1. Introduction

In June 2006, Cisco released a virtual network index (VNI) forecast that projects global IP traffic over the next 5 years [1]. According to Cisco's paper, there has been quantitative evidence that proliferation of global IP traffic will exchange data to reach the order of zettabyte (ZB) by 2021. This massive amount of data will be driven mainly by the number of connected devices to IP networks, such as smart phones, tablets, sensors and machine-to-machine (M2M) applications that are estimated to be more than three times the global population. Hence, in this era, just about every physical object we see (e.g. health-care monitoring apparatus, machinery, appliances, autonomous cars and intelligent transportation, etc.) will be connected,

© 2016 The Author(s). Licensee InTech. This chapter is distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/3.0), which permits unrestricted use, distribution, and eproduction in any medium, provided the original work is properly cited. © 2018 The Author(s). Licensee IntechOpen. This chapter is distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/3.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

forming the Internet of Things (IoT) [2]. In order to handle the countless number and various types of devices as well as linking the existing radio-access technologies, a new architecture that will increase data rate, lower end-to-end latency and improve the coverage is urgently required. Therefore, to meet with this demand, a new standard on the fifth-generation (5G) networks is currently under consideration [3].

Health and medical care are considered as one of the most fascinating applications that can fully benefit from IoT deployment. The IoT that employs various sensor and smart medical devices may serve in, for example, tele-auscultation, remote health monitoring, remote diagnostics and possibly treatment as well as elderly care [4–6]. Such Internet of Medical Things (IMedT) is expected to reduce consultation and transportation cost and to shrink the gap for those who live in the isolated/remote areas where the presence of doctors is void. Nevertheless, transmitting medical data to health-care providers through the public networks require high data security as public networks are somehow vulnerable to spoof attack. In this chapter, two anonymisation techniques based on wavelet decomposition and wavelet packet (WP) transform for securing ECG signals will be discussed.

There have been several proposed security techniques including image [20] and ECG steganography [21–24] to secure confidential patient information. In the steganography techniques, sensitive patient information is concealed inside public host data without incurring huge computational overhead or any increase in the size of the host data [21]. ECG data is used as the host signal to embed secret patient information and physiological readings. This may create watermarked ECG signals that is then transferred to a remote hospital server for further diagnosis. The effectiveness of ECG watermarking is dependent on the difference between the original host data and the watermarked data, that is, greater differences point to an ineffective steganography process. Unfortunately, all steganography methods bear some degree of information loss. This severe loss of information contributes to smeared/incorrect signal features and in some cases can lead to the failure of reconstructing the original ECG signal from the watermarked ECG signal [22]. However, even effective ECG watermarking can result in the delectability of ECG fiducial and nonfiducial features, which may allow for patient identification according to research in [7–9]. Therefore, a method combining the advantages of steganography with a technique that hides ECG fiducial and non-fiducial features is required. In this chapter, a review between two ECG anonymisation methods based on wavelet decomposition and wavelet packet

Wavelets in ECG Security Application http://dx.doi.org/10.5772/intechopen.74477 45

Figure 1. Possible attack points for unsecure ECG signals subjected to man in the middle attack.

3. Wavelet decomposition-based ECG anonymisation approach

Recent ECG anonymisation approaches based on wavelet decomposition were proposed in [13, 14]. During the wavelet decomposition process, filters of different cut-off frequencies were used to analyse the ECG signal at different scales (frequencies). It can be done by passing the ECG signal through a series of high-pass filters (i.e. the detail coefficients) for examining the high-frequency bands. The ECG signal was also passed through a series of low-pass filters (i.e. the approximation coefficients) to evaluate the low-frequency bands. Wavelet decomposition at level 3 was used during signal evaluation in the chapter [13]. Moreover, in the order to

transform (WPT) is presented.

## 2. Motivations

An electrocardiogram (ECG) signal contains important health information of a patient. It is used to detect abnormal heart rhythms by measuring the electrical activity generated by the heart as it contracts. Recent studies show that an ECG signal can be used as a biometric method for robust human identification and authentication [7–9]. The ECG signal was found to be unique for each individual over a long period of time [10, 11]. An ECG biometric system consists of feature extraction and classifiers to identify and recognise a person. The selection of appropriate features is crucial for successful individual identification. In [12], ECG-based biometric features were grouped as fiducial based, non-fiducial based or hybrid.

