Healthcare

Digital transformation is rapidly changing the healthcare industry, and artificial intelligence (AI) is a critical component in this evolution. This thesis investigates three selected challenges that might delay the adoption of AI in healthcare and proposes ways to address them successfully. Challenge #1 states that healthcare professionals may not feel sufficiently knowledgeable about AI. This is addressed by Contribution #1 which is a guide for self-actualization in AI for healthcare professionals. Challenge #2 explores the concept of transdisciplinary teams needing a work protocol to deliver successful results. This is addressed by Contribution #2 which is a step-by-step protocol for medical and AI researchers working on data-intensive projects. Challenge #3 states that the NIH All of Us Research Hub has a steep learning curve, and this is addressed by Contribution #3 which is a pilot project involving transdisciplinary teams using All of Us datasets.

Artificial intelligence (AI) had a few false starts – the AI winters of the 1970s and 1980s. We are now in what looks like an AI summer. There are many useful applications of AI in the field. But there are still unfulfilled promises and outright failures. From self-driving cars that work only in constrained cases, to medical image analysis products that would replace radiologists but never did, we still struggle to translate successful research into successful real-world applications.
The software engineering community has accumulated a large body of knowledge over the decades on how to develop, release, and maintain products. AI products, being software products, benefit from some of that accumulated knowledge, but not all of it. AI products diverge from traditional software products in fundamental ways: their main component is not a specific piece of code, written for a specific purpose, but a generic piece of code, a model, customized by a training process driven by hyperparameters and a dataset. Datasets are usually large and models are opaque. We cannot directly inspect them as we can inspect the code of traditional software products. We need other methods to detect failures in AI products.

Healthcare organizations, realizing the potential of the Internet of Things (IoT)
technology, are rapidly adopting the technology to bring signi cant improvements in
the quality and e ectiveness of the service. However, these smart and interconnected
devices can act as a potential \back door" into a hospital's IT network, giving attack-
ers access to sensitive information. As a result, cyber-attacks on medical IoT devices
have been increasing since the last few years. It is a growing concern for all the
stakeholders involved, as the impact of such attacks is not just monetary or privacy
loss, but the lives of many patients are also at risk. Considering the various kinds of
IoT devices one may nd connected to a hospital's network, traditional host-centric
security solutions (e.g. antivirus, software patches) are at odds with realistic IoT
infrastructure (e.g. constrained hardware, lack of proper built-in security measures).
There is a need for security solutions which consider the challenges of IoT devices like
heterogeneity of technology and protocols used, limited resources in terms of battery
and computation power, etc. Accordingly, the goals of this thesis have been: (1) to
provide an in-depth understanding of vulnerabilities of medical IoT devices; (2) to in-
troduce a novel approach which uses a microservices-based framework as an adaptive and agile security solution to address the issue. The thesis focuses on OS Fingerprint-
ing attacks because of its signi cance for attackers to understand a target's network.
In this thesis, we developed three microservices, each one designed to serve a speci c
functionality. Each of these microservices has a small footprint with RAM usage of
approximately 50 MB. We also suggest how microservices can be used in a real-life
scenario as a software-based security solution to secure a hospital's network consisting
of di erent IoT devices.