32nd Annual International Conference of the IEEE EMBS Buenos Aires, Argentina, August 31 - September 4, 2010

Embedding Patients Condential Data in ECG Signal For HealthCare Information Systems
Ayman Ibaida, Ibrahim Khalil and Dhiah Al-Shammary
School of Computer Science and IT RMIT University Melbourne, VIC 3000, Australia ayman.ibaida@student.rmit.edu.au, ibrahimk@cs.rmit.edu.au, d.alshammary@student.rmit.edu.au

Abstract In Wireless tele-cardiology applications, ECG signal is widely used to monitor cardiac activities of patients. Accordingly, in most e-health applications, ECG signals need to be combined with patient condential information. Data hiding and watermarking techniques can play a crucial role in ECG wireless tele-monitoring systems by combining the condential information with the ECG signal since digital ECG data is huge enough to act as host to carry tiny amount of additional secret data . In this paper, a new steganography technique is proposed that helps embed condential information of patients into specic locations (called special range numbers) of digital ECG host signal that will cause minimal distortion to ECG, and at the same time, any secret information embedded is completely extractable. We show that there are 2.1475 109 possible special range numbers making it extremely difcult for intruders to identify locations of secret bits. Experiments show that percentage residual difference (PRD) of watermarked ECGs can be as low as 0.0247% and 0.0678% for normal and abnormal ECG segments (taken from MIT-BIH Arrhythmia database) respectively.

2 Amplitude (mV) 0 2 4

500

1000 1500 Number of Samples

2000

2500

Fig. 1. Typical ECG signal for Tachycardia Affected Patient With a Heart Rate of 200

I. I NTRODUCTION Steganography is the communication art of sending and receiving secret messages that are hidden inside a specic host content such as images, waves, and videos [1]. In other words, steganography can be dened as hiding technique that is able to embed secret data inside another data host in such a way that prevents unauthorized persons to access the secret message [4]. In recent years, data hiding models are gaining popularity in establishing more secured communication channels for delivering secret messages [3] since there is huge demand for sending sensitive information over the net. In most wireless health care systems, patients are monitored continuously using body sensors in order to collect their physiological signals and send them to the hospital servers over the internet. This enables the physicians to take fast action in case of any emergency situation. ECG signal as shown in g 1 is an electric signal that is generated by the heart which is used by cardiologists to diagnose the heart functionality [8] . If a patient with heart abnormality is remotely monitored, then with 12 lead ECG, 10 bit Resolution and 360 Hz Sampling Frequency the data can easily reach up to 2.77 GB in one day. The enormous volume of digital ECG samples has the ability to serve as a data host material for hiding condential information of patients. In a typical wireless telemonitoring scenario for remote cardiac patients wireless e-health systems send ECG

signals of patients and their personal information separately to the hospital servers without any protection. However, The Health Insurance Portability and Accountability Act (HIPAA) of 1996 in US mandates that condential and private information related to patients be protected and sent over the net and stored in a secured manner. In this paper, a steganography technique as shown in Fig. 2 is proposed that allows ECG samples to be gathered on a wireless mobile device and sent with patient sensitive personal information such as name, age, personal ID, etc. At hospital servers, patients data can be extracted from the received ECG signal [5]. The challenge of the proposed steganography algorithm, is to preserve the physical features of the ECG signal and guarantee the success of the diagnosis process of the ECG signal after extracting the hidden data. In this paper, the evaluation of the proposed technique is based on computing the PRD error measurement as a way to show the ability of diagnosing the host ECG signal. In summary, this paper tries to answer the following research questions: How can the ECG signals be used efciently to achieve high level of security in sending and receiving the patients condential information ? Can the resultant ECG host signals provide the same physiological features as the original one? The rest of the paper is organized as follows. In section II we discuss the related work that has been done in this area. Section III discusses the proposed steganography technique. Then, section IV shows the evaluation of the ECG host signals. Finally, section V concludes the paper. II. R ELATED WORK Although there is a large volume of works on watermarking and steganography, not many researchers have addressed