An unsecure ECG signal can be subjected to man in the middle attack where fraudsters can use the spoofed recorded ECG data to gain access to a secured service [13–15]. A scenario where a man in the middle attack can be a real threat for health information transmission is presented in Figure 1. The figure illustrates possible attack points that include (1) wireless links between sensor nodes that collect health information data from wireless body area networks (WBAN) and gateways, (2) wire/wireless links between the gateway and the edge router, (3) wire/ wireless links between the other side of the edge router and health-care provider router and (4) repository in the data centre/public server or health-care provider. In order to minimise such security threat to a system, a health-care provider needs to comply with certain widely accepted standards to protect medical records safely. For example, US government passed the Health Insurance Portability and Accountability Act (HIPAA) in 1996 for protecting medical privacy users [16], the European Union adopted the Directive on Data Protection in 1995 [17], the Health Information Privacy Code was passed by New Zealand government in 1994, which sets specific rules for agencies in the health sector to ensure protection of individual privacy [18] and the personally controlled electronic health record (PCEHR) eHealth system was launched by Australian government in 2012 [19].

Figure 1. Possible attack points for unsecure ECG signals subjected to man in the middle attack.

forming the Internet of Things (IoT) [2]. In order to handle the countless number and various types of devices as well as linking the existing radio-access technologies, a new architecture that will increase data rate, lower end-to-end latency and improve the coverage is urgently required. Therefore, to meet with this demand, a new standard on the fifth-generation (5G)

Health and medical care are considered as one of the most fascinating applications that can fully benefit from IoT deployment. The IoT that employs various sensor and smart medical devices may serve in, for example, tele-auscultation, remote health monitoring, remote diagnostics and possibly treatment as well as elderly care [4–6]. Such Internet of Medical Things (IMedT) is expected to reduce consultation and transportation cost and to shrink the gap for those who live in the isolated/remote areas where the presence of doctors is void. Nevertheless, transmitting medical data to health-care providers through the public networks require high data security as public networks are somehow vulnerable to spoof attack. In this chapter, two anonymisation techniques based on wavelet decomposition and wavelet packet (WP) trans-

An electrocardiogram (ECG) signal contains important health information of a patient. It is used to detect abnormal heart rhythms by measuring the electrical activity generated by the heart as it contracts. Recent studies show that an ECG signal can be used as a biometric method for robust human identification and authentication [7–9]. The ECG signal was found to be unique for each individual over a long period of time [10, 11]. An ECG biometric system consists of feature extraction and classifiers to identify and recognise a person. The selection of appropriate features is crucial for successful individual identification. In [12], ECG-based

An unsecure ECG signal can be subjected to man in the middle attack where fraudsters can use the spoofed recorded ECG data to gain access to a secured service [13–15]. A scenario where a man in the middle attack can be a real threat for health information transmission is presented in Figure 1. The figure illustrates possible attack points that include (1) wireless links between sensor nodes that collect health information data from wireless body area networks (WBAN) and gateways, (2) wire/wireless links between the gateway and the edge router, (3) wire/ wireless links between the other side of the edge router and health-care provider router and (4) repository in the data centre/public server or health-care provider. In order to minimise such security threat to a system, a health-care provider needs to comply with certain widely accepted standards to protect medical records safely. For example, US government passed the Health Insurance Portability and Accountability Act (HIPAA) in 1996 for protecting medical privacy users [16], the European Union adopted the Directive on Data Protection in 1995 [17], the Health Information Privacy Code was passed by New Zealand government in 1994, which sets specific rules for agencies in the health sector to ensure protection of individual privacy [18] and the personally controlled electronic health record (PCEHR) eHealth system was

biometric features were grouped as fiducial based, non-fiducial based or hybrid.

networks is currently under consideration [3].

44 Wavelet Theory and Its Applications

form for securing ECG signals will be discussed.

launched by Australian government in 2012 [19].

2. Motivations

There have been several proposed security techniques including image [20] and ECG steganography [21–24] to secure confidential patient information. In the steganography techniques, sensitive patient information is concealed inside public host data without incurring huge computational overhead or any increase in the size of the host data [21]. ECG data is used as the host signal to embed secret patient information and physiological readings. This may create watermarked ECG signals that is then transferred to a remote hospital server for further diagnosis. The effectiveness of ECG watermarking is dependent on the difference between the original host data and the watermarked data, that is, greater differences point to an ineffective steganography process. Unfortunately, all steganography methods bear some degree of information loss. This severe loss of information contributes to smeared/incorrect signal features and in some cases can lead to the failure of reconstructing the original ECG signal from the watermarked ECG signal [22]. However, even effective ECG watermarking can result in the delectability of ECG fiducial and nonfiducial features, which may allow for patient identification according to research in [7–9]. Therefore, a method combining the advantages of steganography with a technique that hides ECG fiducial and non-fiducial features is required. In this chapter, a review between two ECG anonymisation methods based on wavelet decomposition and wavelet packet transform (WPT) is presented.

