. Block diagram of thesender steganographywhichincludesencryption,wavelet decomposition, and secret data embedding.

    Fig. 5. Block diagram of the receiver steganography which includes waveletdecomposition, extraction, and decryption.

    C. Stage 3: The Embedding Operation

    At this stage, the proposed technique will use a special secu-

    rity implementation to ensure high data security. In this tech-nique, a scrambling operation is performed using two parame-ters. First is the shared key known to both the sender and thereceiver. Second is the scrambling matrix, which is stored insideboth the transmitter and the receiver. Each transmitter/receiverpair has a unique scrambling matrix dened by

    S =

    s1,1 s1,2 s1,32s2,1 s2,2 s2,32

    ......

    . . ....

    s12 8,1 s12 8,2 s12 8,32

    (4)

    where S is a 128 32 scrambling matrix and s is a numberbetween 1 and 32. While building the matrix we make sure thatthe following conditions are met.

    1) The same row must not contain duplicate elements.2) Rows must not be duplicates.The detailed block diagram for the data embedding process

    is shown in Fig. 6. The embedding stage starts with convertingthe shared key into ASCII codes, therefore each character isrepresented by a number from 1 to 128. For each character code,thescrambling sequence fetcher will read the corresponding row

    from the scrambling matrix. An example of a fetched row can

  • 7/23/2019 2013 - 0116517870

    5/9

    3326 IEEE TRANSACTIONS ON BIOMEDICAL ENGINEERING, VOL. 60, NO. 12, DECEMBER 2013

    Fig. 6. Block diagram showing the detailed construction of the watermark embedding operation.

    be shown as follows:

    S r =

    32 22 6 3 16 11 30 7

    28 17 14 8 5 29 21 25

    31 27 26 19 15 1 23 2

    4 18 24 13 9 20 10 12.

    (5)

    The embedding operation performs the data hiding processin the wavelet coefcients according to the subband sequencefrom the fetched row. For example, if the fetched row is as in (5),the embedding process will start by reading the current waveletcoefcient in subband 32 and changing itsLSB bits. Then, it willread the current wavelet coefcient in subband 22 and changingits LSB bits, and so on. On the other hand, the steganographylevel is determined according to the level vector which containsthe information about how many LSB bits will be changed foreach subband. For example, if the data are embedded in subband32 then 6 bits will be changed per sample, while if it is embeddedinto wavelet coefcient in subband 1 then 5 LSB bits will bechanged.

    D. Stage 4: Inverse Wavelet Recomposition

    In this nal stage, the resultant watermarked 32 subbands arerecomposed using inverse wavelet packet recomposition. Theresult of this operation is the new watermarked ECG signal.The inverse wavelet process will convert the signal to the timedomain instead of combined time and frequency domain. There-fore, the newly reconstructed watermarked ECG signal will bevery similar to the original unwatermarked ECG signal. Thedetailed embedding algorithm is shown in Algorithm 1.

    The algorithm starts by initializing the required variables.Next, the coefcient matrix will be shifted and scaled to ensurethat all coefcients values are integers. Then, the algorithmwill select a node out of 32 nodes in each row of the coefcientmatrix. The selection process is based on the value read from thescrambling matrix and the key. The algorithm will be repeateduntil the end of the coefcient matrix is reached. Finally, thecoefcient matrix will be shifted again and rescaled to returnits original range and inverse wavelet transform is applied toproduce the watermarked ECG signal.

    E. Watermark Extraction Process

    To extract the secret bits from the watermarked ECG signal,

    the following information is required at the receiver side.

    1) The shared key value.2) Scrambling matrix.3) Steganography levels vector.The stages of the extraction process can be shown in Fig. 5.

