Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

How to Hack Medical Imaging Applications via DICOM

Hack In The Box Security Conference via YouTube

Overview

Explore the world of medical imaging security in this 26-minute conference talk from the Hack In The Box Security Conference. Dive into a comprehensive security analysis of popular DICOM servers, protocols, and libraries used in medical imaging systems. Discover critical vulnerabilities in the DICOM ecosystem, learn how to identify and exploit these security flaws, and understand the importance of rapid bug fixing. Gain insights into successful strategies for uncovering weaknesses in medical imaging applications, with a focus on NVIDIA CLARA, SimpleITK, ORTHANC, DCMTK, and DICOM Network protocols. Follow along as Maria Nedyak, a developer at Bi.Zone and member of the Sibears CTF team, shares her expertise on topics such as heap buffer overflows, insecure APIs, CSRF, XXE, and fuzzing techniques specific to medical imaging systems.

Syllabus

Intro
AISec Team
Medical Imaging
NVIDIA CLARA
SimpleITK: Heap buffer overflow
SimpleITK: Buffer overflow
ORTHANC: IN THE WILD
ORTHANC: Insecure API
ORTHANC: CSRF
DCMTK: XXE
DCMTK: Insecure functionality xml2dcm utility allows to read local files
DICOM Network: Common methods
DICOM Network: Retrieving info
DICOM Network: Fuzzing
DCMTK: Fuzzing
Summary
DICOM: Usage statistics

Taught by

Hack In The Box Security Conference

Reviews

Start your review of How to Hack Medical Imaging Applications via DICOM

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.