#### 3. Wavelet decomposition-based ECG anonymisation approach

Recent ECG anonymisation approaches based on wavelet decomposition were proposed in [13, 14]. During the wavelet decomposition process, filters of different cut-off frequencies were used to analyse the ECG signal at different scales (frequencies). It can be done by passing the ECG signal through a series of high-pass filters (i.e. the detail coefficients) for examining the high-frequency bands. The ECG signal was also passed through a series of low-pass filters (i.e. the approximation coefficients) to evaluate the low-frequency bands. Wavelet decomposition at level 3 was used during signal evaluation in the chapter [13]. Moreover, in the order to

Figure 2. ECG anonymisation using wavelet decomposition.

construct a complete evaluation, two individual methods were studied during the experimentation [13]. Block diagram for the wavelet decomposition can be seen in Figure 2.

the RR interval and certain types of arrhythmias are visible [25] as obvious in Figure 3. However, this method only required minimal selection of coefficient (approximately 25%) for encryption and key distribution. This is the main advantage of the first method. This method will perform well when faster distribution of key is priority and strong security is not deemed

Wavelets in ECG Security Application http://dx.doi.org/10.5772/intechopen.74477 47

In the second method, nodes cA3, cD3 and cD2 were selected for encryption, while the remaining coefficients cD1 were transmitted to the ECG repository. In contrast to the previous method, Figure 5 shows that the reconstructed ECG from the coefficients that are extracted

Figure 5. Normal ECG signal (top) and reconstructed annonymised ECG signal without nodes cA3, cD3 and cD2.

necessary. The removed coefficients are shown in Figure 4.

Figure 4. Removed (Selected for Encryption) Coefficients for Method 1.

3.2. Method 2: discrete wavelet base anonymisation

#### 3.1. Method 1: discrete wavelet base anonymisation

In the first method, approximation (cA3) and detail (cD3) coefficients were removed after level 3 decomposition. Subsequently these nodes were encrypted using the well-known RSA symmetric cryptography. On the other hand, the remaining nodes, that is, cD1 and cD2, were compressed and transmitted to the ECG repository. Figure 3 shows that without knowledge of nodes cA3 and cD3, the newly constructed signal in the repository completely hides P wave and T wave of the original ECG. It can be concluded that the first method hides most of the features required to reconcile the identity of a patient [7]. On the contrary, this method is not able to provide complete obfuscation of the cardiovascular conditions. This is mainly because

Figure 3. Normal ECG signal (top) and reconstructed annonymised ECG signal without nodes cA3 and cD3.

Figure 4. Removed (Selected for Encryption) Coefficients for Method 1.

construct a complete evaluation, two individual methods were studied during the experimen-

In the first method, approximation (cA3) and detail (cD3) coefficients were removed after level 3 decomposition. Subsequently these nodes were encrypted using the well-known RSA symmetric cryptography. On the other hand, the remaining nodes, that is, cD1 and cD2, were compressed and transmitted to the ECG repository. Figure 3 shows that without knowledge of nodes cA3 and cD3, the newly constructed signal in the repository completely hides P wave and T wave of the original ECG. It can be concluded that the first method hides most of the features required to reconcile the identity of a patient [7]. On the contrary, this method is not able to provide complete obfuscation of the cardiovascular conditions. This is mainly because

tation [13]. Block diagram for the wavelet decomposition can be seen in Figure 2.

Figure 3. Normal ECG signal (top) and reconstructed annonymised ECG signal without nodes cA3 and cD3.

3.1. Method 1: discrete wavelet base anonymisation

Figure 2. ECG anonymisation using wavelet decomposition.

46 Wavelet Theory and Its Applications

the RR interval and certain types of arrhythmias are visible [25] as obvious in Figure 3. However, this method only required minimal selection of coefficient (approximately 25%) for encryption and key distribution. This is the main advantage of the first method. This method will perform well when faster distribution of key is priority and strong security is not deemed necessary. The removed coefficients are shown in Figure 4.