    The rst step is to apply ve-level wavelet packetdecompositionto generate the 32 subbands signals. Next, using the shared keyand scrambling matrix the extraction operation starts extractingthe secret bits in the correct order according to the sequencerows fetched from the scrambling matrix. Finally, the extractedsecret bits are decrypted using the same shared key. The water-mark extraction process is almost similar to the watermarkingembedding process shown in Algorithm 1 except that insteadof changing the bits of the selected node, it is required to readvalues of the bits in the selected nodes, and then resetting them

    to zero.

  • 7/23/2019 2013 - 0116517870

    6/9

    IBAIDA AND KHALIL: WAVELET-BASED ECG STEGANOGRAPHY FOR PROTECTING PATIENT CONFIDENTIAL INFORMATION 3327

    Fig. 7. Five-level wavelet decomposition tree showing 32 subbands of ECG host signal and the secret data will be hidden inside the coefcients of the subbands.

    IV. S ECURITY ANALYSIS

    The security of the proposed algorithm is mainly based on theidea of having several parameters sharedbetween the transmitterand the receiver entities. Any change in any parameter will leadto the extraction of wrong data. Accordingly, the receiver andtransmitter should agree on the following information.

    1) The scrambling matrix.2) The encryption key (ASCII text string), i.e., shared secret.3) Steganography levels vector.As a result, even if the key is stolen the attacker will require

    to know the scrambling matrix as well as the steganography

    levels vector. The scrambling matrix is stored inside the trans-mitter/receiver pair and it will not be transmitted under anycircumstance. For example, each patient could have his own de-vice from his medical service provider and the matrix is burnt onthis device. Therefore, for each pair of transmitter and receiver,it must be a unique scrambling matrix. As a result the totalnumber of devices pairs (that can be supported) with a uniquescrambling matrix can be calculated as follows:

    N = 32! 128 ! 3.8562 10+215 . (6)

    As shown in (6) the total number of devices that we cansupport is larger than the IPv6 protocol address space. On the

    other hand, the sequence of rows fetched from the scramblingmatrix is totally related to the user dened key. As a result, thelonger the key is, the stronger the steganographic technique willbe. To guarantee the maximum security, the length of the keyused ( Lkey ) should satisfy the following condition:

    Lkey = Max B180

    , M (7)

    where B is the size of the embedded data in bits and M rep-resents the minimum key size. Accordingly, Table I shows theprobabilities to break the proposed technique using different keylengths and the minimum data size that can be hidden to achieve

    the maximum security for each key length.

    TABLE ISECURITY STRENGTH FOR DIFFERENT KEY LENGTHS

    The amount of data that can be stored inside the ECG host sig-nal using the proposed model totally depends on the steganog-raphy levels vector. In our proposed model and for ECG with

    10-s length and sampling rate of 360, a 2531 bytes (2.4 kB) of data can be embedded inside ECG host signal. The amount of data that can be stored is calculated using

    b = t f s

    32 180 (8)

    where b is the total number of bits stored, t is the total signaltime in seconds, and f s is the sampling frequency.

    V. D IAGNOSABILITY MEASUREMENT OF THEWATERMARKED ECG S IGNAL

    In this paper, the work done by Al-Fahoum [16] has beenimplemented and used as a diagnosability measure to determinethe effect of the watermarking process on the usability of the re-sultant ECG for diagnoses purposes. In this model, a ve-levelwavelet decomposition is applied to the original and water-marked ECG signal. As a result, the original signal will be di-vided into number of subbands denoted by A5 , D 5 , D 4 , D 3 , D 2 ,and D 1 . It is found that band A5 includes most of the T-wavecontribution and some of the P-wave contribution. Therefore,its weight should include the signicance of P and T. More-over, band D 5 includes most of the P-wave contribution, part of the T-wave contribution, and a relatively low percentage of theQRS-complex contribution. The weight of D5 should maintain

