Securing Intelligence Cyber Physical Systems

Through Encryption and Hashing

No Author Given

Abstract. The adoption of medical cyber physical system (MCPS) in

healthcare sector provides its stake holders a great ease and convenience
in accessing the healthcare service, disease and drug analysis, epidemic
tracking and many more. In the process of MCPS, a large amount of
cyber physical data are generated digitally, stores electronically and ac-
cessed remotely by its stake holders. But with convenience may chal-
lenges like, efficient storage and fast processing of huge data, secure com-
munication and sharing of data, data privacy preservation etc. This work
aims to provide security and privacy of electronic health record (EHR)
generated. For providing security in cloud storage the data must be en-
crypted. But this will not allow the user to search the required data ef-
ficiently. So a searchable encryption scheme Hierarchical Attribute-based
Encryption (HABE) technique is used here for text data security. This
will also provide the access control capability to the data owner, which is
essential in MCPS environment. For image data of EHR Content-based
Perceptual Hashing Technique is used here for security. As these encryp-
tion schemes are computationally complex to be run on the resource
constrained devices used in cloud based MCPS. So the proposed work
uses block chain network for supporting these computationally complex
security scheme. The block chain based framework will help in providing
security, privacy, confidentiality and decentralization of EHR in MCPS.
It also enhance the practical usability of the system by reducing the com-
putational load on resource constrained devices. In the proposed security
model, the computation overhead and the storage overhead for text data
are quite low, with a value of 650 ms and 9.7 kb, respectively, when the
attribute range is 210 . The image security model also proves to be im-
perceptible and robust with high SSIM, PSNR value and low Hausdorff
distance value for the different context-free image modifications.

Key words: Data Security, Intelligence Cyber Physical Systems, Perceptual

Hashing, Authentication, Imperceptibility.

1 Introduction
We are living in an era of Artificial Intelligence. It enables us to use various in-
telligent systems and applications. The ICPS is one of its important and useful
contributions. The accelerated use of ICPS has only become possible because of
the easy availability and use of various internet-enabled intelligent cyber phys-
ical devices and applications like wearable health gadgets, Mhealth apps, Tele-
Medicine, Tele-Diagnostic, Tele-Radiology, Tele-Surgery, etc. These services help
2 .

a lot in decentralizing and distributing the load on health care infrastructure.

The advancement in ICPS has contributed a lot to the whole world in fight-
ing against the current pandemic situation of COVID-19. These technological
development has opened up the option of talking necessary medical advice and
care in our homes which is needed to fight against the pandemic. A few major
benefits of ICPS are:

– It helps to avoid a nonessential patient visit to the health care centres, which
reduces the chance of spreading infection risk among patients and health
professionals/ workers.
– It also provides a better quality of care at a more sustainable cost.

Unlike the physical medical health care system, ICPS need different architec-
tural support. Internet-enabled intelligent devices play an important role here.
Using these devices, Patients do e-consultation with doctors and upload the pre-
scribed reports. The devices themselves transmit the patient health updates to
the connected system. In this process, a huge amount of e-health data generates
at a fast rate on the associated devices. These data contain a patient’s health
critical information in the form of Electronic Patient Record (EPR). A very im-
portant issue with this e-health data generated in this process is its security. As
per the ethics and rules of the medical health care system, the EPR must satisfy
three major characteristics. They are Confidentiality, Reliability and Availability
of an EPR. As an EPR contains the personal health information of a patient, its
Confidentiality ensures that only the entitled user can know that information.
Reliability covers two aspects, 1. Integrity and 2.Authentication. It is important
for an EPR that unauthorized people of ICPS cannot modify the information
contained in it. This property is insured by Integrity security mechanism. The
two way Authentication is needed here to ensure that the EPR is of the cor-
rect patient and also issued from an authorized source. The availability of EPR
to the entitled user is also a very important issue in ICPS. So, for the smooth
functioning of ICPS, data security is a challenging issue. There are many works
found in the literature that deal with ICPS data security [1–6].
Recently, in [7] authors have proposed a scheme to protect insider and exter-
nal threads using mutual authentication technique. Here only authorized users
can access patients’ healthcare data, including patients’ identities and locations
for Internet of Things (IoT) based healthcare systems. Authors claim that the
proposed protocol is secure from replay, modification, impersonation, man-in-
middle attacks and energy-efficient with negligible computation overhead. Sim-
ilar work is found in [8] for IoT based healthcare systems for low computation
cost and protection of different attacks like impersonation, replay, denial of ser-
vice, man-in-the-middle etc. attacks. It also provides an access mechanism for
the medical networks protecting unauthorized users from accessing. During the
recent COVID 19 outbreak, to handle one of the challenges during the COVID-
19 pandemic smoothly, the authors [9] have proposed an IoT and cloud-based
healthcare platform to monitor critical patients using integrated wearable and
 . 3