#### 3.2. Method 2: discrete wavelet base anonymisation

In the second method, nodes cA3, cD3 and cD2 were selected for encryption, while the remaining coefficients cD1 were transmitted to the ECG repository. In contrast to the previous method, Figure 5 shows that the reconstructed ECG from the coefficients that are extracted

Figure 5. Normal ECG signal (top) and reconstructed annonymised ECG signal without nodes cA3, cD3 and cD2.

is described as a binary tree structure E; each node is described as ð Þ j; n , where j is a node's scale level and n is a node's number on the corresponded level. The root node 0ð Þ ; 0 of

frequency of the ECG signal. Each internal node of the WP tree ð Þ j; n ∈ E is called a parent node that is divided into two child nodes: the first and the second nodes are associated with low-pass h mð Þ and high-pass g mð Þ filters. These nodes forms a quadrature mirror filter (QMF)

The scaling function ωð Þt and the mother wavelet φð Þt for the wavelet packet when n ¼ 0, 1

<sup>φ</sup><sup>0</sup>ðÞ¼ <sup>t</sup> <sup>ω</sup>ð Þ<sup>t</sup> ,φ<sup>1</sup>

The other wavelet packet functions for n ¼ 2, 3, … and j ¼ 1 are shown as follows:

<sup>φ</sup><sup>2</sup><sup>n</sup>ðÞ¼ <sup>t</sup> <sup>X</sup>

φ<sup>2</sup>nþ<sup>1</sup>

<sup>φ</sup><sup>2</sup><sup>n</sup>ðÞ¼ <sup>t</sup> ffiffiffi

<sup>φ</sup><sup>2</sup>nþ<sup>1</sup>ðÞ¼ <sup>t</sup> ffiffiffi

<sup>j</sup> ð Þ¼ <sup>m</sup> <sup>x</sup>;ψ<sup>n</sup>

By substituting Eq. (1) into Eq. (3) and (4), we can get

where the low-pass filter gives h mð Þ¼ <sup>1</sup>ffiffi

of sub-band coefficients of length <sup>N</sup>

coefficients of the ECG signal, x tð Þ, are expressed as follows:

Qn

coefficient, node, has a frequency range in the interval <sup>n</sup>

m

ðÞ¼ <sup>t</sup> <sup>X</sup> m

2 p X m

> 2 p X m

> > 2

j,m D E <sup>¼</sup>

Each coefficient measures a specific sub-band frequency content, controlled by the scaling parameter, j, and the oscillation parameter, n. The ECG signal, x tð Þ, can be decomposed into a different time-frequency space with Eq. (6) and Eq. (7). By computing the full wavelet packet decomposition on the ECG signal, for the jth level of decomposition, we have 2<sup>j</sup> sets

how wavelet packet decomposes the original ECG signal into two or more coefficients.

<sup>p</sup> h i ψð Þt ;ψð Þ 2t � m . The operator h i :; : stands for the inner product. The wavelet packet

ð∞ �∞

x tð Þψ<sup>n</sup>

h mð Þφ<sup>n</sup>

g mð Þφ<sup>n</sup>

f s 2

h i, where <sup>f</sup> <sup>s</sup> is the ECG sampling

Wavelets in ECG Security Application http://dx.doi.org/10.5772/intechopen.74477 49

ðÞ¼ t ψð Þt : (2)

j,mð Þt , (3)

j,mð Þt : (4)

h mð Þφ<sup>n</sup>ð Þ <sup>2</sup><sup>t</sup> � <sup>m</sup> , (5)

g mð Þφ<sup>n</sup>ð Þ <sup>2</sup><sup>t</sup> � <sup>m</sup> , (6)

j,mð Þt dt (7)

h i, n <sup>¼</sup> <sup>0</sup>, <sup>1</sup>, …, <sup>2</sup><sup>j</sup> � 1. This is

<sup>p</sup> h i ωð Þt ; ωð Þ 2t � m , and the high-pass filter gives

<sup>2</sup><sup>j</sup>, where N is the ECG signal length [20]. Each sub-band

<sup>2</sup>jþ<sup>1</sup> ; <sup>n</sup>þ<sup>1</sup> 2jþ<sup>1</sup>

the WP tree corresponds to the entire frequency range, 0;

pair [19].

g mð Þ¼ <sup>1</sup>ffiffi 2

and j ¼ m ¼ 0 are given by

Figure 6. Removed (selected for encryption) coefficients for method 2.

from the repository is completely able to obfuscate features related to cardiovascular condition and person identification.

Therefore, this method provides higher ECG security by compromising larger key size (approximately 50%) as can be seen in Figure 6. Figure 5 shows that the reconstructed ECG signal does not contain any ECG features.

Both methods described above suffer from long key size and lack of complete obfuscation to the ECG data. The long key size requires wider bandwidth during transmission process of the key to the ECG repository. On the other hand, lack of complete obfuscation results in trivial interpretation of the anonymised ECG signal. Therefore, due to these two main reasons, other methods based on the wavelet packet were proposed and developed.