    the highest weight contribution of P, T, and QRS. Band D4 also

  • 7/23/2019 2013 - 0116517870

    7/9

    3328 IEEE TRANSACTIONS ON BIOMEDICAL ENGINEERING, VOL. 60, NO. 12, DECEMBER 2013

    TABLE I IWEIGHTS FOR EACH SUBBAND USED IN MEASURING DIAGNOSABILITY

    contains most of the QRS-complex contribution, and a little por-

    tion of P-wave. The weight of D4 is higher than A5 but lowerthan D5 . D3 includes some portions of the QRS-complex, andso its weight is lower than QRS weight itself. Bands D2 andD 1 are weighted less than any other band as they do not con-tribute to the spectrum of any of the main features. However,they cannot be excluded where late potentials and delta wavesmay exist. The researchers used a heuristics weights to mark thecontribution of each subband. The weights used are shown inTable II.

    After applying ve-level wavelet decomposition a PRD mea-sure of each subband is calculated as

    WPRD j =

    N i=1 (ci ci )2

    N i=1 (c2i )(9)

    where ci is the original coefcient within subband j and ci isthe coefcient of subband j for the watermarked signal. Finally,to nd the weighted wavelet PRD (10) is used

    WWPRD =N L

    j =0

    w j WPRD j (10)

    where N L is thetotalnumberof subbands, w j denotesthe weightvalue corresponding to subband j , and WPRD j represents thecalculated wavelet-based PRD for subband j .

    VI. E XPERIMENTS AND RESULTSIn this paper, three different types of ECG signals are used for

    the experimentation. A testbed of 59 ECG samples is used forthe experimentation. The set of samples consist of 19 normal(NSR) ECG samples, 27 Ventricular brillation ECG samples,and 13 Ventricular Tachycardia ECG samples. Each sample is10 s long with 250-Hz sampling frequency.

    To evaluate the proposed model, the PRD (percentage resid-ual difference) is used to measure the difference between theoriginal ECG host signal and the resulting watermarked ECGsignal as

    PRD = N

    i=1 (x

    i y

    i)2

    N i =1 x2i

    (11)

    where x represents the original ECG signal and y is the water-marked signal.

    Alternatively, to evaluate the diagnostic distortion caused bythe watermark, a wavelet-based PRD is used as detailed in theprevious section. These measures have been calculated for eachsample. Accordingly, to measure distortion caused by the ex-traction process, PRD and diagnoses PRD have been calculated.Finally, to evaluate the reliability of the extracted informationbit error rate has been used as follows:

    BER = Ber r

    B total 100 % (12)

    TABLE I IIPRD R ESULTS FOR DIFFERENT NORMAL ECG S EGMENTS

    TABLE IVPRD R ESULTS FOR VENTRICULAR TACHYCARDIA ECG S AMPLES

    TABLE VPRD R ESULTS FOR VENTRICULAR FIBRILLATION

  • 7/23/2019 2013 - 0116517870

    8/9

    IBAIDA AND KHALIL: WAVELET-BASED ECG STEGANOGRAPHY FOR PROTECTING PATIENT CONFIDENTIAL INFORMATION 3329

    Fig. 8. ECG signals for normal, VT and VF signal before applying the steganography operation and after the steganography operation as well as after extractingthe hidden data.

    TABLE VIAVERAGE PRD R ESULTS FOR DIFFERENT SCRAMBLING MATRICES

    where BER represents the bit error rate in percentage, B er r isthe total number of erroneous bits, and B total is the total numberof bits.

    Table III shows the results obtained for 18 normal ECG sam-ples. It can be seen from the table that a maximum PRD mea-sured was 0.6%. Second, it can be noticed that the differencebetween the normal PRD and the wavelet-based PRD for di-agnoses measurement is very small. Accordingly, this provesthat the watermarking process does not affect the diagnosabil-ity. Finally, this table shows the PRD measured after extractingthe watermark. It is obvious from the table that removal of thewatermark will have a small impact on the PRD value. As aresult, the ECG signal can still be used for diagnoses purposesafter removing the watermark.