unobtrusive sensors. It can monitor patients remotely by securely managing pa-

tients’ healthcare data and health conditions in emergencies. Actual deployment
was done in the intensive care unit for a real-time solution.

The ICPS data, EPRs may consist of information in text, image or multi-
media. First, it is important to understand the security needs of these different
types of generated data. The availability and advancement of various means and
tools of digital forgery have made ensuring the security of images quite chal-
lenging. Many approaches for ensuring the integrity of images using hashing are
proposed [10–14]. The hashing is a process where a message digest is created
using a one-way hash function for a given message. Then the message, along
with the original message, is sent to the receiver. The receiver creates the digest
from the received message again and matches it with the received digest. The
hashing approaches can be cryptography or perceptual. The cryptographic hash
is quite sensitive to the input data. Even a single bit change in input results in a
completely different digest. In contrast, perceptual hashing is an active content
authentication technique that is not very sensitive to small input changes. The
multimedia (images) are generally transmitted and saved in the network using
a lossy medium to save the bandwidth. So, considering this feature, perceptual
hashing is the most suited mechanism for the integrity of multimedia(image)
content here. Considering these security issues, we have proposed a novel ap-
proach for data-driven security in ICPS in this paper. The main contribution of
our work is as follows:
– We have proposed a model for data security in ICPS.
– The model applies HABE for text data security, and for image data security,
a perceptual hash content authentication technique is used.
– The implemented model shows an efficient and cost-effective solution in the
health care sector in the current pandemic.
– Experimentally, it has been shown that the proposed model is imperceptible
and robust against various context-free image modifications.

2 Proposed Work
In this paper, we have proposed a model for data-driven security in ICPS, shown
in figure 1. An EPR belongs to a particular patient. It contains the patient’s de-
tails, health information(vitals), test reports recommended by the doctor etc. So
it contains data in the form of text as well as images. First, the patient will reg-
ister to the system by giving their personal information, and then the required
vitals and various reports or scans are uploaded. In the proposed model, we have
used a robust Perceptual Hash technique using the SVD(Singular Value Decom-
position) method for the security of medical images and Hierarchical Attribute-
based Encryption for text security. These encrypted text information concate-
nated with the hashed image are saved in a database in the cloud, which health
professionals and users can further access. The working of different blocks in this
model is explained below.
4 .

Fig. 1. Data security model in ICPS

2.1 Text Data Security

First of all, for the security of text data in EPR, the text information in EPR is
encrypted using HABE. This technique provides full delegation for user control.
According to key policy, the attributes are classified into tree structures in this
technique. All nodes are associated with attributes, and the parent node can
derive the key of the child node. The decryption process depends on a threshold
value (d), and the condition is the user can decrypt the cypher text when the
number of attributes that covers searched attributes is not less than six. It uses
the following steps.

1. Let A = {an , an−1 , an−2 ....a0 } /,be the set of root attributes forming a tree
of depth di , where 1 < i < n.
2. The master key Mk form random number ℘1 , ℘2 .
3. Let us consider a random number α from Zp .
′
P K = (℘, ℘1 , ℘2 , (ai )1 < i < n, (ai )1 < i < n℘1 = ℘α )
Mk = α

Key Generation Key generation algorithm is for secret key generation of user
attributes using PK, Mk and access structure.
 . 5

Let Q(0) = α , consider the depth of the tree is K.