978-1-4244-4124-2/10/$25.00 2010 IEEE

3891

Raw ECG Signal

Patients Smartphone

ECG signal preprocessing

Shift special range Transform

Data hiding

ECG signal Scale and level correction

ECG Signal
Watermarked ECG Signal

special range parameters

Secret Bits

ECG Signal with secret bits

Patien with ECG sensor

Fig. 3.
Internet
Hospital server will extract the information and distribute it to the different doctor devices

Block Diagram for the Proposed ECG Steganography System

Extracted patient information seperated from ECG signal

shifting and scaling factors that are mandatory parameters for extracting the secret information. Equation 1 is required for shifting up the ECG signal samples. =s+X X (1)

Desktop

Tablet

Laptop

PDA

Fig. 2. Watermarking ECGs in Body Sensors Enabled Mobile Health Care Systems

is the shifted ECG signal, s is the shift value Where X and X is the original ECG signal. Then, the resultant shifted signal is scaled to compute the integer version of the ECG signal. Equation 2 is required to perform the scaling function. X =pX (2)

issues related to ECG data. In [6] Mohammed Nambakhsh and Alireza Ahmadian used the ECG signal as a secret data, and embedded it inside medical images like CT and MRI. Other researchers [2] implemented a wavelet based watermarking technique for ECG signal. To achieve this they rst decomposed ECGs up to level 3 to divide them into 8 bands, and then computed the average power for each band and used the calculated power as threshold parameters. They selected sub-bands to add the watermark to it according to the threshold values. Finally, inverse Digital Wavelet Transform (DWT) is applied to reconstruct the watermarked ECG signal. In all the above techniques the algorithms have high computation complexity. Since some transforms must be done, these operations require a high amount of computational resources and will incur delay in generating watermarked signal. Since we are limited in resources and power, a simple power preserving technique is required for steganography process. III. T HE METHODOLOGY As mentioned already, in recent e-health systems the usage of ECG signal has increased signicantly to provide highly qualied remote medical services. In this paper, a new steganography technique is proposed that is able to hide the secret message in any position in the host signal without distorting the original signal. This technique provides high security for the secret message by selecting more secured positions (such as MSB) in the host ECG signal that are unexpected to the intruders. The proposed model consists of four sequential steps as shown in Fig. 3. A. ECG Signal Preprocessing The rst step is responsible of shifting up and scaling the ECG signal to avoid the negative values and converting the signal oating point numbers into integers. At the same time, the function of this step represents the st level of security of the steganography technique by hiding the values of both

Where X is the scaled ECG vector, p is the scale factor and is the shifted ECG vector. Technically , the value of p is X based on the ECG sample precisions of the ECG acquisition device and the ADC converter (analogue to digital). B. Shift Special Range Transform In our proposed system, a number of special values in the ECG signal samples are found to be relevant hosts that can hide the secret bits in the most signicant positions with the condition of inverting the values of the right hand bits to the secret bit position. At the same time, these special host values do not produce large errors as a result of the hiding operation. Let M = 128 be a special value that allows us to hide the secret bit B in the 8th position of binary value of M . By computing the binary representation of M , we get (10000000)2 . If B = 1, then the special value of M will not be changed as the 8th bit of M is already equal to 1. On the other hand, if B = 0, conversion of the 8th bit of M to zero will cause a dramatic change to the host value as the new value of M will be equal to 0 (00000000)2 . However, by applying the condition of inverting all the right hand side bits of the secret position(in this case right of 8th bit), the new value of M will be 127 which is equivalent to (01111111)2 . As a result, this process will reduce the resultant error to 1. For our ECG host signal, we use 32 bits to form each ECG sample. In this binary format, there are many special ranges that are relevant to hide the secret bits in all host sample positions. Equation 3 calculates the total number of special ranges that can be used.
i=r

T =
i=2

2ri

(3)

Where T is the total number of special ranges, i is the position of the secret bit, and r is the total number of bits per sample. By applying Equation 3, and setting r = 32, the resultant T is 2.1475 109 .