    To guarantee unbiased results, we also experimented with VTand VF samples and the results are shown in Tables V and IV,respectively. It is obvious from these results that the maximumPRDs for VT host signal are only 0.5% and 1% for VF. Thisencouraging result clearly demonstrates that the watermarkedECG signals can be used for diagnoses. Fig. 8 shows three ECGsignal types, and the resultant watermarked signals before andafter watermark extraction process.

    Previous results have been obtained by using the same scram-bling matrix. To generalize our results, we performed the same

    experiments and calculated the average PRD values for differ-

    Fig. 9. Average PRD results for different scrambling matrices.

    TABLE VIIDOCTORS DIAGNOSES RESULTS

    ent cases of scrambling matrices. Table VI shows ten differentcases taken and their corresponding average PRD values. It canbe clearly seen how the values are approximately equal for dif-ferentcases.The obtained results further prove that ourproposedtechnique will cause minimum distortion for different cases of the scrambling matrix. This is clearly shown in Fig. 9.

    To validate diagnosability of the digitally processed ECGs,two specialist doctors were consulted. Sixty ECG segments(each 10-s length) for both normal sinus rhythm and abnor-mal (Ventricular Tachycardia, Ventricular Fibrillation) caseswere shown to them before and after watermarking, and alsoafter removal of watermarks. They were asked the followingquestions.

    1) How similar is the original and the watermarked ECG?2) Can the watermarked ECG be used for diagnoses?Both the specialist doctors admitted that the similarity is so

    high that the difference is undetectable and the both water-marked and unwatermarked signals can be used for diagnoses.

    The detailed results are shown in Table VII.

  • 7/23/2019 2013 - 0116517870

    9/9

    3330 IEEE TRANSACTIONS ON BIOMEDICAL ENGINEERING, VOL. 60, NO. 12, DECEMBER 2013

    VII. C ONCLUSION

    In this paper, a novel steganography algorithm is proposedto hide patient information as well as diagnostics informa-tion inside ECG signal. This technique will provide a securedcommunication and condentiality in a PoC system. A ve-level wavelet decomposition is applied. A scrambling matrix

    is used to nd the correct embedding sequence based on theuser-dened key. Steganography levels (i.e., number of bits tohide in the coefcients of each subband) are determined for eachsubband by experimental methods. In this paper, we tested thediagnoses quality distortion. It is found that the resultant water-marked ECG can be used for diagnoses and the hidden data canbe totally extracted.

    ACKNOWLEDGMENT

    The authors would like to thank Dr. L. Asaf and Dr. S. Hermizfrom Settlement Rd Clinic, 258 Settlement Rd Thomastown,Vic., Australia, for their time and effort in nding the similarity

    between the original and watermarked ECG signals. Finally, theauthor would like to thank the anonymous reviewers for theirconstructive suggestions.

    REFERENCES

    [1] Y. Lin, I. Jan, P. Ko, Y. Chen,J. Wong, and G.Jan,A wirelessPDA-basedphysiological monitoring system for patient transport, IEEE Trans. Inf.Technol. Biomed. , vol. 8, no. 4, pp. 439447, Dec. 2004.

    [2] F. Hu, M. Jiang, M. Wagner, and D. Dong, Privacy-preserving tele-cardiology sensor networks: Toward a low-cost portable wireless hard-ware/software codesign, IEEETrans. Inf. Technol.Biomed. ,vol.11,no.6,pp. 619627, Nov. 2007.

    [3] A. Ibaida, I. Khalil, and F. Su, Cardiac abnormalities detection fromcompressed ECG in wireless telemonitoring using principal components

    analysis (PCA), in Proc. 5th Int. Conf. Intell. Sens. Netw. Inf. Process. ,Dec. 2010, pp. 207212.[4] W. Leeand C. Lee, A cryptographickey management solution forHIPAA

    privacy/security regulations, IEEE Trans. Inf. Technol. Biomed. , vol. 12,no. 1, pp. 3441, Jan. 2008.