Compute Qσ = (qi,0 , qi , qi,ki+1 , ....., qi,ci ),
σ(H(σ)) ′ σi,j r
where qi,0 = δ2 (Ui πjk uj=1 )
ci = g r , qi,k+1 = Uk+1
r r
, ....di,ci = U1c ;
Private key defined as S = Qσ ϵU

′
Encryption (M, U , Pk ) The message (M) is encrypted using Pk and set of
′ ′ ′ ′ ′
attributes (A ) is considered, ciphertext is C. Le(qj0 , qj1 , ......, qjk−1 , q ) for each
′ ′
q ϵA and depth of the tree is k’. Consider a non zero random variable Z in Zp .
Now compute E k = M (℘k ℘2 )z and
′ Qk1 ′ ′
Eq′ = (qj i=1 aqj r s
i ) for q ϵA .

′
Decryption (c, A , Pk , A, ) : Data user now decrypts theTmessage from cipher
′
text using secret key S. The condition for decryption is A A ≥ σ.
′ ′ ′ ′
Considering σ element subset user attribute in A (qi0 , qi1 , ......, qik−1 , q ).
′ ′
Compute qiψ = qiψ for 1 ≤ ψ ≤ j and σi0 . So that message can be decrypted as
′
′ l(σ ,T )
M = E / qϵU A ( l(σ i0,E ′ ) )DH(σ),S(σ)
Q
i q

2.2 Image Security

For securing image data present in EPR, a robust perceptual hashing based
technique is used in the proposed model. Perceptual hashing based image au-
thentication is an effective active content authentication technique. An input
image is converted into a fixed-length short sequence in this technique. This
sequence of hash codes represents the perceptual content of the original image.
The basic steps of performing perceptual hashing are :
Pre-processing ⇒ Robust feature extraction ⇒ Hash generation.

Some perceptual or content-based features are extracted from the given image
in the Perceptual image hashing process. A hash function hash value is calculated
with these features. The image authentication is done by comparing the hashing
codes between the original image and the image to be authenticated.

1. First, the images are resized to the regularized image of size NxN using
bilinear interpolation. The regularization makes the final hash value of fixed
length.
2. The Gaussian low pass filtering G(i, j) is done on the resized image to reduce
the effect of various context preserving changes.
g(i,j)
G(i, j) = PN PN
g(i,j)
where,
i=1 j=1

−(i2 +j 2 )
g(i, j) = e 2σ 2
6 .

and i,j are row and column of convolution matrix,

σ is standard deviation of all element in convolution mask G.

3. The SVD is applied then to further increase the robustness of the pro-
posed model. In this process, the filtered image is divided into series of
non-overlapping nxn blocks Ci,j (i, j = 1, 2, ...., N/n), then SVD is individu-
ally 
applied on each block Ci,j . 
C1,1 C1,2 .... C1,N/n
 C2,1 C2,2 ..... C2,N/n 
 
 and, Ci,j = Si,j ∗ Vi,j ∗ Di,j
I=  . . . . 
 . . . . 
CN/n,1 CN/n,2 .... CN/n,N/n
Where, Vi,j is a square (nxn) diagonal matrix with n singular value. and
Si,j &Di,j are square (nxn) orthogonal matrix.

4. Then using quantization steps the robust perceptual hash code are extracted.

5. The Hash is extracted with the following rule :

(
0, if Sak %2 == 0
Ei,j = (1)
1, if Sak %2 == 1

6. Now using patient id (Pid) as key, the final perceptual hash is obtained for
all the images.
Finally the encrypted text and hashed image of EPR are concatenated and saved
in the cloud database.

3 Implementation & Result

The proposed model is implemented and tested using Python in a google colab
environment on the system with Android Version 11, One UI core version 3.1.