3892

TABLE I S PECIAL RANGES FOR DIFFERENT POSITIONS Rmin 127 32767 8388607 2147483647 Rmax 129 32769 8388607 2147483649 n 3 3 3 3 Position 8 16 24 32

very large possibilities of the available special ranges that is up to 2.1475 109 and pre-processing parameters such as 232 possible shifting values and few possibilities of scaling values 200 for MIT-BIH data. Therefore, even if we ignore scaling factor, the intruder needs to try this very large number of possibilities (i.e. 2.1475 109 232 ) to enable him to extract the secret message from host ECG samples. IV. R ESULTS AND D ISCUSSIONS A testbed of 81 ECG segments has been set up by collecting ECGs from The Creighton University Ventricular Tachyarrhythmia Database [7]. Each ECG segment has a length of 10 seconds with 250Hz sampling frequency and consists of 2500 samples. In this paper, secret bits have been hidden in different positions (8th,16th,24th, and 32nd bits) using four special ranges. To evaluate the proposed steganography technique, the resultant ECG signals are compared with their original signals. The percentage residual difference (PRD) is computed using equation 6.
N

011001110110100111 101111101010000110 100011000111011000 101010111110001010

Fig. 4. The Secret Binary Data

With the aim of utilizing all the ECG signal samples as host for the secret bits, in the second step of the proposed technique (Shift range transform) a new shifting transform is proposed to shift any number in the host signal to any required special range number. Equation 4 is required to perform the shifting operation to the host signal sample. S = Rmin + (M mod n) (4)

(xi yi )2 P RD =
i=1 N

(6) x2 i

Where S is the new shifted value, Rmin is the starting value of the target special range, M is the value of the host signal sample and n is the length of the special range. Table I shows some examples of special ranges that we used to hide bits in positions 8,16,24 and 32. C. Data Hiding The third step of the proposed technique is the actual data hiding process. The basic idea of this process is to hide the secret bits using the shifted value as a host, then the resultant value would be shifted back to its original level. Equation 5 is required to perform the hiding processes. Mn = Mo + (Rmax S ) Mo (S Rmin ) if B =1 if B =0 (5)

i=1

Where x is the original ECG signal, and y is the resultant watermarked signal.
TABLE II D IFFERENT PRD VALUES FOR D IFFERENT RANGE LENGTHS number of changed LSB 0 1 2 3 Range Length 2 4 8 16 PRD 0.02 0.0735 0.1946 0.4493

Where Mn is the new resultant value of the host data, Mo is the original host signal sample, Rmin is the minimum value of the selected special range, Rmax is the maximum value of the selected special range and B is the secret bit. Fig 4 shows a block of the secret bits that were inserted into the host signal samples of ECGs. D. ECG Signal Scaling and Level Correction The nal step of the proposed technique is to de-scale the signal and shift it back to its original values. To extract the hidden data from the host signal the receiver needs to know two parameters, the used range and signal preprocessing parameters. The receiver should apply the same transformation using equation 1 in addition to performing bitwise operation to extract the secret bits located in special range values of ECG host samples. Consequently, only authorized persons know this information can extract the hidden data. The strength of this approach is based on the

Fig 5 shows eight ECG segments divided into two groups, where the rst group contains the original normal ECG segment and three resultant host signals when we applied different special ranges and had data hidden in secret bit positions(see table I). The second group contains the original abnormal ECG segment in addition to three resultant host signals using the same special ranges and secret bit positions that we used in the rst group. This gure shows that despite hiding in different secret positions, PRD error measurement remains very low and same for all cases of the same ECG signal. However, PRD error measurements vary slightly for normal and abnormal groups of host ECG signals. This fact of being able to generate a constant PRD value using different bit positions is a powerful characteristic of the proposed steganography technique that enables the users to hide their secret messages in highly secured positions without affecting the important features of the ECG signal. The evaluation of the proposed technique show the strength of the hiding model by performing simulated attacks to prove the ability of extracting the embedded data completely although the least signicant bits of the host signal