    [5] K. Malasri and L. Wang, Addressing security in medical sensor net-works, in Proc. 1st ACM SIGMOBILE Int. Workshop Syst. Netw. Supp. Healthcare Assist. Living Environ. , 2007, p. 12.

    [6] I. Maglogiannis, L. Kazatzopoulos, K. Delakouridis, andS. Hadjiefthymiades, Enabling location privacy and medical dataencryption in patient telemonitoring systems, IEEE Trans. Inf. Technol. Biomed. , vol. 13, no. 6, pp. 946954, Nov. 2009.

    [7] H. Wang, D. Peng, W. Wang, H. Sharif, H. Chen, and A. Khoynezhad,Resource-aware secure ECG healthcare monitoring through body sen-sor networks, IEEE Wireless Commun. , vol. 17, no. 1, pp. 1219, Feb.2010.

    [8] L. Marvel, C. Boncelet, and C. Retter, Spread spectrum image steganog-

    raphy, IEEE Trans. Imag. Process. , vol. 8, no. 8, pp. 10751083, Aug.1999.

    [9] A. De la Rosa Algarin, S. Demurjian, S. Berhe, and J. Pavlich-Mariscal,A security framework for xmlschemas and documentsfor healthcare,in Proc. IEEE Int. Conf. Bioinf. Biomed. Workshop , Oct. 2012, pp. 782789.

    [10] M. Li, S. Yu, Y. Zheng, K. Ren, and W. Lou, Scalable and secure sharingof personal health records in cloud computing using attribute-based en-cryption, IEEE Trans. Parallel Distrib. Syst. , vol. 24, no. 1, pp. 131143,Jan. 2013.

    [11] S. Kaur, R. Singhal, O. Farooq, and B. Ahuja, Digital watermarking of ECG data for secure wireless communication, in Proc. Int. Conf. Recent Trends Inf. Telecommun. Comput. , Mar. 2010, pp. 140144.

    [12] H. Golpira and H. Danyali, Reversible blind watermarking for medicalimages based on wavelet histogram shifting, in Proc. IEEE Int. Symp.Signal Process. Inf. Technol. , Dec. 2009, pp. 3136.

    [13] K. Zheng and X. Qian, Reversible data hiding for electrocardiogramsignal based on wavelet transforms, in Proc. Int. Conf. Comput. Intell.Security , Dec. 2008, vol. 1, pp. 295299.

    [14] D. Stinson, Cryptography: Theory and Practice . Boca Raton, FL, USA:CRC Press, 2006.

    [15] A. Poularikas, TransformsandApplicationsHandbook . Boca Raton, FL,USA: CRC Press, 2009.

    [16] A. Al-Fahoum, Quality assessment of ECG compression techniquesusing a wavelet-based diagnostic measure, IEEE Trans. Inf. Technol. Biomed. , vol. 10, no. 1, pp. 182191, Jan. 2006.

    Ayman Ibaida received the Masters degree in com-puter engineering from Baghdad University, Bagh-dad, Iraq, in 2005. He is currently working towardthe Ph.D. degree in computer science at RMIT Uni-versity, Melbourne, Australia.

    He worked as a Lecturer in Computer College,Dubai, between 2006 and 2008. His research inter-ests include biomedical signal processing, diagnoses,compression, and patient health records security inHealth-care systems.

    Ibrahim Khalil received the Ph.D. degree from theUniversity of Berne, Berne, Switzerland, in 2003.

    He is currently a Senior Lecturer in School of Computer Science & IT, RMIT University, Mel-bourne, Australia. He has several years of experiencein Silicon Valley-based companies working on LargeNetwork Provisioning and Management software. Healso worked as an academic in several research uni-versities. Before joining RMIT, he worked for EPFLand University of Berne in Switzerland and OsakaUniversity in Japan. His research interests include

    scalable computing in distributed systems, m-health, e-health, wireless and

    body sensor networks, biomedical signal processing, network security, and re-mote health-care.