First, for checking the text data security performance parameter are com-
putation overhead, and another one is storage overhead. For calculating com-
putation overhead, encryption and decryption cost is considered. At the same
time, only cypher text and secret key size are considered in storage overhead
calculation. In table 1 the results are shown. Here our computation cost in en-
cryption exceeds 650 ms when the attribute range is 210. Similar plotting is
done on cypher text size and secret key size. In fig 2, the graph shows that the
encryption time is increasing sharply with a higher number of attributes while
the decryption time remains almost the same. But as the attribute sizes grow,
the ciphertext sizes increase very slowly with key sizes. The cypher text size
greatly impacts real-life scenarios as it also influences communication overhead
 . 7

Table 1. Performance measurement with varying attributes range

Range of Encryption Decryption Cipher Text Secret Key

attributes Time (ms) Time (ms) Size (KB) Size (Bytes)
23 532 450 8.8 7
24 550 452 9.1 7.5
25 560 455 9.2 8
26 580 456 9.3 8.5
27 600 460 9.4 9
28 620 463 9.5 9.5
29 635 465 9.6 11
10
2 652 468 9.7 12

Fig. 2. Performance measurement with key sizes

and storage overhead.

The efficiency of the proposed image data security model, a chest X-Ray data
set of COVID-19 patients, is used. The data set consists of 517 images of COVID
patients. First, the original images are regularized by resizing them to 512 x
512, using bilinear interpolation. Then the SVD is performed on the resulting
image by further dividing it into non-overlapping blocks of 16 x 16. This further
results in the hash value for different images. The Gaussian low pass filtering is
performed with a window size of 3 x 3 and unit standard deviation (σ = 1). To
test the performance of the proposed model, we need to show the imperceptibility
and robustness of generated hash. It means the hashing of the original image
is said to be robust if the generated hash is resistant to the context preserving
8 .

manipulations. For this, we added different noises to the original image. The
various manipulations we performed are

– Rotation (10 )
– JPEG compression (90%)
– Gaussian Noise (Variance=0.005)
– Medium filter (3 x 3 window size)
– Contrast adjustment (Lc = 10)

With the help of the prescribed hashing algorithm, the perceptual hash is gener-
ated for modified images. The Structural Similarity Index Measure(SSIM) and
Peak Signal-To-Noise Ratio(PSNR) are used here to check the perceptual simi-
larity of these images and the imperceptibility of the proposed model. Whereas
robustness is checked with Bit Error Rate (BER).

Table 2. The SSIM, PSNR, Hausdorff distance and BER value for original and modi-
fied image with context free modifications, Rotation(10 ), Medium filtering (6X6), Gaus-
sian noise (0.005),JPEG compression (90%).

Context free
Medium Gaussian JPEG Contrast
modification Rotation
filtering Noise Compression Adjustment
————–>
Modified
0.664 0.792 0.512 0.693 0.881
SSIM image
Original
0.792 0.872 0.542 0.864 0.891
image
Modified
15.92 22.12 23.83 40.12 19.26
PSNR image
Original
18.29 24.27 27.41 42.66 23.51
image
Modified
Hausdorff 0.021 0.025 0.023 0.606 0.048
image
distance
Original
0.022 0.027 0.021 0.004 0.019
image
BER 17.71 23.19 24.92 41.02 18.99

The SSIM measures the similarity value of two given images based on three
factors, luminescence, contrast and structure. The mean of luminescence, con-
trast closeness and correlation coefficients of two given images are measured in
these factors. Its value lies between [0-1]. The higher its value, the better the
imperceptibility of the image. Using the proposed model, when the original im-
age is modified with certain context preserving modifications, it can be observed
from the table 2 that the high SSIM value is obtained for medium filtering,
JPEG compression and contrast adjustment. At the same time, it is sensitive
to rotation. The variation of SSIM value with these modifications is plotted in
 . 9

Fig. 3. Performance measurement with SSIM values for different modifications

Fig. 4. Performance measurement with PSNR values for different modifications

figure 3. The proposed model’s PSNR values also show higher values for these
modifications. The variation of PSNR values for different original and modified
images is shown in figure 4. BER value is calculated for the proposed model
to show its robustness feature. It is measured as the ratio of the number of
bits error by the total number of transferred bits during a given interval. It can
be observed from the table 2 that the proposed model is sensitive to rotation
and Gaussian noise, whereas it shows a good robustness value for others. The
Hausdorff distance is also calculated to measure the original and modified image
perceptual hash value variation, which shows very little variation. The plot of
the Hausdorff distance value for different modifications is shown in figure 5.
10 .