3893

Abnormal Original ECG 1 0 1 2 4 2 0 2

Normal Original ECG

200

400

600

800

1000

200

400

600

800

1000

Abnormal, data hidden in bit position 8 PRD=0.0678% 1 0 1 2 4 2 0 2

Normal, data hidden in bit position 8 PRD=0.0247%

200

400

600

800

1000

200

400

600

800

1000

Abnormal, data hidden in bit position 24 PRD=0.0678% 1 0 1 2 4 2 0 2

Normal, data hidden in bit position 24 PRD=0.0247%

200

400

600

800

1000

200

400

600

800

1000

Abnormal, data hidden in bit position 32 PRD=0.0678% 1 0 1 2 4 2 0 2

Normal, data hidden in bit position 32 PRD=0.0247%

200

400

600

800

1000

200

400

600

800

1000

Fig. 5.

Different Cases of Watermarked ECG Signals After Hiding Secret Information in Bit 8,24 and 32 of Binary ECG Data

have been changed deliberately. Table II shows several cases of the simulated attacks on the host signal and the required range lengths to protect the embedded data in addition to the resultant PRD of each case. For example, if the rst LSB is changed, then a range length of 4 is required to protect the secret hidden bits. Moreover, if the least two signicant bits are changed, a range length of 8 is required to achieve the secret bits protection. Finally, a range length of 16 is required to protect the secret message from changing the st three LSBs. As shown in Table II, the PRD values will be increased when the number of the changed bits is increased. Consequently, as long as the secret data is more protected, the original signal will be more distorted. In our experiments, each 10 sec ECG segment was 10,000 bytes (2500 samples x 4 bytes/sample= 10,000) and in each sample we modied 1 bit to host the secret bits. Overall, we could host 2500 bits = 312.5 bytes. As ECG host signal size increases we are able to add more secret bits by replacing existing bits of host data appropriately. V. CONCLUSION AND FUTURE WORK As a result of the large demand of sending and receiving condential information of patients in e-health care systems, and the fact that ECG samples are large in size, they can be used as hosts to carry condential information as secret bits. A new steganography technique is proposed to hide personal information of patients inside ECG signals that are capable of hiding the secret bits in any position of the digital signal samples including the most signicant bit. In this paper, it has been proven that the proposed steganography technique does not affect the signicant features of the ECG signals as the modications performed on host signals in order to

secret data are not noticeable by naked eyes. The PRD of modied watermarked ECG segments were very low for both normal and abnormal ECGs. The proposed technique uses very simple mathematical equations which can be easily implemented inside the patient PDA device. On the other hand, the receiver should know the signal pre-processing parameters in addition to the selected special range as the secret key to extract the embedded data. The validity of the proposed technique has been proved by different simulated attacks on the host signals. For future work, frequency domain approaches will be proposed using discrete cosine transform as a steganography technique that provide another high level of security. R EFERENCES
[1] N. Cvejic et al. Increasing robustness of LSB audio steganography using a novel embedding method. 2004. [2] M. Engin, O. C dam, and E. Engin. Wavelet Transformation Based Watermarking Technique for Human Electrocardiogram (ECG). Journal of Medical Systems, 29(6):589594, 2005. [3] F. Hartung and B. Girod. Watermarking of uncompressed and compressed video. Signal processing, 66(3):283301, 1998. [4] N. Johnson and S. Jajodia. Exploring steganography: Seeing the unseen. IEEE computer, 31(2):2634, 1998. [5] B. Lo, S. Thiemjarus, R. King, and G. Yang. Body sensor networka wireless sensor platform for pervasive healthcare monitoring. In The 3rd International Conference on Pervasive Computing. Citeseer, 2005. [6] M. Nambakhsh, A. Ahmadian, M. Ghavami, R. Dilmaghani, and S. Karimi-Fard. A novel blind watermarking of ECG signals on medical images using EZW algorithm. In Conference proceedings:... Annual International Conference of the IEEE Engineering in Medicine and Biology Society. IEEE Engineering in Medicine and Biology Society. Conference, volume 1, page 3274, 2006. [7] PhysioNet. The creighton university ventricular tachyarrhythmia database. [8] R. Silipo and C. Marchesi. Articial neural networks for automatic ECG analysis. IEEE Transactions on Signal Processing, 46(5):14171425, 1998.

3894