Fig. 5. Performance measurement with Hausdorff distance values for different modifi-
cations

4 Conclusions
The ICPS provides an easy way solution to access health care facilities in modern
days. There is a rapid generation of a large amount of e-health data in the
users’ devices while using ICPS. So, the security and storage of these data is
a challenging issue. The proposed model for data security in ICPS provides an
efficient and cost-effective solution.

References
1. Bhatia, Munish, and Sandeep K. Sood. ”A comprehensive health assessment frame-
work to facilitate IoT-assisted smart workouts: A predictive healthcare perspec-
tive.” Computers in Industry 92 (2017): 50-66.
2. Rahmani, A. M., Gia, T. N., Negash, B., Anzanpour, A., Azimi, I., Jiang, M., &
Liljeberg, P. (2018). Exploiting smart e-Health gateways at the edge of health-
care Internet-of-Things: A fog computing approach. Future Generation Computer
Systems, 78, 641-658.
3. Alabdulatif, A., Khalil, I., Yi, X., & Guizani, M. (2019). Secure edge of things for
smart healthcare surveillance framework. IEEE Access, 7, 31010-31021.
4. Guo, X., Lin, H., Wu, Y., & Peng, M. (2020). A new data clustering strategy for
enhancing mutual privacy in healthcare IoT systems. Future Generation Computer
Systems, 113, 407-417.
5. Zgheib, R., Kristiansen, S., Conchon, E., Plageman, T., Goebel, V., & Bastide, R.
(2020). A scalable semantic framework for IoT healthcare applications. Journal of
Ambient Intelligence and Humanized Computing, 1-19.
6. Singh, Ashish, and Kakali Chatterjee. ”Securing smart healthcare system with edge
computing.” Computers & Security 108 (2021): 102353.
7. Nasr Esfahani, M., Shahgholi Ghahfarokhi, B., & Etemadi Borujeni, S. (2021).
End-to-end privacy preserving scheme for IoT-based healthcare systems. Wireless
Networks, 27(6), 4009-4037.
 . 11

8. Masud, M., Gaba, G. S., Choudhary, K., Hossain, M. S., Alhamid, M. F., &
Muhammad, G. (2021). Lightweight and anonymity-preserving user authentica-
tion scheme for IoT-based healthcare. IEEE Internet of Things Journal.
9. de Morais Barroca Filho, I., Aquino, G., Malaquias, R. S., Girão, G., & Melo, S.
R. M. (2021). An IoT-based healthcare platform for patients in ICU beds during
the COVID-19 outbreak. Ieee Access, 9, 27262-27277.
10. Kozat, Suleyman Serdar, Ramarathnam Venkatesan, and Mehmet Kivanç Mihçak.
”Robust perceptual image hashing via matrix invariants.” In 2004 International
Conference on Image Processing, 2004. ICIP’04., vol. 5, pp. 3443-3446. IEEE, 2004.
11. Voloshynovskiy, Sviatoslav, Oleksiy Koval, Fokko Beekhof, and Thierry Pun. ”Con-
ception and limits of robust perceptual hashing: towards side information assisted
hash functions.” In Media forensics and security, vol. 7254, pp. 120-131. SPIE,
2009.
12. Qin, Chuan, Meihui Sun, and Chin-Chen Chang. ”Perceptual hashing for color
images based on hybrid extraction of structural features.” Signal processing 142
(2018): 194-205.
13. Du, Ling, Anthony TS Ho, and Runmin Cong. ”Perceptual hashing for image
authentication: A survey.” Signal Processing: Image Communication 81 (2020):
115713.
14. Huang, Ziqing, and Shiguang Liu. ”Perceptual hashing with visual content un-
derstanding for reduced-reference screen content image quality assessment.” IEEE
Transactions on Circuits and Systems for Video Technology 31, no. 7 (2020): 2808-
2823.